wzUninstall.exe

WinZipper

Yang Liu

The application wzUninstall.exe, “Winziper uninstall application” by Yang Liu has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a self-extracting archive and installer and has been known to bundle potentially unwanted software. This is the uninstaller utility registered in the Windows Control Panel for the program WinZip by Winzipper Pvt Ltd..
Publisher:
Winziper Pvt Ltd.  (signed by Yang Liu)

Product:
WinZipper

Description:
Winziper uninstall application

Version:
2.2.28.0

MD5:
631b0fe07d3add3f332b09a05ef69c2a

SHA-1:
8e29cbb6d5acbd8faaae9e5b6e337793a98e40e8

SHA-256:
0eb799cd7e079020d43a03c6da034a78f7732cf45f03c9257447bea12951aea8

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
12/25/2024 3:53:56 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Winzipper (M)
16.11.28.4

File size:
3.1 MB (3,291,184 bytes)

Product version:
2.2.28.0

Copyright:
Copyright (c) 2015 Winziper Pvt Ltd. All Rights Reserved.

Original file name:
wzUninstall.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\winzipper\wzuninstall.exe

Digital Signature
Signed by:

Authority:
thawte, Inc.

Valid from:
8/25/2016 12:00:00 AM

Valid to:
11/25/2016 11:59:59 PM

Subject:
CN=Yang Liu, OU=Individual Developer, O=No Organization Affiliation, L=Beijing, S=Beijing, C=CN

Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:
5B9AC0E738D05D822B857836B502792E

File PE Metadata
Compilation timestamp:
7/19/2016 2:27:57 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
24576:Jp3Ks2b2TTPje0yjjIKqerjDhKkAZTIsSunHY8:T3KATG3BJAZTIiHY

Entry address:
0x83A2D

Entry point:
E8, 28, 75, 00, 00, E9, 7F, FE, FF, FF, 55, 8B, EC, 8D, 45, 14, 50, 6A, 00, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, 16, 77, 00, 00, 83, C4, 14, 5D, C3, 55, 8B, EC, 83, 7D, 08, 00, 74, 2D, FF, 75, 08, 6A, 00, FF, 35, 20, 96, 4E, 00, FF, 15, 38, 92, 4A, 00, 85, C0, 75, 18, 56, E8, 9D, 22, 00, 00, 8B, F0, FF, 15, 58, 92, 4A, 00, 50, E8, A2, 22, 00, 00, 59, 89, 06, 5E, 5D, C3, 55, 8B, EC, 56, 8B, 75, 0C, 57, 33, FF, 85, F6, 74, 1B, 6A, E0, 33, D2, 58, F7, F6, 3B, 45, 10, 73, 0F, E8, 6A, 22, 00, 00, C7, 00, 0C...
 
[+]

Code size:
670 KB (686,080 bytes)

Program Uninstaller
Program name:
WinZip

Display publisher:
Winzipper Pvt Ltd.

Display version:
2.3.1

Uninstall string:
C:\Program Files\WinZipper\wzUninstall.exe


Remove wzUninstall.exe - Powered by Reason Core Security