winzip20-update.exe

WinZip

WinZip Computing LLC

Publisher:
WinZip Computing, S.L.  (signed by WinZip Computing LLC)

Product:
WinZip

Version:
1.0.220.1

MD5:
60d10d4d0233697aa64d25ea22102a80

SHA-1:
7e7440c041c64dcf2c7b74ba7783ba60fe6e3949

SHA-256:
6818e9bb604bdfa141e44721af5572501dbc66af7c4a2aa7e40972ee22f61e1e

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/24/2024 9:42:53 PM UTC  (today)

File size:
689.5 KB (706,016 bytes)

Product version:
1.0.220.1

Copyright:
WinZip Computing

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\microsoft\windows\inetcache\ie\{random}\winzip20-update.exe

Digital Signature
Authority:
GlobalSign nv-sa

Valid from:
4/17/2015 7:05:21 AM

Valid to:
4/17/2016 7:05:21 AM

Subject:
E=help@winzip.com, CN=WinZip Computing LLC, OU=IT, O=WinZip Computing LLC, L=Storrs Mansfield, S=CT, C=US

Issuer:
CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121D1D8286B82393399C853E44FF8AA3854

File PE Metadata
Compilation timestamp:
12/27/2015 5:58:03 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
12288:qzvZkpxJWKe7rHkj+bF/2kS7d9PuaIYNVbrzWLjB/LaIRNNEF8yqx4vRjxUY:m4e7rHjhS7TFprzWzEF8y9ZjmY

Entry address:
0x373EE

Entry point:
E8, B0, C5, 00, 00, E9, 00, 00, 00, 00, 6A, 14, 68, 10, A8, 46, 00, E8, FC, 93, 00, 00, E8, 13, 53, 00, 00, 0F, B7, F0, 6A, 02, E8, 43, C5, 00, 00, 59, B8, 4D, 5A, 00, 00, 66, 39, 05, 00, 00, 40, 00, 74, 04, 33, DB, EB, 33, A1, 3C, 00, 40, 00, 81, B8, 00, 00, 40, 00, 50, 45, 00, 00, 75, EB, B9, 0B, 01, 00, 00, 66, 39, 88, 18, 00, 40, 00, 75, DD, 33, DB, 83, B8, 74, 00, 40, 00, 0E, 76, 09, 39, 98, E8, 00, 40, 00, 0F, 95, C3, 89, 5D, E4, E8, 02, BD, 00, 00, 85, C0, 75, 08, 6A, 1C, E8, DC, 00, 00, 00, 59, E8...
 
[+]

Entropy:
7.1549

Code size:
353.5 KB (361,984 bytes)

The file winzip20-update.exe has been seen being distributed by the following 21 URLs.

http://link.email-winzip.com/u.d?O4GuTxwwuJytvt86jQVt-=2801

http://link.email-winzip.com/u.d?aYGuSiZjZhStvt87NJVt-=2801

http://link.email-winzip.com/u.d?E4GuSiZSNhytvt87NJVt7=2811

https://www.google.com/url?hl=fr&q=http://.../u.d?C4GuTxAFalytvt86jXVt-=2801&source=gmail&ust=1465071710279000&usg=AFQjCNEthLhmicDc2ZlYUAD9YMZLSsXRDw

http://link.email-winzip.com/u.d?A4GuSjk7lDStvt87NJVt-=2801

https://www.google.com/url?hl=it&q=http://.../u.d?G4GuTxAGEnStvt86jS1t-=2801&source=gmail&ust=1467389557455000&usg=AFQjCNHWYck3S_qC-coTj7dln3-WPIwF-A

https://www.google.com/url?hl=en&q=http://.../u.d?cYGuSiefwHytvt87NJVt-=2801&source=gmail&ust=1464952154650000&usg=AFQjCNEVrYoGPteldq5sHDOEhzXTlrW4Yg

http://link.email-winzip.com/u.d?PYGuSiZSj9ytvt87NJVt-=2801

http://link.email-winzip.com/u.d?KYGuTxxLoBStvt86jXVt-=2801

http://link.email-winzip.com/u.d?H4GuSiZgr4ytvt87NJVt-=2801

https://www.google.com/url?hl=en&q=http://.../u.d?c4GuSiej6pytvt87NJVt-=2801&source=gmail&ust=1463779936982000&usg=AFQjCNFRtxKTJx-bk4deLyyJhA5FbvK1Lg

http://link.email-winzip.com/u.d?B4GuTxxCsxStvt86jXVt-=2801

http://link.email-winzip.com/u.d?I4GuSiecP7ytvt87NJVt-=2801

Scan winzip20-update.exe - Powered by Reason Core Security