home

winzip20-update.exe

WinZip

WinZip Computing LLC

Publisher:
WinZip Computing, S.L.  (signed by WinZip Computing LLC)

Product:
WinZip

Description:
WinZip Installer

Version:
1.0.161.1

MD5:
838271cf82257d7e3e5351f39747d907

SHA-1:
477ab3e9c9802a6fb53fc40776ee0f165946120e

SHA-256:
17cdac69327592b2e164db30f1103ef2f41135cab16cdbcbec9c5b74ed82f65e

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/24/2024 9:50:36 PM UTC  (today)

File size:
843.3 KB (863,544 bytes)

Product version:
1.0.161.1

Copyright:
WinZip Computing

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\winzip20-update.exe

Digital Signature
Signed by:
WinZip Computing LLC

Authority:
GlobalSign nv-sa

Valid from:
4/17/2015 3:05:21 PM

Valid to:
4/17/2016 3:05:21 PM

Subject:
E=help@winzip.com, CN=WinZip Computing LLC, OU=IT, O=WinZip Computing LLC, L=Storrs Mansfield, S=CT, C=US

Issuer:
CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121D1D8286B82393399C853E44FF8AA3854

File PE Metadata
Compilation timestamp:
10/30/2015 6:34:22 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
12288:sCIIVfVj9KS5gPso/J7F6cW95SI4qWzBLbJRNNEF8yqO4viPRyo:SIFKSuVJ7kcO/WlLbnEF8yiIL

Entry address:
0x347AE

Entry point:
E8, 40, C5, 00, 00, E9, 00, 00, 00, 00, 6A, 14, 68, D8, 75, 46, 00, E8, 8C, 93, 00, 00, E8, A3, 52, 00, 00, 0F, B7, F0, 6A, 02, E8, D3, C4, 00, 00, 59, B8, 4D, 5A, 00, 00, 66, 39, 05, 00, 00, 40, 00, 74, 04, 33, DB, EB, 33, A1, 3C, 00, 40, 00, 81, B8, 00, 00, 40, 00, 50, 45, 00, 00, 75, EB, B9, 0B, 01, 00, 00, 66, 39, 88, 18, 00, 40, 00, 75, DD, 33, DB, 83, B8, 74, 00, 40, 00, 0E, 76, 09, 39, 98, E8, 00, 40, 00, 0F, 95, C3, 89, 5D, E4, E8, 92, BC, 00, 00, 85, C0, 75, 08, 6A, 1C, E8, DC, 00, 00, 00, 59, E8...
 
[+]

Entropy:
7.0303

Code size:
341 KB (349,184 bytes)

The file winzip20-update.exe has been seen being distributed by the following 10 URLs.

http://link.email-winzip.com/u.d?HYGuDQDm8Wytvt85gJB=1

http://link.email-winzip.com/u.d?E4GuDQDmSHytvt85gJB=1

http://link.email-winzip.com/u.d?f4GuDQBDv4ytvt85gJRs=41

http://link.email-winzip.com/u.d?S4GuDQELmXytvt85gJQ-=141

http://link.email-winzip.com/u.d?OYGuDQBA9Uytvt85gJB=1

http://link.email-winzip.com/u.d?GYGuDQEJBWytvt85gJRs=41

http://link.email-winzip.com/u.d?NYGuDQF5FUStvt85gJRs=41

http://link.email-winzip.com/u.d?C4GuDQBE6Oytvt85gJRs=41

http://link.email-winzip.com/u.d?Q4GuDQBEnbStvt85gJQ-=141

http://download.winzip.com/gl/.../winzip20-update.exe

Scan winzip20-update.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.