zam.exe

AntiMalware

Zemana Ltd.

This is a setup program which is used to install the application. It runs as a separate (within the context of its own process) windows Service named “ZAM Controller Service”. The file has been seen being downloaded from dl9.zemanaltd.netdna-cdn.com.
Publisher:
Zemana Ltd.  (signed and verified)

Product:
AntiMalware

Description:
Zemana AntiMalware

Version:
2.1.1.929

MD5:
2ccef7a7b2aa0ffe40d8a892a92f63df

SHA-1:
7ef6f312ef127970c6d0ad5e3a719a0017cc1843

SHA-256:
8f78878adc7ba2253d858f32ce978dbe6301547fc4bde74d2044fdd7181b76c3

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/5/2024 9:45:47 AM UTC  (today)

File size:
9.3 MB (9,728,368 bytes)

Product version:
2.1.1.929

Copyright:
Zemana Ltd. All rights reserved.

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\zemana antimalware\zam.exe

Digital Signature
Signed by:

Authority:
DigiCert Inc

Valid from:
12/16/2014 2:00:00 AM

Valid to:
12/20/2017 2:00:00 PM

Subject:
CN=Zemana Ltd., O=Zemana Ltd., L=Edirne, C=TR

Issuer:
CN=DigiCert High Assurance Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
0210230FD364B469091B8A4440145E18

File PE Metadata
Compilation timestamp:
1/28/2015 5:44:35 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
5.0

CTPH (ssdeep):
98304:BA0vTwMeLjm4urH/wdQ3G8jiw2gY285hQfaZ4ZF62FVcMjgelQmGixwd:fEMVrsiwLQnxF+MjDQmtwd

Entry address:
0x2C2C

Entry point:
EB, 10, 66, 62, 3A, 43, 2B, 2B, 48, 4F, 4F, 4B, 90, E9, AC, 40, A3, 00, A1, 9F, 40, A3, 00, C1, E0, 02, A3, A3, 40, A3, 00, 52, 6A, 00, E8, 7D, F2, 62, 00, 8B, D0, 89, 15, A7, 40, A3, 00, E8, 5C, E5, 61, 00, 5A, E8, 9E, E2, 61, 00, E8, B1, E6, 61, 00, 6A, 00, E8, 92, AB, 62, 00, 59, 68, 48, 40, A3, 00, 6A, 00, E8, 51, F2, 62, 00, A3, A7, 40, A3, 00, 6A, 00, E9, BD, 99, 62, 00, E9, C4, AB, 62, 00, 33, C0, A0, 91, 40, A3, 00, C3, A1, A7, 40, A3, 00, C3, 60, BB, 00, 50, B0, BC, 53, 68, AD, 0B, 00, 00, C3, B9...
 
[+]

Code size:
6.2 MB (6,500,352 bytes)

Service
Display name:
ZAM Controller Service

Service name:
ZAMSvc

Type:
Win32OwnProcess


The file zam.exe has been seen being distributed by the following URL.

Scan zam.exe - Powered by Reason Core Security