home

z80simulatoride.exe

Z80 Simulator IDE

Oshon Software

This is a setup program which is used to install the application. The file has been seen being downloaded from doc-00-0c-docs.googleusercontent.com.
Publisher:
Oshon Software

Product:
Z80 Simulator IDE

Version:
9.55

MD5:
dc317845131e8083dee4233a8dd1060d

SHA-1:
26094642fef3e7588eb10f979c2e68039fcd1faa

SHA-256:
52752a98118d2cc374c85dce04511613015812a0e4a88906d8b217d9149db03e

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
11/4/2024 5:10:51 PM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Trojan.Agent
7.1.1

VIPRE Antivirus
Trojan.Crypt.XPACK.Gen
46678

File size:
1.2 MB (1,265,664 bytes)

Product version:
9.55

Original file name:
z80simulatoride.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\z80simulatoride.exe

File PE Metadata
Compilation timestamp:
3/23/2007 12:33:47 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
24576:5nXDP7Hzpn/4R1GQDyKgqLhPgso+o49+Gb8wBLowyRIzL7Do8l+u37fHRtpGkjdA:cR/DEe0Y

Entry address:
0x5D24

Entry point:
68, 84, 63, 40, 00, E8, EE, FF, FF, FF, 00, 00, 48, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, 23, 5F, 31, 9F, 20, 55, C4, 4B, 87, 06, 33, 97, E5, C3, 2E, 6E, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 31, 44, 32, 2D, 42, 45, 7A, 38, 30, 73, 69, 6D, 75, 6C, 61, 74, 6F, 72, 69, 64, 65, 00, 00, 31, 2E, 30, 23, 30, 23, 43, 00, 00, 00, 00, 90, 00, 00, 00, 00, 00, 00, 00, 02, 00, 00, 00, 2F, 00, 00, 00, 3D, F7, 42, D9, 72, 32, EA, 4A, BE, F0, DB, 49, 07, 45, 9B, 5A, 01, 00, 00, 00, 98, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual Basic v5.0

Code size:
1.2 MB (1,249,280 bytes)

The file z80simulatoride.exe has been seen being distributed by the following URL.

https://doc-00-0c-docs.googleusercontent.com/docs/securesc/oucibcvl5hf4cecho5m9pilrjsv8nb4u/vm6lvjrsa7m1crmihdla8boj8icfobat/1463508000000/17906487766928920494/.../0BxJv1Jm4atSRbnkxMjNhOVZuVEU?e=download

Scan z80simulatoride.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.