jZip.exe

jZip

Discordia Limited

The application jZip.exe by Discordia Limited has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This file is typically installed with the program jZip by Discordia Limited which is a potentially unwanted software program.
Publisher:
Discordia Limited  (signed and verified)

Product:
jZip

Version:
1.2.0.46695

MD5:
5eb88739c808ae95bf4b87ce9ca93872

SHA-1:
cd73a493e6706d933e55eb10f2ccd5c409a4a8a0

SHA-256:
e7f0e92b9c5b9222cd8a1dee8cfb3ab7e55399aaea723edabf35996c52c998c3

Scanner detections:
1 / 68

Status:
Potentially unwanted

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
12/25/2024 2:06:59 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Discordia (M)
16.5.10.10

File size:
2.5 MB (2,651,584 bytes)

Product version:
1.2

Copyright:
Copyright (C) 2007 by Discordia Limited

Original file name:
jZip.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\jzip\jzip.exe

Digital Signature
Authority:
Thawte Consulting (Pty) Ltd.

Valid from:
6/20/2007 8:00:00 AM

Valid to:
7/12/2008 7:59:59 AM

Subject:
CN=Discordia Limited, OU=SECURE APPLICATION DEVELOPMENT, O=Discordia Limited, L=Limassol, S=Limassol, C=CY

Issuer:
CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:
11AFC84D429F1051969C3D383A099739

File PE Metadata
Compilation timestamp:
3/31/2008 10:12:25 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
49152:YH6hF0A88hMlMYqAuKvJxQP+9RUzNgXr:i6PVfDdixK+Y5g

Entry address:
0x17CAFF

Entry point:
E8, D0, C4, 00, 00, E9, 17, FE, FF, FF, 83, 3D, 88, 46, 5E, 00, 00, 74, 15, 68, 88, 46, 5E, 00, E8, B4, BA, 00, 00, 85, C0, 59, 74, 06, FF, 15, 88, 46, 5E, 00, E8, C0, 78, 00, 00, 85, C0, 74, 07, 50, E8, 66, 7A, 00, 00, 59, FF, 74, 24, 04, FF, 15, 40, C3, 5D, 00, CC, 6A, 0C, 68, 80, B3, 62, 00, E8, 1E, 74, 00, 00, E8, 10, 79, 00, 00, 83, 65, FC, 00, FF, 70, 58, FF, 50, 54, 50, E8, A6, FF, FF, FF, 8B, 45, EC, 8B, 08, 8B, 09, 89, 4D, E4, 50, 51, E8, 63, BB, 00, 00, 59, 59, C3, 8B, 65, E8, FF, 75, E4, E8, DF...
 
[+]

Entropy:
6.4061

Code size:
1.9 MB (1,945,600 bytes)

The file jZip.exe has been discovered within the following program.

jZip  by Discordia Limited
Publisher's description - “jZip lets you open files in many archive formats, including the popular RAR format. RAR files are compressed archives, which are files that are designed to store both single and groups of related files while minimizing their memory size to save on storage space.”
www.jzip.com
71% remove it
 
Powered by Should I Remove It?

Remove jZip.exe - Powered by Reason Core Security