zemanaantimalware_x64.exe

Zemana AntiMalware

SurfRight B.V.

This is installed with Zemana AntiMalware. The file has been seen being downloaded from external.comss.ru and multiple other hosts.
Publisher:
Zemana  (signed by SurfRight B.V.)

Product:
Zemana AntiMalware

Version:
3, 7, 3, 192

MD5:
be40d75bd1f14386fa430d68160316bf

SHA-1:
9e7bc31d7bd41dc9aeb00865d0e4f2cac14d5aa1

SHA-256:
118669637549bdc38b9a44b8807f58f5b600e499546210b6569df7060b1b8d6b

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/24/2024 12:44:49 PM UTC  (today)

File size:
9.3 MB (9,771,304 bytes)

Product version:
3, 7, 3, 192

Copyright:
© 2011 SurfRight B.V.

Original file name:
ZemanaAntiMalware.exe

File type:
Executable application (Win64 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\zemanaantimalware_x64.exe

Digital Signature
Signed by:

Authority:
VeriSign

Valid from:
11/5/2012 7:00:00 PM

Valid to:
1/5/2016 6:59:59 PM

Subject:
CN=SurfRight B.V., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=SurfRight B.V., L=Hengelo, S=Overijssel, C=NL

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
34A8B19DC8071E4182FB27F9B7EC722A

File PE Metadata
Compilation timestamp:
3/28/2013 10:43:41 AM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
10.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
98304:T935GUo0ZanVSyFVCRCg1JXgx7UPmX3+PKz8Bu4UxTyZAHxjug51:p35GGIlCR/1NrmUsxGZcxSm

Entry address:
0x1B0A90

Entry point:
48, 83, EC, 28, E8, 4B, 99, 00, 00, 48, 83, C4, 28, E9, 52, FE, FF, FF, CC, CC, 48, 89, 5C, 24, 10, 66, 89, 4C, 24, 08, 55, 48, 8B, EC, 48, 83, EC, 50, B8, FF, FF, 00, 00, 66, 3B, C8, 0F, 84, AA, 00, 00, 00, 48, 8D, 4D, E0, E8, FF, 9C, FF, FF, 48, 8B, 5D, E0, 83, 7B, 14, 00, 75, 27, 0F, B7, 55, 10, 8D, 42, BF, 66, 83, F8, 19, 77, 04, 66, 83, C2, 20, 80, 7D, F8, 00, 74, 0B, 48, 8B, 4D, F0, 83, A1, C8, 00, 00, 00, FD, 0F, B7, C2, EB, 70, 0F, B7, 4D, 10, BA, 00, 01, 00, 00, 66, 3B, CA, 73, 25, BA, 01, 00, 00...
 
[+]

Entropy:
7.1485

Code size:
2.3 MB (2,450,944 bytes)

The file zemanaantimalware_x64.exe has been discovered within the following program.

Zemana AntiMalware  by Zemana Ltd.
Publisher's description - “Zemana Anti-Malware is a second opinion scanner designed to rescue your computer from malware (viruses, trojans, rootkits, etc.) that have infected your computer despite all the security measures you have taken (such as anti-virus software, firewalls, etc.”
www.zemana.com
About 5% of users remove it
 
Powered by Should I Remove It?

The file zemanaantimalware_x64.exe has been seen being distributed by the following 4 URLs.

Scan zemanaantimalware_x64.exe - Powered by Reason Core Security