home

recordzilla.exe

Softdiv Software Sdn Bhd

The program is a setup application that uses the Inno Setup installer. The file has been seen being downloaded from doc-10-7k-docs.googleusercontent.com and multiple other hosts.
Publisher:
Softdiv Software Sdn Bhd  (signed and verified)

Description:
Recordzilla Setup

MD5:
d43d3b4c6bd567996a71f383c39743e0

SHA-1:
d955053334172ace208a32f741b6da85ce5c4b31

SHA-256:
a1b6d84d25cc311cc3cd4d3386e1bc4ee3b500458e54a6360a2a56d52525a4cf

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/27/2024 9:41:34 AM UTC  (today)

File size:
15.2 MB (15,893,520 bytes)

Copyright:
Copyright (C) 2001-2017 Softdiv Software Sdn Bhd

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Language:
English (United States)

Common path:
C:\users\{user}\downloads\recordzilla.exe

Digital Signature
Signed by:
Softdiv Software Sdn Bhd

Authority:
COMODO CA Limited

Valid from:
5/10/2016 1:00:00 AM

Valid to:
5/11/2017 12:59:59 AM

Subject:
CN=Softdiv Software Sdn Bhd, O=Softdiv Software Sdn Bhd, STREET="216, Jalan Permai, Taman Bukit Gambier", L=Gelugor, S=Penang, PostalCode=11700, C=MY

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00FB76E34BC389BE652FDDCD1CA7C7D2D6

File PE Metadata
Compilation timestamp:
6/19/1992 11:22:17 PM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
393216:1bgHuCuxqMVy5wqZ3S/qYE3mlmsQRgYdp8kWX9RidGaplfpRRnj:1DyX5Y82wsFj3EHfhj

Entry address:
0x98D8

Entry point:
55, 8B, EC, 83, C4, CC, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, EE, 97, FF, FF, E8, F5, A9, FF, FF, E8, 20, CC, FF, FF, E8, 67, CC, FF, FF, E8, 0A, F3, FF, FF, E8, 71, F4, FF, FF, 33, C0, 55, 68, 82, 9F, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 38, 9F, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, B0, 40, 00, E8, 9B, FE, FF, FF, E8, 26, FA, FF, FF, 8D, 55, F0, 33, C0, E8, E0, D0, FF, FF, 8B, 55, F0, B8, D4, BD, 40, 00, E8, 9F, 98, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, D4, BD, 40, 00, B2, 01, B8...
 
[+]

Entropy:
7.9999

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
36 KB (36,864 bytes)

The file recordzilla.exe has been seen being distributed by the following 3 URLs.

https://doc-10-7k-docs.googleusercontent.com/docs/securesc/tsbsela7mas4f0160bpi5mcmb5gdm22m/1ae989lbjsut3ia18rsemugqo0aro0vq/1478541600000/.../10239917222326450046/0B8t4KkpwJW6RWk82Q3ljMU5PcmM?e=download

http://netdna.recordzilla.com/recordzilla.exe

http://dw.uptodown.com/dwn/EAHQr9LMRxHYsXqIg3OefxL2b97LpbfvMuT4Hr3qFnJljZpO5kr0lWMenVKfCKDM7OOUkv5z8qZWTerogZa-aG5c4tk8uQEyy-XQeos038E99wvU0zs2I5Z_8pL7jG0E/rA9b3oc98Lw0ElBqjiNsx-kF3LkTWeR6U4KyCb3pTNuPwK2h1D-c0Srw4KL01J4-4ly_OXHNSvwaHNRZCTCiEZMJrNoMcxI1XcMyqDXDPN5cAYFfF2dOVVf0YH30uoaz/FPednSHGxi7zS1H9VNWMFDlNtIWof5o66VJ_AyheqAMNvfbe-5R7r2Bsu0R4RoNkWKkYttOXajHo8IGLmHnW0zN9BmjmQChPwv7_Nmy59smQjuuAoRxCNAJ5n9nmrCto/.../

Scan recordzilla.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.