home

zapgrab2.exe

Zapgrab

Microsoft Corporation

This is a setup program which is used to install the application. The file has been seen being downloaded from webmail.ideacellular.com and multiple other hosts.
Publisher:
Microsoft Corporation

Product:
Zapgrab

Description:
Zapgrab Example Application

Version:
3.3

MD5:
f1f9ca2dc27545cf22b04fb6acf91319

SHA-1:
447c509a333fe5814c25fb3bf8f00523701d6ed2

SHA-256:
ae7d98f9ae0e8099dc9fc721b0ae29a2db632424bf8a0dc4e9c7c00c44b57801

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/17/2024 5:28:07 AM UTC  (today)

File size:
24.5 KB (25,088 bytes)

Product version:
3.2

Copyright:
Copyright © Microsoft Corp. 1990 - 1993

Trademarks:
Microsoft® is a registered trademark of Microsoft Corporation. Windows(TM) is a trademark of Microsoft Corporation

File type:
Executable application (Win32 EXE)

Language:
English (United States)

File PE Metadata
Compilation timestamp:
5/22/1996 3:49:01 PM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.55

CTPH (ssdeep):
384:dmUlYXz7fmflFXA96JZeg4iQlV477L6P9K/tzuW1BM3+:d6sFwzg4iQlVS2PgM3

Entry address:
0x1BC0

Entry point:
64, A1, 00, 00, 00, 00, 55, 8B, EC, 6A, FF, 68, 58, 50, 40, 00, 68, 50, 2C, 40, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 60, 53, 56, 57, 89, 65, E8, FF, 15, 98, 71, 40, 00, A3, 0C, 61, 40, 00, 8A, C4, 25, FF, 00, 00, 00, A3, 18, 61, 40, 00, A1, 0C, 61, 40, 00, C1, 2D, 0C, 61, 40, 00, 10, 25, FF, 00, 00, 00, A3, 14, 61, 40, 00, C1, E0, 08, 03, 05, 18, 61, 40, 00, A3, 10, 61, 40, 00, E8, D8, 0E, 00, 00, C7, 45, FC, 00, 00, 00, 00, E8, A3, 0D, 00, 00, E8, 91, 0D, 00, 00, FF, 15, A8, 71, 40, 00, A3, 6C, 44...
 
[+]

Developed / compiled with:
Microsoft Visual C++ v4.2

Code size:
10 KB (10,240 bytes)

The file zapgrab2.exe has been seen being distributed by the following 4 URLs.

https://webmail.ideacellular.com/owa/service.svc/s/.../9j2dL0oGBwBjolyjKB5MRI4M6DEfj5oYAAAAAAEMAABjolyjKB5MRI4M6DEfj5oYAACqzlWMAAABEgAQAGi7lbik5ZNEhxx5876yej4=&X-OWA-CANARY=inPcsjAU_0CfDjC3VOVb0l7WfzBEl9MImIsKE1nmJ3MF-IoSugKFJfcFPmZzNgoG7MLvharxa6c.

https://mg.mail.yahoo.com/.../download?m=YaDownload&mid=2_0_0_26_1425_AFTFCmoAABStVALCUAAAAJRIRAU&fid=ML SCRIPT&pid=3&clean=0&appid=YahooMailNeo&ymreqid=9a8fe5c8-d159-ec33-01d9-6d000c010000

http://www.downloadtr.com/includes/.../forms.php?do=download&id=7612

http://dc391.4shared.com/download/.../ZAPGRAB2.EXE

Scan zapgrab2.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.