home

SnapZipOutlook.dll

SnapZipOutlook

Capital Intellect Inc

The module SnapZipOutlook.dll by Capital Intellect Inc has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This file is typically installed with the program SnapZip 2008 by Winferno.com.
Publisher:
Winferno  (signed by Capital Intellect Inc)

Product:
SnapZipOutlook

Version:
2008.06

MD5:
6d342bb25cafcb931317e1ecfade3917

SHA-1:
9f9f7494772e33ec9ddeee63721f26ac426e2568

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/24/2024 9:54:17 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Win32.Generic
16.1.9.22

File size:
6.6 MB (6,972,776 bytes)

Product version:
2008.06

Copyright:
Copyright (c) 2000-2007 Capital Intellect Inc. All Rights Reserved.

Trademarks:
SnapZip(TM) Capital Intellect Inc. Copyright (c) 2000-2007 Capital Intellect Inc. All Rights Reserved.

Original file name:
SnapZipOutlook.dll

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\Program Files\winferno\snapzip\snapzipoutlook.dll

Digital Signature
Signed by:
Capital Intellect Inc

Authority:
VeriSign, Inc.

Valid from:
6/12/2006 8:00:00 PM

Valid to:
7/21/2008 7:59:59 PM

Subject:
CN=Capital Intellect Inc, OU=Winferno Software, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Capital Intellect Inc, L=Boston, S=Massachusetts, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
58F2516476A2A1A9643E4C242155D17A

Registration
CLSIDs:
{0CE347B0-9FE6-43E8-8A18-47E7F2D64478}, {52EDAD26-E7DF-4553-80E0-7ED349345773}

ProgIDs:
SnapZipOutlook.cnWordZip, SnapZipOutlook.cnCrunch

COM registered:
Yes

File PE Metadata
Compilation timestamp:
3/20/2008 10:43:32 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
24576:OYcnHKyWb1QQmWNQ0s+PzAU+95+61fOxV5aLNOKyWK7+pGMKyWivTfvpyxKyWyMv:OjnHKfNQ0oxE4pOKIMKvxK4W52fk

Entry address:
0x654C

Entry point:
5A, 68, 24, C2, 05, 11, 68, 28, C2, 05, 11, 52, E9, E7, FF, FF, FF, 00, 00, 00, 80, 00, 00, 00, 30, 00, 00, 00, 78, 00, 00, 00, 40, 00, 00, 00, 45, 14, DC, 48, C0, 9B, A7, 42, 8E, 9D, B2, E6, 47, 03, F0, 21, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 00, 00, 90, 47, 5A, 01, 53, 6E, 61, 70, 5A, 69, 70, 4F, 75, 74, 6C, 6F, 6F, 6B, 00, 00, 41, 75, 74, 6F, 6D, 61, 74, 65, 64, 20, 65, 6D, 61, 69, 6C, 20, 63, 6F, 6D, 70, 72, 65, 73, 73, 69, 6F, 6E, 20, 4F, 75, 74, 6C, 6F, 6F, 6B, 20, 61, 64, 64, 69, 6E, 20, 75, 73...
 
[+]

Entropy:
5.9512

Developed / compiled with:
Microsoft Visual Basic v6.0

Code size:
332 KB (339,968 bytes)

Automation Object
CLSID:
{0CE347B0-9FE6-43E8-8A18-47E7F2D64478}

CLSID name:
SnapZipOutlook.cnWordZip


The file SnapZipOutlook.dll has been discovered within the following program.

SnapZip 2008  by Winferno.com
www.Winferno.com
41% remove it
 
Powered by Should I Remove It?

Remove SnapZipOutlook.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.