wz19-mf.exe

WinZip Computing LLC

The program is a setup application that uses the Inno Setup installer. The file has been seen being downloaded from d.winzipsuperbfiles.com and multiple other hosts.
Publisher:
WinZip  (signed by WinZip Computing LLC)

Product:
WinZip

Version:
1.0.5.a0.1_37199

MD5:
7c021272e0cf64e172be1cced771c7a2

SHA-1:
012bcb904a06dbac27465c646e27fd016bec6043

SHA-256:
c919b9cda9af9d4383742dddfbf288df5ee9bb67c3cde669bab8a4894537e983

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/25/2024 7:38:54 PM UTC  (today)

File size:
1 MB (1,080,488 bytes)

Product version:
1.0.5.a0.1_37199

Copyright:
WinZip

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\wz19-mf.exe

Digital Signature
Authority:
GlobalSign nv-sa

Valid from:
2/10/2015 6:50:10 PM

Valid to:
2/11/2016 6:50:10 PM

Subject:
CN=WinZip Computing LLC, O=WinZip Computing LLC, S=Connecticut, C=US

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
11213AC849B929DBABC960315B5B9070927F

File PE Metadata
Compilation timestamp:
6/20/1992 4:22:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:kmJa7dm5K5c/WVHvy3NGwbIqWlWOJKyUpNUYPpLShl7uK:kMGA2PEN+txBYPshf

Entry address:
0xA5F8

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, CE, 8A, FF, FF, E8, D5, 9C, FF, FF, E8, 64, 9F, FF, FF, E8, 07, A0, FF, FF, E8, A6, BF, FF, FF, E8, 11, E9, FF, FF, E8, 78, EA, FF, FF, 33, C0, 55, 68, C9, AC, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 92, AC, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 26, F5, FF, FF, E8, 11, F1, FF, FF, 80, 3D, 34, B2, 40, 00, 00, 74, 0C, E8, 23, F6, FF, FF, 33, C0, E8, C4, 97, FF, FF, 8D, 55, F0, 33, C0, E8, B6, C5, FF, FF, 8B, 55...
 
[+]

Entropy:
7.8926

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
39.5 KB (40,448 bytes)

The file wz19-mf.exe has been seen being distributed by the following 50 URLs.

http://d.winzipsuperbfiles.com/c?fallback_url=http://download.winzip.com/winzip190.exe&x=e9u5sqVkWQWlZm8CuNY/.../g3vNh5WO6JPUjZP6VxfFKHWkx2IU6w==

http://cdn.winzipdelivery.com/c?fallback_url= &x=FlmjfsDbcllf9m7cjqwLQouAIGpXDeQJVtjrWHrLSWw=&downloadAs=wz19-mf.exe&c=4yc58Me6VuvWTKWrknn7hCjYsOHRULCPG/.../lU1sutA4vw99caUptRG6m9qLENXCZjg==

http://cdn.winzipdelivery.com/c?fallback_url= &x=gPKJpUIfwcnNfjiPzBDsmZGQ OMU8i l7qOXSjBTJyE=&downloadAs=wz19-mf.exe&c=S9Mv0Js3HxbSElaiVSytx69uAxqqgsVkEY MhhCiWQyf6n8Njuj0RYrED4dpt7sCvFtf5CsyvUGXvFTuNt4JFw==

http://cdn.winzipdelivery.com/c?fallback_url= &x=CHS7UTVFenI8pLOPPutcYPJMzIdrJtZ2XWHOJ3IyrhM=&downloadAs=wz19-mf.exe&c=mmtOiG qV7t9bRkWQBxR6unDL0JD76PZoE2urH5NnVP9 YBwmbOcQHWjWP82JqP6NUvfM7iLkG4EJPftnUFfKg==

http://cdn.winzipdelivery.com/c?fallback_url= &x=koKfcoG2tPq5cUa2uZvO8MOrt9vbUt oBjXfUBiB pg=&downloadAs=wz19-mf.exe&c=MEbtMa1l3fDcCfn/bmxwNKW4 ufu5ba7GNW1aOfOfopRqcQTDHhe8kKHnQZXP/.../BfEnRTzVdZgvA==

http://cdn.winzipdelivery.com/c?fallback_url= &x=SmFNtrTfbEgqQD3KFwYrpoy3LVeNo GntTaykRfl1ko=&downloadAs=wz19-mf.exe&c=9T4zJWwwPDAlXUFYouGVgWmKYOyzOdGqkDCq2RBeI7YWCtRCoOSNmxGp9QBOyrAqt8Ozof5BD2sezElGnndB7Q==

http://cdn.winzipdelivery.com/c?fallback_url= &x=HCughi9n /5/.../igNspHQ==

http://d.winzipsuperbfiles.com/c?fallback_url=http://.../winzip190.exe&x=xl9Gt1vyZ2krLrFKAx7rchGBeuPuJkThJ6ApmOuc4RI=&downloadAs=wz19-mf.exe&c=xfWRwXzNjFST109x nPj4UFrS6o7PTXpqA pXv4YXs1k sf3GmkdBgcwQtiQnPARF9W YOVRlJjS227BMqsBIg==

http://cdn.winziprepository.com/c?fallback_url= &x=G6rhQzjFKL39okDpo3n8jye4XwyQ3XrqdEqUzbQPv4c=&downloadAs=wz19-mf.exe&c=ukPSWei6CMovFZnRHv1 Bj/wTzhH/.../gwRGaULInyyw==

http://cdn.winzipdelivery.com/c?fallback_url= &x=yi03qZTADQ1P5CG3GBqeJ45ne/H/qTGVNEib4KFKGvA=&downloadAs=wz19-mf.exe&c=Vl mhazMpySM32d/.../TjQz ZyEHZmWWOOrjTf1cKzUBjxekg==

http://cdn.winzipdelivery.com/.../uvG4uS7DZE4Op2df4O61IpHqpc9Y=&downloadAs=wz19-mf.exe&c=z3bNUBZ X DBsHAhKJQ0j1kwE4Ycrwq6CYX2aWLmwvYTGPeKxLpxPLFHr1E3QVlDNan6E4s3snNeoFJIhjhS2Q==

http://cdn.winzipdelivery.com/.../5zx8mj7Voc=&downloadAs=wz19-mf.exe&c=VnUmglyf3o7yzBBcQ8KngqF9XAr0Cl5fmcR2unHl7dhaUzdNRFqyZLXiabUvXOrE8Jy7NVCZKy4sG2zqRAvB0w==

http://cdn.winzipdelivery.com/c?fallback_url= &x=Ns5YTE/.../Xfd45IRFXPS8Hj6zB1EiGgT56Ba8PVaZt7D8GRTx15XhLvGEuWb31ntyXEc g8oxjA==

http://d.winzipsuperbfiles.com/c?fallback_url= &x=mgRXWo2UNPFCbxYUlF5XpRQk6zp3UH5RFzM1K7X6riU=&downloadAs=wz19-mf.exe&c=zQYRhRncKekYPekqQ4zxMK9BoMbJ TOZifRnXJVzVs6RPkwixOP0UUpkjPziLCbDkkW2Shifle7QndyjzE9OAA==

http://cdn.winzipdelivery.com/c?fallback_url= &x=V77lBar9hDbmkYwWGO8uj94Mro/.../El5I794NAbal3myNAr3nAq4vhMrkSnQ==

http://cdn.winzipdelivery.com/.../kh6KMavUzGH2qxz7WZTIJct9V1sM=&downloadAs=wz19-mf.exe&c=U53b5bm2dNoMCdFzPCxEoonEpuVSu U1IzWSbmEnr1xfh sWls2z ZS RA4NIxOAxrCnlZrGx9EGBAuIKdidpw==

http://cdn.winzipdelivery.com/c?fallback_url= &x=Snt5WnMfwqajiH4EaO1wMToQKfDuUFqU1udOuZobh9Q=&downloadAs=wz19-mf.exe&c=KV5c5z0GZ1JwkTc9QwEfTeauUvKQZoKGybmAB3CFn0EoxiGm5m5oHUrQWk4zcArZRLwE8aCYzZyLeLiRZJwCWQ==

http://cdn.winzipdelivery.com/c?fallback_url= &x=VJ9YUZt44c2/Z5Dq4bcmUCr4V iw3KzXiKQmH5T/JIs=&downloadAs=wz19-mf.exe&c=rsTn0/.../oIjEuKEv0iQIEeNzHE7L5xX3aEty2RgIa8FdaW5YTdPt7bSxSIM8auy7cME v7OyIO2wambA==

http://d.winziplivefiles.com/c?fallback_url=http://.../winzip190.exe&x=nawn XThRsFZriliVXD4CxnHjd76Xcd 4z3En8uI16E=&downloadAs=wz19-mf.exe&c=BhiCkhY1EjrOfhtTmT0lidF1Pc33AIx2 0eTnM2tyHYzK ycFjUmqGKtiYVbSH62wo4nB4PIXdxDbrFF2EF1xA==

Latest 30 of 54 download URLs

Scan wz19-mf.exe - Powered by Reason Core Security