home

zipex.exe

ZIP Express

Insight Software Solutions, Inc.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘MyWebSearch Email Plugin’.
Publisher:
Insight Software Solutions  (signed by Insight Software Solutions, Inc.)

Product:
ZIP Express

Description:
ZIP Code, Area Code lookup Utility

Version:
2.8.4.1

MD5:
e2c25c13b86215bf6f3eb2162323eaac

SHA-1:
896d141de63125f10f65363e478fe24390142247

SHA-256:
9da70dcaa504a940ebdba4249875e5d451c9fc554a44895a4949b90b3e27dac0

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/8/2024 9:15:46 PM UTC  (today)

File size:
2.4 MB (2,515,224 bytes)

Product version:
2.8.4.1

Copyright:
Copyright (c) 2016 Insight Software Solutions, Inc.

Trademarks:
ZIP Express

Original file name:
zipex.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\zip express\zipex.exe

Digital Signature
Signed by:
Insight Software Solutions, Inc.

Authority:
COMODO CA Limited

Valid from:
3/24/2016 6:00:00 PM

Valid to:
3/25/2018 5:59:59 PM

Subject:
CN="Insight Software Solutions, Inc.", O="Insight Software Solutions, Inc.", STREET=206 South Main, STREET=PO Box 106, L=Kaysville, S=Utah, PostalCode=84037, C=US

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
5FA82BD1E9B616694696994F7196E51F

File PE Metadata
Compilation timestamp:
8/23/2016 4:03:29 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:JBEzHOsA+oeZbJjsW7qS4rciXr5tUn+kdWL3G3XiJB8UlcX:JBoO9+oenPqS4rcAVK+kYwyU

Entry address:
0x1F6158

Entry point:
55, 8B, EC, 83, C4, F0, 53, 56, 57, B8, 38, 33, 5F, 00, E8, B5, 1D, E1, FF, A1, EC, F0, 5F, 00, C6, 00, 00, E8, 04, D0, FF, FF, E8, 57, D1, FF, FF, 84, C0, 74, 1D, 6A, 40, B9, C8, 62, 5F, 00, BA, CC, 62, 5F, 00, A1, 4C, EF, 5F, 00, 8B, 00, E8, 4F, EC, E8, FF, E8, 4E, F7, E0, FF, E8, CD, D0, FF, FF, 33, C0, 55, 68, B0, 62, 5F, 00, 64, FF, 30, 64, 89, 20, 6A, 00, E8, 64, 30, E1, FF, A1, 28, F0, 5F, 00, C6, 00, 00, A1, 10, E9, 5F, 00, C6, 00, 00, A1, 78, EE, 5F, 00, C6, 00, 00, A1, 54, EE, 5F, 00, C6, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
2 MB (2,052,096 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
MyWebSearch Email Plugin

Command:
C:\Program Files2\mywebs~1\bar\1.bin\mwsoemon.exe


Scan zipex.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.