stopzillaavm_setup.exe

SZSetup Application

IS3, INC.

This is a self-extracting archive and installer. The file has been seen being downloaded from downloader.stopzilla.com.
Publisher:
IS3, INC.  (signed and verified)

Product:
SZSetup Application

Description:
STOPzilla Setup

Version:
6.5.0.6

MD5:
5d1c141bf09dc74391c9c4039e95fe52

SHA-1:
f2059549c4131e6abed4d0726258db90e7264c2d

SHA-256:
4c3b70d99d886e3d626378ace3083b0c351b87c3ba30efffcc27bceb209bbd26

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/27/2024 9:23:52 AM UTC  (today)

File size:
2 MB (2,124,528 bytes)

Product version:
6.5.0.6

Copyright:
Copyright © 1994-2015 iS3, Inc.

Original file name:
SZSetup.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\stopzillaavm_setup.exe

Digital Signature
Signed by:

Authority:
Symantec Corporation

Valid from:
4/17/2015 4:00:00 AM

Valid to:
5/17/2018 3:59:59 AM

Subject:
CN="IS3, INC.", O="IS3, INC.", L=Boca Raton, S=Florida, C=US

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
6A60E39230DD686ADDC9991DB7CECEEF

File PE Metadata
Compilation timestamp:
6/23/2015 6:51:31 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
49152:nPizuc20+HGeakl+5wS4OQMRa5WXsseGVfLG9KcoVf0:nguc20+me1+5wS4OQMRG2DNhLG9Kc

Entry address:
0x13775F

Entry point:
E8, B7, 9B, 00, 00, E9, 7F, FE, FF, FF, 56, 6A, 04, 6A, 20, E8, 2A, A1, 00, 00, 59, 59, 8B, F0, 56, FF, 15, F4, 92, 56, 00, A3, 10, 58, 5D, 00, A3, 0C, 58, 5D, 00, 85, F6, 75, 05, 6A, 18, 58, 5E, C3, 83, 26, 00, 33, C0, 5E, C3, 6A, 0C, 68, 18, 1D, 5C, 00, E8, CC, 4D, 00, 00, 83, 65, E4, 00, E8, EF, 69, 00, 00, 83, 65, FC, 00, FF, 75, 08, E8, 23, 00, 00, 00, 59, 8B, F0, 89, 75, E4, C7, 45, FC, FE, FF, FF, FF, E8, 0B, 00, 00, 00, 8B, C6, E8, E3, 4D, 00, 00, C3, 8B, 75, E4, E8, CA, 69, 00, 00, C3, 55, 8B, EC...
 
[+]

Code size:
1.4 MB (1,474,048 bytes)

The file stopzillaavm_setup.exe has been seen being distributed by the following URL.

Scan stopzillaavm_setup.exe - Powered by Reason Core Security