wzUninstall.exe

WinZipper

Yang Liu

The application wzUninstall.exe, “Winzipper uninstall application” by Yang Liu has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a self-extracting archive and installer and has been known to bundle potentially unwanted software. This is the uninstaller utility registered in the Windows Control Panel for the program WinZip by Winzipper Pvt Ltd..
Publisher:
Winzipper Pvt Ltd.  (signed by Yang Liu)

Product:
WinZipper

Description:
Winzipper uninstall application

Version:
2.0.0.1

MD5:
5417065a7ca41214ac6fef3dcfd2deb4

SHA-1:
36e438f0c905209d66b789a0cffebab31ae9efcc

SHA-256:
db75cdfd42c02ded98e0304c10fa0341a1d3f9982380ac7e8e52be67314e19df

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
12/25/2024 3:14:54 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Elex.Winzipper (M)
16.11.17.11

File size:
1 MB (1,075,352 bytes)

Product version:
2.0.0.1

Copyright:
Copyright (c) 2015 Winzipper Pvt Ltd. All Rights Reserved.

Original file name:
wzUninstall.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\winzipper\wzuninstall.exe

Digital Signature
Signed by:

Authority:
thawte, Inc.

Valid from:
4/5/2016 2:00:00 AM

Valid to:
11/26/2016 12:59:59 AM

Subject:
CN=Yang Liu, OU=Individual Developer, O=No Organization Affiliation, L=Beijing, S=Beijing, C=CN

Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:
6AB373564FDD3D50C7155164C5D7A5E9

File PE Metadata
Compilation timestamp:
3/28/2016 5:32:16 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
24576:6J40q0FAajRQ3yEJi6gCKMt4RADqgb/9TKwtqOt7x8yv:6TFl+mRa1TKwUOtSyv

Entry address:
0x85566

Entry point:
E8, EE, 65, 00, 00, E9, 7F, FE, FF, FF, 55, 8B, EC, 56, 8B, 75, 08, 85, F6, 75, 13, E8, 18, 2C, 00, 00, 6A, 16, 5E, 89, 30, E8, EE, 39, 00, 00, 8B, C6, EB, 24, 68, 80, 00, 00, 00, FF, 75, 10, FF, 75, 0C, E8, 17, 00, 00, 00, 83, C4, 0C, 89, 06, 85, C0, 74, 04, 33, C0, EB, 07, E8, E8, 2B, 00, 00, 8B, 00, 5E, 5D, C3, 6A, 0C, 68, E8, B4, 4D, 00, E8, 9F, 49, 00, 00, 33, C9, 89, 4D, E4, 33, C0, 8B, 7D, 08, 85, FF, 0F, 95, C0, 85, C0, 75, 17, E8, BF, 2B, 00, 00, C7, 00, 16, 00, 00, 00, E8, 94, 39, 00, 00, 33, C0...
 
[+]

Code size:
681.5 KB (697,856 bytes)

Program Uninstaller
Program name:
WinZip

Display publisher:
Winzipper Pvt Ltd.

Display version:
2.0.16

Uninstall string:
C:\Program Files (x86)\WinZipper\wzUninstall.exe


Remove wzUninstall.exe - Powered by Reason Core Security