wzUninstall.exe

WinZipper

Yang Liu

The application wzUninstall.exe, “Winziper uninstall application” by Yang Liu has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup and installation application and has been known to bundle potentially unwanted software. This is the uninstaller utility registered in the Windows Control Panel for the program WinZip by Winzipper Pvt Ltd..
Publisher:
Winziper Pvt Ltd.  (signed by Yang Liu)

Product:
WinZipper

Description:
Winziper uninstall application

Version:
2.2.28.0

MD5:
9b3de05e66e771ff52ffbf30301527a8

SHA-1:
b3c512caf3b3423548232849359565fb39103f79

SHA-256:
8882161c55d2191510b54dd294866d55bd219df47668cf501fa512cf08390588

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
12/25/2024 4:10:36 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Winzipper (M)
16.11.16.5

File size:
2.1 MB (2,172,976 bytes)

Product version:
2.2.28.0

Copyright:
Copyright (c) 2015 Winziper Pvt Ltd. All Rights Reserved.

Original file name:
wzUninstall.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\winzipper\wzuninstall.exe

Digital Signature
Signed by:

Authority:
thawte, Inc.

Valid from:
8/25/2016 12:00:00 AM

Valid to:
11/25/2016 11:59:59 PM

Subject:
CN=Yang Liu, OU=Individual Developer, O=No Organization Affiliation, L=Beijing, S=Beijing, C=CN

Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:
5B9AC0E738D05D822B857836B502792E

File PE Metadata
Compilation timestamp:
7/19/2016 2:27:57 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
24576:Jp3Ks2b2TTPje0yjjIKqerjDhKkAZTIsSunHY8:T3KATG3BJAZTIiHY

Entry address:
0x83A2D

Entry point:
E8, 28, 75, 00, 00, E9, 7F, FE, FF, FF, 55, 8B, EC, 8D, 45, 14, 50, 6A, 00, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, 16, 77, 00, 00, 83, C4, 14, 5D, C3, 55, 8B, EC, 83, 7D, 08, 00, 74, 2D, FF, 75, 08, 6A, 00, FF, 35, 20, 96, 4E, 00, FF, 15, 38, 92, 4A, 00, 85, C0, 75, 18, 56, E8, 9D, 22, 00, 00, 8B, F0, FF, 15, 58, 92, 4A, 00, 50, E8, A2, 22, 00, 00, 59, 89, 06, 5E, 5D, C3, 55, 8B, EC, 56, 8B, 75, 0C, 57, 33, FF, 85, F6, 74, 1B, 6A, E0, 33, D2, 58, F7, F6, 3B, 45, 10, 73, 0F, E8, 6A, 22, 00, 00, C7, 00, 0C...
 
[+]

Code size:
670 KB (686,080 bytes)

Program Uninstaller
Program name:
WinZip

Display publisher:
Winzipper Pvt Ltd.

Display version:
2.3.1

Uninstall string:
C:\Program Files\WinZipper\wzUninstall.exe


Remove wzUninstall.exe - Powered by Reason Core Security