home

joinme(plus).exe

ZTE CORPORATION

This is a setup program which is used to install the application. This is installed with ZTE Handset USB Driver. The file has been seen being downloaded from joinme.software.informer.com and multiple other hosts.
Publisher:
ZTE CORPORATION  (signed and verified)

MD5:
140e4bb873cac94b73ea205ed3583f20

SHA-1:
ff7c62a1257daae643deda8c877863ef9bc7ea3f

SHA-256:
436406c397d0a326c2b41d102331e13b42ec98cdd56eb27fb66303e4d59241d3

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/24/2024 12:25:20 AM UTC  (today)

File size:
446.3 KB (457,000 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\joinme(plus).exe

Digital Signature
Signed by:
ZTE CORPORATION

Authority:
VeriSign, Inc.

Valid from:
3/8/2012 7:00:00 PM

Valid to:
4/25/2015 7:59:59 PM

Subject:
CN=ZTE CORPORATION, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=ZTE CORPORATION, L=Shenzhen, S=Guangdong, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
48D6383A8D149C1CDCE69A728BDD24F6

File PE Metadata
Compilation timestamp:
3/7/2014 3:14:53 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
6144:RooYqmaFRIjtcuKtr4O5SnSdMUOx5BGZs/8OTNB30smokZgNBqLbUGfC1J0R:WofFRIj+uK5ROSYrL/txmlsMvTfEJ0R

Entry address:
0x5DB0

Entry point:
55, 8B, EC, 6A, FF, 68, B8, C8, 40, 00, 68, 24, 72, 40, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 10, 53, 56, 57, 89, 65, E8, FF, 15, 78, B0, 40, 00, 33, D2, 8A, D4, 89, 15, D4, 0E, 41, 00, 8B, C8, 81, E1, FF, 00, 00, 00, 89, 0D, D0, 0E, 41, 00, C1, E1, 08, 03, CA, 89, 0D, CC, 0E, 41, 00, C1, E8, 10, A3, C8, 0E, 41, 00, 6A, 00, E8, BE, 12, 00, 00, 59, 85, C0, 75, 08, 6A, 1C, E8, 9A, 00, 00, 00, 59, 83, 65, FC, 00, E8, 88, 0F, 00, 00, FF, 15, 74, B0, 40, 00, A3, F8, 23, 41, 00, E8...
 
[+]

Entropy:
7.6565

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
40 KB (40,960 bytes)

The file joinme(plus).exe has been discovered within the following program.

ZTE Handset USB Driver  by ZTE Corporation
The ZTE Handset USB Driver comes with various handset models and provides a utility and device drivers used to connect the hadnset to the PC through the PC's USB connection.
www.zte.com.cn
About 9% of users remove it
 
Powered by Should I Remove It?

The file joinme(plus).exe has been seen being distributed by the following 4 URLs.

http://joinme.software.informer.com/.../

http://joinme.ztems.com/download.aspx?type=pls

http://joinme.oss-cn-hangzhou.aliyuncs.com/JoinMe(Plus).exe

http://joinme.ztedevice.com/download.aspx?type=pls

Scan joinme(plus).exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.