home

zoo2trial.exe

Microsoft Games Setup

Microsoft Corporation

This is a self-extracting archive and installer. The file has been seen being downloaded from gsf-cf.softonic.com and multiple other hosts.
Publisher:
Microsoft Corporation

Product:
Microsoft Games Setup

Description:
Microsoft Games AutoRun/Setup

Version:
1.1.3096.29

MD5:
2ee28d3f1a0ced427a17b4ff9181d979

SHA-1:
9a72876c6d723e09bb9727b3319427d0f40a6963

SHA-256:
bdf152f08f1b09fd4a1b3a3d29775f868f155b46e547e1aea7e02bb40a87fae3

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
2/24/2025 8:46:18 PM UTC  (today)

Scan engine
Detection
Engine version

Rising Antivirus
PE:Trojan.DL.Zlob!1.6606
23.00.65.15521

File size:
119.9 MB (125,718,528 bytes)

Product version:
1.1.3096.29

Copyright:
© 2004 Microsoft Corp.

Trademarks:
© Microsoft Corp.

Original file name:
Setup.Exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\zoo2trial.exe

File PE Metadata
Compilation timestamp:
8/6/2004 1:33:04 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
7.10

CTPH (ssdeep):
3145728:fflOPBqvmbm01Mqqy7e3ehsI3fgi+OBVC8Am:ff4PBgmb9L7eYv1zVC6

Entry address:
0x5C34B

Entry point:
6A, 60, 68, B8, 81, 47, 00, E8, 2D, 3C, 00, 00, BF, 94, 00, 00, 00, 8B, C7, E8, 3D, FC, FF, FF, 89, 65, E8, 8B, F4, 89, 3E, 56, FF, 15, 7C, 01, 47, 00, 8B, 4E, 10, 89, 0D, 90, F4, 48, 00, 8B, 46, 04, A3, 9C, F4, 48, 00, 8B, 56, 08, 89, 15, A0, F4, 48, 00, 8B, 76, 0C, 81, E6, FF, 7F, 00, 00, 89, 35, 94, F4, 48, 00, 83, F9, 02, 74, 0C, 81, CE, 00, 80, 00, 00, 89, 35, 94, F4, 48, 00, C1, E0, 08, 03, C2, A3, 98, F4, 48, 00, 33, F6, 56, 8B, 3D, 34, 01, 47, 00, FF, D7, 66, 81, 38, 4D, 5A, 75, 1F, 8B, 48, 3C, 03...
 
[+]

Entropy:
7.9983

Developed / compiled with:
Microsoft Visual C++ v7.0

Code size:
444 KB (454,656 bytes)

The file zoo2trial.exe has been seen being distributed by the following 50 URLs.

http://gsf-cf.softonic.com/9a7/287/.../file?SD_used=0&channel=WEB&fdh=no&id_file=37478&instance=softonic_en&type=PROGRAM&Expires=1458536844&Signature=hI2pq905QFmA9owKmfxG71Ssd9FGZX6bXtK92gBjbkgKQCB6yJewE2hKxHXmcM2P3fuuN3D~oUGZxHakvpEWc5LMst5ZKZbEwYgOackbgbbOyNCdx4xDY4POtErOCVHFtqIOFvRq5l8J0T7maDaM5ieXb~Yy~iIkt~2ECF8AQFU_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=zoo2trial.exe

http://gsf-cf.softonic.com/9a7/287/.../file?SD_used=0&channel=WEB&fdh=no&id_file=37478&instance=softonic_es&type=PROGRAM&Expires=1425384311&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=X5BGrvQqjzysYfX9Uyn6CkWcNzzML4O5Gi13onMoSTViEzPn5u2rDPYWld4hElfxH9wbeJ0sw4OAN8KiD2tWK~YUaS3g6s~D6SZ9AcFm3nggzgB6RG53Tezat0JTZPZytN7WL15UmISVfLRU50H8i1yMRXSAtH2ICuDkkkl4yRY_&filename=zoo2trial.exe

http://gsf-cf.softonic.com/9a7/287/.../file?SD_used=0&channel=WEB&fdh=no&id_file=37478&instance=softonic_pl&type=PROGRAM&Expires=1449892133&Signature=UNjdrgDF1vBGd-SOrPSDZGSGXXhFFTcrRQeJiUVerTq8pCQWKUjgYSbwSHDr8NNOD1X5DpYc2Drj~zc0YlBbRkCBLVuTNeHyzZ5c3b840tFaZtVWRy5DWk~mIj6RxPTMhNI5dlaygLKB4fZC94jQ104ONsWSelbQcaw92j~P8Aw_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=zoo2trial.exe

http://gsf-cf.softonic.com/9a7/287/.../file?SD_used=0&channel=WEB&fdh=no&id_file=37478&instance=softonic_br&type=PROGRAM&Expires=1480727986&Signature=EWv2HwncWJukw08OWctkdb-5c7TQfyq-d~o8MNz2JllmYXf5pHceBPvnkWfRclGUQcqqWeow7uGrzsYM2wVSgYViuRVGP3xceIohNhdZ~AvJn7lMmdvxcmRT8GbEz2XkO1OMaSca9yXyVw9sLSH8yzWNk6qtg1PlD1uRf715sac_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=zoo2trial.exe

http://data2.stiahnut.sk/downloadFile.php?n=em9vLXR5Y29vbi0yXzIuZXhl&s=lhmafmaq5a2m2k79mcrn5jvb11&r=db00a2a5cb294372c7b8ca9ca8046e6a

https://secure.giga-downloads.de/dl/.../

https://secure.giga-downloads.de/dl/.../

http://gsf-cf.softonic.com/9a7/287/.../file?SD_used=0&channel=WEB&fdh=no&id_file=37478&instance=softonic_es&type=PROGRAM&Expires=1468766491&Signature=OdXD8zbx4h-KM3um6SyjIVuVj4p7lxF1ViQbg1a~jLEsRUlfGgeIZ1e6yUlxdfLIcqHEWgGQwvn6FO1y3scSWXZrUxxspX2g0o3Uk-xKrQaadQN521hxz2XK1svd9A1qSQ-76ikQ~p-O4uOqKUdtfKv~F7KgtJ~uEcK8OcZehBo_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=zoo2trial.exe

https://secure.giga-downloads.de/dl/.../

http://data2.mujsoubor.cz/downloadFile.php?n=em9vLXR5Y29vbi0yXzIuZXhl&s=n57vhjqor166gsmmlsrjn7i7f2&r=2b81b78c4913a22bd79505feafd33697

http://gsf-cf.softonic.com/9a7/287/.../file?SD_used=0&channel=WEB&fdh=no&id_file=37478&instance=softonic_en&type=PROGRAM&Expires=1438648235&Signature=Ckj76uLCAoQdyeFHteTvv4GlhMe~qPDb4jR5B85r4QV1xRVS-~Cms3XrlE8TYRIXLMqKazumJeoz0fADGL70iZMlKZ9V1HFf8NQVBqLazJdu0lztsMPogySpfhZOQp5iLUoy~r~TVGtqgwW9ClBY4Jo1Vra-kFgXX5W-X~xu3iI_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=zoo2trial.exe

https://secure.giga-downloads.de/dl/.../

http://gsf-cf.softonic.com/9a7/287/.../file?SD_used=0&channel=WEB&fdh=no&id_file=37478&instance=softonic_de&type=PROGRAM&Expires=1441948818&Signature=DoBtnzKNI~--FA0xkfjxHuLCZ03KVvzA8346m0rxwddFvBfBDLy1qdiwFbeeDd6UGScNAHlhgo4b6fw2N6g0nyMHSwDieyskA8jLi9Ih50HUsSxsevAB9ebQRvu~8aOOk14SCiyWG0goGzObewEAwAqf2jgv2tSCr5R8ZwuwcCk_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=zoo2trial.exe

http://gsf-cf.softonic.com/9a7/287/.../file?SD_used=0&channel=WEB&fdh=no&id_file=37478&instance=softonic_es&type=PROGRAM&Expires=1473238579&Signature=GTHwHSi1P6y1bwQw9YSG2~QxvwTac9Mm8RAO8KsSk7wEwoelTEhMxo2AgOtuGCG~Wtuc5h73MONRzOhTASxSUePHNQosoG~ZOMZUWCJIYAJBRl4~ZK6wrgelujJilTSS0Ze7wffBH5pjfSGhnmhqX-pHUGFFMPEuttI-evArNfY_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=zoo2trial.exe

http://download.fileplanet.com/ftp1/.../zoo2trial.exe

http://gsf-cf.softonic.com/9a7/287/.../file?SD_used=0&channel=WEB&fdh=no&id_file=37478&instance=softonic_en&type=PROGRAM&Expires=1477105515&Signature=Zbpt1b8xmXMQyaQ3XoWsLQUiAgAsgprrc64lsUag1ZE0d0H0btoRETP26ARo3ESRJtHpOohRIAOUa~SLOGAXKU4QTBA90y-JKfVJ2Vouib~48~8bjVTuRtXJXnt~MTIfHbIJLZYg2FHdpWnP~GGlCnP7PAnb90WVskh0XAT2KsI_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=zoo2trial.exe

http://gsf-cf.softonic.com/9a7/287/.../file?SD_used=0&channel=WEB&fdh=no&id_file=37478&instance=softonic_en&type=PROGRAM&Expires=1478199640&Signature=ZXpZUH07qQaiU13qXcN0L1~dNivQ8-eMk0qtt7JN20sBdjiccyDV0~5XsKuPCKrMDNgQ9rmmgU6ffDeqFWb3K7oTE0xk56qfBk6zrbtiesMbPoNFJvD8ubhuV0aB0i7cpJD7~L76TuBbwgQDPr10XQlQTpvXmRDxqwqgIr-~aPA_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=zoo2trial.exe

http://gsf-cf.softonic.com/9a7/287/.../file?SD_used=0&channel=WEB&fdh=no&id_file=37478&instance=softonic_br&type=PROGRAM&Expires=1480330092&Signature=KhN-43XBS0o85BwaZ1RPqRxXqzzw3TXXef62j1r3it6ElFtJ4avGWKrZtxHn37Cpei2HEl3IIUjuI761Az2KzO-AaZWvZgM3p7xthBB9DulIgItRRyKbSHaHvLYkiXMx3DqOvB9noKFbh5e~uSbbYlE3Bjlzv-eUQj6Te6mPjjk_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=zoo2trial.exe

http://gsf-cf.softonic.com/9a7/287/.../file?SD_used=0&channel=WEB&fdh=no&id_file=37478&instance=softonic_en&type=PROGRAM&Expires=1449932302&Signature=Teo7XswQqRg9tiZewhkA4WSs5i7uFsEWeTYNrz8Ufze0J9t8hHOBnna7SSZRNQX~cP3A66zdUbv~vsMPMQzZrkKtXX8ywnCgGc-VwzlOp48GgyUauKLRCXXfYMY1oh0964kKmfRKDAB5PmBS8lTlzffTptJOJHEiivcD4PLipLE_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=zoo2trial.exe

https://secure.giga-downloads.de/dl/.../

http://gsf-cf.softonic.com/9a7/287/.../file?SD_used=0&channel=WEB&fdh=no&id_file=37478&instance=softonic_br&type=PROGRAM&Expires=1463835173&Signature=TB5ZATs3h~EqaQ~irWeHulsNt0dX7HpEus-4j0cZ70J4oeaCGh7WG3MbfA6kWl63ZYlUfSpkoLGkL8JVhZWMTtxfd1x4iDV2W0E7zxgFbLLtCS7lCOX~37D~EQBL6GFt~c7mgERmS4hrwzzc8zHwK3NZKGaDrsx5ZeO4p6tR~to_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=zoo2trial.exe

http://gsf-cf.softonic.com/9a7/287/.../file?SD_used=0&channel=WEB&fdh=no&id_file=37478&instance=softonic_es&type=PROGRAM&Expires=1470637915&Signature=c2uqYWNrBAdRn84Z9H1~RYcioHM18J~1naCMlFkNiOh~B0Q-ChsP65BZY3iHceUABouAOf3BWXUxzWiC6XZ7GtJRDQ7d92dSfYrpVcvspBjLc~95mIrxy-KducsrGOWAFSDB0hI9wm-wP7tgLBV~2nIsIS12~KGfdi44ilx5NNQ_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=zoo2trial.exe

http://gsf-cf.softonic.com/9a7/287/.../file?SD_used=0&channel=WEB&fdh=no&id_file=37478&instance=softonic_de&type=PROGRAM&Expires=1441591567&Signature=g9qOvJIGicQC8q91i3ClaerBBmLnWxq3o-2eM0~X2YjL10ZMLp5iOnTAySqljWPHWOVLdqLjwa3jPHhA178tERN5jQUhgsg3KdzJtwQBzMEDXUn2cJwBQnf53s63QkGsgPtbosglClOwo8hO9ic4lqX7ZjZZgT2H25coYFzGiBk_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=zoo2trial.exe

http://gsf-cf.softonic.com/9a7/287/.../file?SD_used=0&channel=WEB&fdh=no&id_file=37478&instance=softonic_pl&type=PROGRAM&Expires=1464582669&Signature=D7CbGYven7AMiVnd9BqGN2OzjHw5ZcEXklJeZtKvkRp~tmGzZL10DiqtknbIQE2CEReNO2Z59J0l4ile~79X~pN-X3DheYEFFt5ib0gVA6QdS2SqAzINnwAoPCuGGb0-mbYj9qVNe5OKPZzWphOfLC8pEJgFpdiomfyHT2dcIpE_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=zoo2trial.exe

http://gsf-cf.softonic.com/9a7/287/.../file?SD_used=0&channel=WEB&fdh=no&id_file=37478&instance=softonic_pl&type=PROGRAM&Expires=1467258734&Signature=Ox-vf~lEmkXAE3l0bKCFjmFQLt9t~R6QNdhk4LgVLlC2-xAda0Gf0PZ98Ij0O7IBe-D8tgHbAM0XTzR41~RjfiVtEiQkudcfPeIqxNP6odGRobQjFal76Y4l8Odum-9qBQsjBwv2tdSXeU55yDy5UY0kFXExALrmlcZmaNvIUjY_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=zoo2trial.exe

http://gsf-cf.softonic.com/9a7/287/.../file?SD_used=0&channel=WEB&fdh=no&id_file=37478&instance=softonic_fr&type=PROGRAM&Expires=1445925143&Signature=CBg7t-Swt5XkArOhvRWnxk8EvKc40Dmmkw4FoddEeQrlcvebkI9yQ7Nov8uBX0oc4tI6BRsWDwNy~GDu7BrdKZrprCilNOmls7uJ4eEh9gPbycSNafRq9-pWnrbdy3EDIgYZB0cu8833L2snlPGyYt7Eac~LAXNV1ggdVrr3Neg_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=zoo2trial.exe

http://data2.stiahnut.sk/downloadFile.php?n=em9vLXR5Y29vbi0yXzIuZXhl&s=cjhu2o0c0rtm00b335ntcrktj5&r=56ad3cfef54a1454151bb5033601ba9f

http://gsf-cf.softonic.com/9a7/287/.../file?SD_used=0&channel=WEB&fdh=no&id_file=37478&instance=softonic_en&type=PROGRAM&Expires=1445723471&Signature=iFqOXFtf-PnyC1FD8mLuNWVmlTrtf0yxP9piv75bwgm2X3OLJKuFTpZey1F6O7Q37S7suq-nlDd4Yu7tsolIkKiICoYw2GEdE5rj6k19YOPG8wTKxWGU0~ZlSZgwNIUVLgbLOthWJlRaSrBuLW0I6PpmiWNiVy0cJK94M4TZ62E_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=zoo2trial.exe

http://gsf-cf.softonic.com/9a7/287/.../file?SD_used=0&channel=WEB&fdh=no&id_file=37478&instance=softonic_en&type=PROGRAM&Expires=1465703144&Signature=Y49p6QO3TmaLisbxLIDwGkfRfdnEAJz0U-ifi4Kbn9f7lTaMqOr6EEcuzoXM0RP~FOlhFAOJuCdcxHVBpT1F9GBOnbSqzQOqND2jqd3dAdX9CLhkJshPdCINcVQ7BnkpOliNxZcuqHT9pqcivvuTm6Xb-3p90w1~AoHYWB~7Adw_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=zoo2trial.exe

http://gsf-cf.softonic.com/9a7/287/.../file?SD_used=0&channel=WEB&fdh=no&id_file=37478&instance=softonic_es&type=PROGRAM&Expires=1467981590&Signature=N3UGjHmgyMw2cYRR1hZSxUSI6j~U1nmcftalykPvUxXjQGBAygcqF7Viincw8Qnz7lsabDZHDwTbZVWIFHxdwkPJV-d8PazFGttfgbnHdrYLRPlqoOJ55KeE9asBj1KAuzHNDtFaVb~MllGX2aV39WypYAHQ-90mrnBT36KJtTQ_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=zoo2trial.exe

Latest 30 of 64 download URLs

Scan zoo2trial.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.