zpdl_latest.exe

Inmatrix LTD

The application zpdl_latest.exe, “Zoom Player Downloader” by Inmatrix has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Inmatrix LTD  (signed and verified)

Description:
Zoom Player Downloader

Version:
8.6.1.0

MD5:
d616e917701de9dbd828a94ec7ee6c1b

SHA-1:
c9b87be935041fa8b38da261db2a4d729bd425ac

SHA-256:
fb48e34a703c86fe80755c5e955eecb3f745b6723e05f5f729f5059bf0e8ba98

Scanner detections:
1 / 68

Status:
Potentially unwanted

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
12/24/2024 5:04:03 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
17.1.11.5

File size:
1011.1 KB (1,035,375 bytes)

Product version:
1.0.0.0

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\ProgramData\zoom player\cache\zpdl_latest.exe

Digital Signature
Signed by:

Authority:
COMODO CA Limited

Valid from:
11/25/2012 4:00:00 PM

Valid to:
11/26/2015 3:59:59 PM

Subject:
CN=Inmatrix LTD, OU=Zoom Player, O=Inmatrix LTD, POBox=9436, STREET=1 Hagefen st., L=Haifa, S=Northern Israel, PostalCode=31094, C=IL

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00CADC0D3D5A82BDE1327BAF171510D19D

File PE Metadata
Compilation timestamp:
6/19/1992 3:22:17 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

Entry address:
0x89778

Entry point:
E9, B9, D9, F8, FF, F0, B8, D0, 94, 48, 00, E8, 20, D3, F7, FF, A1, A4, EC, 48, 00, 8B, 00, E8, 2C, 2D, FE, FF, A1, A4, EC, 48, 00, 8B, 00, BA, F0, 97, 48, 00, E8, 03, 29, FE, FF, 8B, 0D, 30, EB, 48, 00, A1, A4, EC, 48, 00, 8B, 00, 8B, 15, A4, 68, 48, 00, E8, 1B, 2D, FE, FF, 8B, 0D, F4, EA, 48, 00, A1, A4, EC, 48, 00, 8B, 00, 8B, 15, 18, 65, 48, 00, E8, 03, 2D, FE, FF, A1, A4, EC, 48, 00, 8B, 00, E8, 77, 2D, FE, FF, E8, EE, AC, F7, FF, 00, 00, FF, FF, FF, FF, 16, 00, 00, 00, 5A, 6F, 6F, 6D, 20, 50, 6C, 61...
 
[+]

Entropy:
7.3065

Packer / compiler:
Xtreme-Protector v1.05

Code size:
546.5 KB (559,616 bytes)

Remove zpdl_latest.exe - Powered by Reason Core Security