dup.exe

Taiwan Shui Mu Chih Ching Technology Limited

The application dup.exe by Taiwan Shui Mu Chih Ching Technology Limited has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. This file is typically installed with the program WinZipper by Taiwan Shui Mu Chih Ching Technology Limited. which is a potentially unwanted software program.
Publisher:

MD5:
2d0153d65f8c4057936fe98c0d81e0a1

SHA-1:
50f0b930a0b0b409a6445283ddfceee6da877e6e

SHA-256:
2555d3255e879b8d597dbb2050bd02082b15cff934894fe7c45ba8cd5c6c6e0b

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
11/23/2024 6:03:55 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Thinknice (M)
16.10.15.22

File size:
130.2 KB (133,288 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\winzipper\dup.exe

Digital Signature
Authority:
GlobalSign nv-sa

Valid from:
3/13/2013 4:15:13 AM

Valid to:
3/14/2014 4:15:13 AM

Subject:
CN=Taiwan Shui Mu Chih Ching Technology Limited, O=Taiwan Shui Mu Chih Ching Technology Limited, L=新北, S=台湾, C=TW

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121243D90C81CD8FEC70E99813154FB6459

File PE Metadata
Compilation timestamp:
6/8/2013 2:06:44 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
3072:ALgQBKQQj9UAKfVzM8G8koUOIbfO7QB31cy:unBQjOfVzCloUOIbfO63

Entry address:
0x13038

Entry point:
E8, 76, 06, 00, 00, E9, 6B, FD, FF, FF, 6A, 10, 68, 30, 89, 41, 00, E8, A2, 03, 00, 00, 33, C0, 89, 45, E0, 89, 45, FC, 89, 45, E4, 8B, 45, E4, 3B, 45, 10, 7D, 13, 8B, 75, 08, 8B, CE, FF, 55, 14, 03, 75, 0C, 89, 75, 08, FF, 45, E4, EB, E5, C7, 45, E0, 01, 00, 00, 00, C7, 45, FC, FE, FF, FF, FF, E8, 08, 00, 00, 00, E8, A9, 03, 00, 00, C2, 14, 00, 83, 7D, E0, 00, 75, 11, FF, 75, 18, FF, 75, E4, FF, 75, 0C, FF, 75, 08, E8, EA, FA, FF, FF, C3, CC, FF, 25, 74, 61, 41, 00, FF, 25, 78, 61, 41, 00, CC, CC, CC, CC...
 
[+]

Code size:
82 KB (83,968 bytes)

The file dup.exe has been discovered within the following program.

WinZipper  by Taiwan Shui Mu Chih Ching Technology Limited.
The free and trial versions bundle various potentually unwanted toolbars and web browser extensions including the AVG Toolbar which modifies the browser's search and home page settings..
www.winzipper.com
75% remove it
 
Powered by Should I Remove It?

Remove dup.exe - Powered by Reason Core Security