home

tzagdemo.exe

PackageForTheWeb Stub

InstallShield Software Corporation

The program is a setup application that uses the InstallShield Setup installer. The file has been seen being downloaded from download.fileplanet.com.
Publisher:
InstallShield Software Corporation

Product:
PackageForTheWeb Stub

Version:
2.02.001

MD5:
144c8d8e39f7ceb00a15eb604b29686a

SHA-1:
7ab3965f1a3e3d8dd909ebc8002930c6ac5c9a48

SHA-256:
277b5430ca984d064002de54b9bc9b0d0911686f3faae1238c32c1e2f8007e8f

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/27/2024 12:12:48 AM UTC  (today)

File size:
14.4 MB (15,102,794 bytes)

Product version:
2.02.001

Copyright:
Copyright © 1996 InstallShield Software Corporation

Original file name:
STUB32.EXE

File type:
Executable application (Win32 EXE)

Installer:
InstallShield Setup

Common path:
C:\users\{user}\downloads\tzagdemo.exe

File PE Metadata
Compilation timestamp:
3/26/1998 4:31:20 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
5.0

CTPH (ssdeep):
393216:EtBKzGLxWwJG7HrtpGqIQngTH8Rl5qzfUxpNuf:Kxa7Vn08Rl5bgf

Entry address:
0xC110

Entry point:
60, 0F, AF, F3, 18, EC, 81, FD, 1C, 15, 00, 00, 74, 04, F3, C6, C0, 47, C6, C1, 88, 80, F7, 1C, 87, EE, 8B, DF, 81, F6, 62, 93, 15, 5C, F7, C7, 2F, D3, 00, 27, 68, 2C, 8B, E9, 00, 4A, 69, EE, C6, 2F, 5C, 3D, E8, AE, 00, 00, 00, 0A, C7, FE, C7, 85, C5, 23, D3, 21, C1, F2, 0F, AF, D9, F2, 8D, 15, 10, E6, 09, DD, 68, 7D, E3, 01, 00, 87, C8, 0F, AF, C7, 5F, 74, 02, FF, C8, 81, F7, E3, E2, 00, 00, 0C, 1A, 19, EA, 0F, C1, FD, 0F, B7, D9, 0F, AF, D8, 81, ED, 5F, 07, 00, 00, 88, EB, 3D, FB, 73, 8F, 01, B8, 8D, 69...
 
[+]

Entropy:
7.9980  (probably packed)

Code size:
67.5 KB (69,120 bytes)

The file tzagdemo.exe has been seen being distributed by the following URL.

http://download.fileplanet.com/ftp1/gamedemos/.../tzagdemo.exe

Scan tzagdemo.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.