home

zello_key.exe

Setup Factory 7.0 Runtime

The program is a setup application that uses the Setup Factory installer. The file has been seen being downloaded from dc706.4shared.com.
Product:
Setup Factory 7.0 Runtime

Description:
Setup Application

Version:
7.0.3.0

MD5:
b2069a93376810f17407f045a977beaa

SHA-1:
17245c88ce92dc3537f3873b7d0c6785d550d164

SHA-256:
6bc4c2b68b12fd91380d017c698e885c0dedd69a65acc50fbc0104d5e883933d

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
1/13/2025 9:27:50 PM UTC  (today)

File size:
12.2 MB (12,765,159 bytes)

Product version:
7.0.3.0

Copyright:
Setup Engine Copyright © 2004 Indigo Rose Corporation

Trademarks:
Setup Factory is a trademark of Indigo Rose Corporation.

Original file name:
suf70_launch.exe

File type:
Executable application (Win32 EXE)

Installer:
Setup Factory

Language:
English (United States)

Common path:
C:\users\{user}\downloads\zello_key.exe

File PE Metadata
Compilation timestamp:
4/11/2005 7:52:41 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
393216:fbb3wqcXHSqXwmzjObgtGRki9VqWD0xK2x:fbb3wx3SqXGbgtGRki9VqACx

Entry address:
0x1D9D

Entry point:
C7, C7, 2F, 58, AD, 3F, 84, F6, 8B, D5, 0F, AF, D7, 80, E1, 07, E8, 00, 00, 00, 00, 8A, F5, 0F, CF, 1C, 25, 8D, 2B, 86, C5, 8D, 75, 00, 33, C2, 38, D6, 33, DE, 80, CE, D9, 71, 0B, 88, DD, 8D, 1D, E9, 57, 5E, E3, F6, C4, EC, FE, C5, BF, 45, A2, 00, 00, 0F, AF, F5, 81, F7, B7, B0, 00, 00, 0F, AF, DF, 81, EF, B4, 07, 00, 00, F6, C2, 95, 3C, 50, 69, ED, FB, 68, F4, D0, 81, EF, 4A, F4, FF, FF, 81, EF, B7, 0B, 00, 00, 85, D3, 81, FD, 53, A8, 00, 00, 75, 03, 89, F6, 4D, 81, FF, 4E, 04, 00, 00, 73, D4, 5D, 0F, AF...
 
[+]

Entropy:
7.9559  (probably packed)

Code size:
20 KB (20,480 bytes)

The file zello_key.exe has been seen being distributed by the following URL.

http://dc706.4shared.com/download/.../zello_key.exe

Scan zello_key.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.