» OZIPUninstall.exe
Overview
Analysis
File Details
Behaviors (1)

OZIPUninstall.exe

OZIPUninstall

Hongkong zoekyu Technology Limited

The application OZIPUninstall.exe by Hongkong zoekyu Technology Limited has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a self-extracting archive and installer and has been known to bundle potentially unwanted software. This is the uninstaller utility registered in the Windows Control Panel for the program OZIP 1.3.36 by Zoekyu Technology Limited.

File name:

OZIPUninstall.exe

Publisher:

Zoekyu Technology Limited (signed by Hongkong zoekyu Technology Limited)

Product:

OZIPUninstall

Version:

1.3.16.0

MD5:

d4a79242e4e4289c787428b5bfa52848

SHA-1:

187b985337feb91d397e560000a77673c27d2105

SHA-256:

a2f812ef2d1746d09501b1cde7c2d78a01c173b11403cb822de96dc97913db2d

Scanner detections:

1 / 68

Status:

Potentially unwanted

Analysis date:

2/24/2025 10:32:37 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

Adware.Yessearches.Hongkong.Installer.Meta (M)

16.5.12.19

File size:

3.2 MB (3,330,136 bytes)

Product version:

1.3.16.0

Original file name:

OZIPUninstall.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\ozip\ozipuninstall.exe

Digital Signature

Signed by:

Hongkong zoekyu Technology Limited

Authority:

GlobalSign nv-sa

Valid from:

8/31/2015 12:52:51 PM

Valid to:

8/31/2016 12:52:51 PM

Subject:

CN=Hongkong zoekyu Technology Limited, O=Hongkong zoekyu Technology Limited, L=香港, S=香港, C=HK

Issuer:

CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:

1121A7482C0A326B72D75AEE1323E44001AB

File PE Metadata

Compilation timestamp:

1/21/2016 8:00:40 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

12.0

CTPH (ssdeep):

98304:boM8foMgLQ+j2XZ0b5UyPKlgHwjNFLOAkGkzdnEVomFHKnPT9v:jMhi2mKlgH+NFLOyomFHKnPTF

Entry address:

0x130567

Entry point:

E8, 0E, 7A, 00, 00, E9, 7F, FE, FF, FF, 3B, 0D, 50, E0, 5A, 00, 75, 02, F3, C3, E9, C9, 0D, 00, 00, 55, 8B, EC, 8B, 45, 14, 56, 85, C0, 74, 3C, 83, 7D, 08, 00, 75, 13, E8, D7, 32, 00, 00, 6A, 16, 5E, 89, 30, E8, B9, 80, 00, 00, 8B, C6, EB, 25, 83, 7D, 10, 00, 74, E7, 39, 45, 0C, 73, 09, E8, B9, 32, 00, 00, 6A, 22, EB, E0, 50, FF, 75, 10, FF, 75, 08, E8, 8C, 00, 00, 00, 83, C4, 0C, 33, C0, 5E, 5D, C3, 55, 8B, EC, FF, 75, 0C, 6A, 00, FF, 75, 08, 68, E3, 87, 53, 00, E8, 05, 00, 00, 00, 83, C4, 10, 5D, C3, 55... 
[+]

Code size:

1.3 MB (1,406,464 bytes)

Program Uninstaller

Program name:

OZIP 1.3.36

Display publisher:

Zoekyu Technology Limited

Display version:

1.3.36

Uninstall string:

C:\Program Files\OZIP\OZIPUninstall.exe

Remove OZIPUninstall.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.