home

speedzooka.exe

SpeedZooka

Zookaware, LLC.

The application speedzooka.exe by Zookaware has been detected as a potentially unwanted program by 2 anti-malware scanners. It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘SpeedZooka’.
Publisher:
ZookaWare  (signed by Zookaware, LLC.)

Product:
SpeedZooka

Version:
4.56.18.2064

MD5:
2629ec1aa4e265f3a0cbc1981fda2d94

SHA-1:
a4c2b23658dd0a5f3be2e9eebe61f1a2baea8023

SHA-256:
f3bf5d0fbe1c16693c6ce24c0475258271defbd6f27a5909d1ed5bfa07bfbb75

Scanner detections:
2 / 68

Status:
Potentially unwanted

Analysis date:
12/27/2024 4:32:55 AM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
Win32/Adware.RegGenie (variant)
9.10370

Reason Heuristics
PUP.Optional.Zookaware.Startup
15.12.19.16

File size:
32.2 MB (33,732,408 bytes)

Product version:
4.44.11.636

Copyright:
© ZookaWare All rights reserved

Trademarks:
SpeedZooka

Original file name:
SpeedZooka

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\speedzooka\speedzooka.exe

Digital Signature
Signed by:
Zookaware, LLC.

Authority:
Symantec Corporation

Valid from:
8/29/2014 5:00:00 PM

Valid to:
8/29/2017 4:59:59 PM

Subject:
CN="Zookaware, LLC.", O="Zookaware, LLC.", L=Anchorage, S=Alaska, C=US, SERIALNUMBER=10007133, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.2=Alaska, OID.1.3.6.1.4.1.311.60.2.1.3=US

Issuer:
CN=Symantec Class 3 Extended Validation Code Signing CA - G2, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
667978587A1B16965ABBDEF8C3BB6F5B

File PE Metadata
Compilation timestamp:
6/19/1992 3:22:17 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
196608:lvJnbLqWiMwe4BRbQrmN0CF4CMkNLDjFWB0NkbUqgZHgqGdwNaxZUHbOifFHhOV9:5JbLqrMweVrmNAIvPp1iuBHgd

Entry address:
0x4DB0B4

Entry point:
55, 8B, EC, 83, C4, E4, 53, 56, 57, 33, C0, 89, 45, E8, 89, 45, E4, 89, 45, EC, B8, 6C, 9E, 8D, 00, E8, 2E, CA, B2, FF, 33, C0, 55, 68, 85, B3, 8D, 00, 64, FF, 30, 64, 89, 20, 68, 94, B3, 8D, 00, 6A, FF, 6A, 00, E8, D6, D0, B2, FF, 8B, F0, 85, F6, 0F, 84, 72, 02, 00, 00, E8, 2F, D3, B2, FF, 85, C0, 0F, 85, 65, 02, 00, 00, B8, A8, B3, 8D, 00, E8, 4D, CC, D4, FF, 6A, 00, 68, BC, B3, 8D, 00, E8, 49, DD, B2, FF, 85, C0, 0F, 97, C3, 6A, 00, 68, C8, B3, 8D, 00, E8, 38, DD, B2, FF, 85, C0, 74, 0F, 84, DB, 75, 0B...
 
[+]

Entropy:
5.9949

Developed / compiled with:
Microsoft Visual C++

Code size:
4.9 MB (5,088,768 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
SpeedZooka

Command:
"C:\Program Files\speedzooka\speedzooka.exe"


Remove speedzooka.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.