zps16_en.exe

Zoner Photo Studio 16

ZONER software, a.s.

The program is a setup application that uses the Inno Setup installer. The file has been seen being downloaded from global-shared-files-l3.softonic.com and multiple other hosts.
Publisher:
ZONER software   (signed by ZONER software, a.s.)

Product:
Zoner Photo Studio 16

Description:
Zoner Photo Studio 16 Setup

Version:
16.0.1.5

MD5:
f5bc9e72c3139bf8094b8f6c4494f759

SHA-1:
83b1d957768d88839fa8927115c84eff868af8f7

SHA-256:
523b6fe9cfa026984b8ab0159cdfdb782e81f2b17e4bdc07e062e7f7b560eee1

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/23/2024 2:24:03 AM UTC  (today)

File size:
53.1 MB (55,679,880 bytes)

Product version:
16.0.1.5

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\zoner photo studio pro 16.0.1.5 by ilyas farid\zps16_en.exe

Digital Signature
Authority:
Thawte, Inc.

Valid from:
8/22/2012 2:00:00 AM

Valid to:
10/22/2014 1:59:59 AM

Subject:
CN="ZONER software, a.s.", OU=Software, O="ZONER software, a.s.", L=Brno, S=Ceska republika, C=CZ

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
6EA9C08B0483DC63338811F5B99F816B

File PE Metadata
Compilation timestamp:
6/10/2010 4:33:52 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
786432:EwCaXluVkkWyBAYf7UKNypcvcooEMcJFSKLHmtV4WYYJwHpwzIlsk63ssU7oNjA4:7zluVktKb5MgFSOCVv9JKpYuwss4oNr

Entry address:
0x163C4

Entry point:
55, 8B, EC, 83, C4, A4, 53, 56, 57, 33, C0, 89, 45, C4, 89, 45, C0, 89, 45, A4, 89, 45, D0, 89, 45, C8, 89, 45, CC, 89, 45, D4, 89, 45, D8, 89, 45, EC, B8, 54, 55, 41, 00, E8, 70, 04, FF, FF, 33, C0, 55, 68, 91, 6A, 41, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 4D, 6A, 41, 00, 64, FF, 32, 64, 89, 22, A1, 48, AB, 41, 00, E8, A6, EF, FF, FF, E8, B1, EA, FF, FF, 8D, 55, EC, 33, C0, E8, FB, 87, FF, FF, 8B, 55, EC, B8, A8, D6, 41, 00, E8, A6, EA, FE, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, A8, D6, 41, 00, B2, 01...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
85 KB (87,040 bytes)

The file zps16_en.exe has been discovered within the following program.

360Amigo is registry optimizer. 360Amigo System Speedup bundles a branded version of the Conduit Toolbar, designed to deliver search based advertising and results. During installation the user is presented in some cases with the option to install the toolbar (on by default).
www.360amigo.com
53% remove it
 
Powered by Should I Remove It?

The file zps16_en.exe has been seen being distributed by the following 5 URLs.

Scan zps16_en.exe - Powered by Reason Core Security