zip-unzip-utility.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from butters.6dwk0hugs0.com and multiple other hosts.
Version:
2.1.1.5278

MD5:
b5e9f5f481ca1f84e5f96723641f2917

SHA-1:
8d548c0f52e5ad28e4c59ff735599d32b82f923d

SHA-256:
12cdbe0de16d3cfc8627669774c0bfc0907dca6dc9101d7748819c2751c519c3

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/24/2024 5:42:15 PM UTC  (today)

File size:
5.7 MB (5,932,921 bytes)

Product version:
2.1

File type:
Executable application (Win32 EXE)

Language:
Chinese (Simplified, PRC)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\software\zip-unzip-utility.exe

File PE Metadata
Compilation timestamp:
11/3/2010 5:38:46 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
98304:hUhQ2MyEgoB1oz4NQQ68u3NFIOGLgHoA22rY3D1N3zYNiWT4hm3sy3NLeB3x7xeU:hUhQ2MyEgoIz4T68uHIO8fA25z3KiLmM

Entry address:
0x32E98

Entry point:
E8, 22, 33, 00, 00, E9, 17, FE, FF, FF, E8, 74, 1C, 00, 00, 8B, 4C, 24, 04, 89, 48, 14, C3, E8, 67, 1C, 00, 00, 8B, 48, 14, 69, C9, FD, 43, 03, 00, 81, C1, C3, 9E, 26, 00, 89, 48, 14, 8B, C1, C1, E8, 10, 25, FF, 7F, 00, 00, C3, 55, 8B, EC, 51, 51, 8D, 45, F8, 50, FF, 15, D8, 51, 44, 00, 8B, 45, F8, 8B, 4D, FC, 6A, 00, 05, 00, 80, C1, 2A, 68, 80, 96, 98, 00, 81, D1, 21, 4E, 62, FE, 51, 50, E8, 61, 33, 00, 00, 8B, 4D, 08, 85, C9, 74, 05, 89, 01, 89, 51, 04, C9, C3, 8B, 44, 24, 04, 85, C0, 56, 8B, F1, C6, 46...
 
[+]

Code size:
268.5 KB (274,944 bytes)

The file zip-unzip-utility.exe has been seen being distributed by the following 14 URLs.

http://butters.6dwk0hugs0.com/clr/.../haozip.exe

http://butters.mxp4116.com/clr/.../haozip.exe

http://butters.mxp498.com/clr/.../haozip.exe

http://butters.mxp41.com/clr/.../haozip.exe

blob:DE5415CB-4629-4C5A-9EC7-8DC862ABD225

http://146.185.26.220/clr/.../haozip.exe

Scan zip-unzip-utility.exe - Powered by Reason Core Security