» winzip19es.exe
Overview
Analysis
File Details

winzip19es.exe

WinZip Computing LLC

File name:

winzip19es.exe

Publisher:

WinZip Computing LLC (signed and verified)

MD5:

dfdb494c2dc23b270c177277ac82a973

SHA-1:

3060b19352cf07fef692fc4c30669ff179ddb6b7

SHA-256:

3bf402a9dabfd9519c64bfe835170fafae981950008ccf3dd735cf01fbfb9e4b

Scanner detections:

1 / 68

Status:

Inconclusive (not enough data for an accurate detection)

Analysis date:

11/23/2024 7:43:00 AM UTC (today)

Scan engine

Detection

Engine version

Dr.Web

Trojan.InstallCore.62

9.0.1.05190

File size:

861.3 KB (881,984 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\winzip19es.exe

Digital Signature

Signed by:

WinZip Computing LLC

Authority:

DigiCert Inc

Valid from:

2/7/2015 9:00:00 PM

Valid to:

12/9/2015 9:00:00 AM

Subject:

CN=WinZip Computing LLC, O=WinZip Computing LLC, S=Connecticut, L=Mansfield, C=US, SERIALNUMBER=3952106, OID.1.3.6.1.4.1.311.60.2.1.2=Delaware, OID.1.3.6.1.4.1.311.60.2.1.3=US, OID.2.5.4.15=Private Organization

Issuer:

CN=DigiCert EV Code Signing CA (SHA2), OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:

07D6D1C205EA8F9307404B7DE7AD6A55

File PE Metadata

Compilation timestamp:

6/19/1992 7:22:17 PM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

24576:cLry0a58aPAG7EhUetccoT1AFqNwgLqCdF3T1PpMMMO:cq7fPAcEYAFqGgLqCr3T1Pp9

Entry address:

0x9C40

Entry point:

FF, 8B, 55, DC, 58, E8, 3A, 91, FF, FF, 8B, 55, F0, B9, 40, B2, 40, 00, A1, 3C, CE, 40, 00, E8, D0, F7, FF, FF, 83, 3D, 3C, B2, 40, 00, FF, 74, 0A, A1, 3C, B2, 40, 00, E8, 9D, F6, FF, FF, 33, C0, 5A, 59, 59, 64, 89, 10, 68, 87, A2, 40, 00, A1, 28, CE, 40, 00, E8, 26, 87, FF, FF, 83, 3D, 3C, CE, 40, 00, 00, 74, 19, 6A, 32, 68, FA, 00, 00, 00, B9, 0D, 00, 00, 00, 8B, 15, 3C, CE, 40, 00, 33, C0, E8, B8, F2, FF, FF, 83, 3D, 34, CE, 40, 00, 00, 74, 10, A1, 34, CE, 40, 00, E8, E1, 91, FF, FF, 50, E8, 83, A2, FF... 
[+]

Code size:

37 KB (37,888 bytes)

Scan winzip19es.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.