home

z_equiv.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from www.ugr.es.
MD5:
3200c6b7711f16265c8bc5cd055273fa

SHA-1:
5282777e325db1defaaded9848af7c69fbb7942f

SHA-256:
0ef3301b601f0d445df7d0ba11854566102f4c70a39399cdc7f8f4b3136167be

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
11/23/2024 10:19:57 AM UTC  (today)

Scan engine
Detection
Engine version

Trend Micro House Call
TROJ_GEN.F47V0405
7.2.203

File size:
64 KB (65,517 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\z_equiv.exe

File PE Metadata
Compilation timestamp:
12/20/2021 8:58:32 PM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
2.25

CTPH (ssdeep):
1536:0N1P6Q58pWYLg2XgLFiNrLLdByQ+YK9p6GydT:k1SQsY5iNrLLdBy/+1

Entry address:
0x10000

Entry point:
A1, 59, 00, 42, 00, C1, E0, 02, A3, 5D, 00, 42, 00, 57, 51, 33, C0, BF, 40, 25, 42, 00, B9, D4, 29, 42, 00, 3B, CF, 76, 05, 2B, CF, FC, F3, AA, 59, 5F, 64, 67, 8B, 16, 04, 00, 8B, 42, F8, A3, 61, 00, 42, 00, 8B, 42, FC, A3, 65, 00, 42, 00, 83, EA, 04, 89, 15, AC, 25, 42, 00, 83, EA, 04, 3B, D4, 73, 02, 8B, E2, 6A, 00, E8, 12, 22, 00, 00, 59, 68, 2C, 00, 42, 00, 6A, 00, E8, 75, 93, 00, 00, A3, 6A, 00, 42, 00, 6A, 00, E9, DE, 5F, 00, 00, E9, AD, 22, 00, 00, 00, 55, 8B, EC, 8D, 45, 0C, 50, 8B, 45, 08, 50, 6A...
 
[+]

Code size:
37.5 KB (38,400 bytes)

The file z_equiv.exe has been seen being distributed by the following URL.

http://www.ugr.es/local/.../Z_EQUIV.EXE

Scan z_equiv.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.