home

SnapZip.exe

SnapZip

Capital Intellect Inc

The application SnapZip.exe by Capital Intellect Inc has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This file is typically installed with the program SnapZip 2013 by Winferno.com.
Publisher:
Capital Intellect, Inc  (signed by Capital Intellect Inc)

Product:
SnapZip(TM)

Description:
SnapZip

Version:
2013.01.0013

MD5:
eeac3a6904862362a9e3bbbcf5569eb2

SHA-1:
679acb215b948d8a6e7d2b72d904e97aebaeb8ab

SHA-256:
96a32bf54c5cc5ab5483b5a42674f64453bf40163a66c70d008ff227d45d47f5

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/24/2024 6:41:12 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Win32.Generic
16.11.9.21

File size:
7.4 MB (7,804,904 bytes)

Product version:
2013.01.0013

Copyright:
Copyright (c) 2000-2012 Capital Intellect Inc. All Rights Reserved.

Trademarks:
SnapZip(TM) Capital Intellect Inc. Copyright (c) 2000-2010 Capital Intellect Inc. All Rights Reserved.

Original file name:
SnapZip.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\winferno\snapzip\snapzip.exe

Digital Signature
Signed by:
Capital Intellect Inc

Authority:
VeriSign, Inc.

Valid from:
7/19/2011 7:00:00 PM

Valid to:
7/20/2014 6:59:59 PM

Subject:
CN=Capital Intellect Inc, OU=Winferno Software, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Capital Intellect Inc, L=Boston, S=Massachusetts, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
197FCA08FE62EEB9A434DA3987E23171

File PE Metadata
Compilation timestamp:
6/21/2012 3:04:26 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
49152:r26MFfHussPdpkh0vUpsw5VswHev/222kl6DLfhqMCKkwt7PX:1MFfHusb0vUpsw5VswHev/222kl6D97/

Entry address:
0xF434

Entry point:
68, 28, FD, 40, 00, E8, EE, FF, FF, FF, 00, 00, 48, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 38, 00, 00, 00, BA, 89, CD, 20, 47, 53, 6A, 49, 89, D4, 3B, 16, 99, F3, F3, 41, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 44, 2D, 38, 46, 34, 38, 53, 6E, 61, 70, 5A, 69, 70, 00, 53, 6E, 61, 70, 5A, 69, 70, 00, 00, 32, 23, 30, 22, 3B, 20, 22, C0, 00, 00, 00, 90, 00, 00, 00, 00, 00, 00, 00, 02, 00, 00, 00, 2D, 00, 00, 00, 54, 47, 10, B2, CA, 88, C4, 4E, 87, AE, A4, 4D, 1C, D2, 68, 28, 01, 00, 00, 00, A0, 00, 00, 00...
 
[+]

Entropy:
4.6942

Developed / compiled with:
Microsoft Visual Basic v5.0

Code size:
860 KB (880,640 bytes)

The file SnapZip.exe has been discovered within the following program.

SnapZip 2013  by Winferno.com
www.Winferno.com
41% remove it
 
Powered by Should I Remove It?

Remove SnapZip.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.