winzip19es.exe

WinZip Computing LLC

Publisher:
WinZip Computing LLC  (signed and verified)

MD5:
dfdb494c2dc23b270c177277ac82a973

SHA-1:
3060b19352cf07fef692fc4c30669ff179ddb6b7

SHA-256:
3bf402a9dabfd9519c64bfe835170fafae981950008ccf3dd735cf01fbfb9e4b

Scanner detections:
1 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
11/23/2024 7:43:00 AM UTC  (today)

Scan engine
Detection
Engine version

Dr.Web
Trojan.InstallCore.62
9.0.1.05190

File size:
861.3 KB (881,984 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\winzip19es.exe

Digital Signature
Authority:
DigiCert Inc

Valid from:
2/7/2015 9:00:00 PM

Valid to:
12/9/2015 9:00:00 AM

Subject:
CN=WinZip Computing LLC, O=WinZip Computing LLC, S=Connecticut, L=Mansfield, C=US, SERIALNUMBER=3952106, OID.1.3.6.1.4.1.311.60.2.1.2=Delaware, OID.1.3.6.1.4.1.311.60.2.1.3=US, OID.2.5.4.15=Private Organization

Issuer:
CN=DigiCert EV Code Signing CA (SHA2), OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
07D6D1C205EA8F9307404B7DE7AD6A55

File PE Metadata
Compilation timestamp:
6/19/1992 7:22:17 PM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:cLry0a58aPAG7EhUetccoT1AFqNwgLqCdF3T1PpMMMO:cq7fPAcEYAFqGgLqCr3T1Pp9

Entry address:
0x9C40

Entry point:
FF, 8B, 55, DC, 58, E8, 3A, 91, FF, FF, 8B, 55, F0, B9, 40, B2, 40, 00, A1, 3C, CE, 40, 00, E8, D0, F7, FF, FF, 83, 3D, 3C, B2, 40, 00, FF, 74, 0A, A1, 3C, B2, 40, 00, E8, 9D, F6, FF, FF, 33, C0, 5A, 59, 59, 64, 89, 10, 68, 87, A2, 40, 00, A1, 28, CE, 40, 00, E8, 26, 87, FF, FF, 83, 3D, 3C, CE, 40, 00, 00, 74, 19, 6A, 32, 68, FA, 00, 00, 00, B9, 0D, 00, 00, 00, 8B, 15, 3C, CE, 40, 00, 33, C0, E8, B8, F2, FF, FF, 83, 3D, 34, CE, 40, 00, 00, 74, 10, A1, 34, CE, 40, 00, E8, E1, 91, FF, FF, 50, E8, 83, A2, FF...
 
[+]

Code size:
37 KB (37,888 bytes)

Scan winzip19es.exe - Powered by Reason Core Security