» zsnesw.exe
Overview
Analysis
File Details
Programs (10)
Downloads (37)

zsnesw.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from download2051.mediafire.com and multiple other hosts.

File name:

zsnesw.exe

MD5:

8e3f9f4ba68261d9976a79f842b2ecdd

SHA-1:

50b379484494a7da992f40cf23bcb43b4b065e77

SHA-256:

fcc9c75f44bcfc3a5c7f1b8d8bed6b2cba95ecb80531a57351f006883b47b52e

Scanner detections:

1 / 68

Status:

Clean (1 probable false positive detection)

Explanation:

This is mosty likely a false positive detection, the file is probably clean.

Analysis date:

1/13/2025 3:48:54 PM UTC (today)

Scan engine

Detection

Engine version

Rising Antivirus

PE:Trojan.Win32.Generic.137642CD!326517453

23.00.65.131220

File size:

580.5 KB (594,432 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\zsnesw.exe

File PE Metadata

Compilation timestamp:

1/24/2007 10:22:14 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

7.10

CTPH (ssdeep):

12288:zKPgx5ebkgLs1PQ29BadoHuaRCwFasz2mDvppsHnWbqQdGW7wz+GzDdC/Z:9xobkgA4TdoHPta42mT/sHnKWHzDI/Z

Entry address:

0x8F7270

Entry point:

60, BE, 00, 10, C7, 00, 8D, BE, 00, 00, 79, FF, 57, 83, CD, FF, EB, 10, 90, 90, 90, 90, 90, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, 0B, 75, 19, 8B, 1E, 83, EE, FC, 11, DB, 72, 10, 48, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, EB, D4, 31, C9, 83, E8, 03, 72, 11, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 78, D1, F8, 89, C5, EB, 0B, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11... 
[+]

Packer / compiler:

UPX 2.90LZMA]

Code size:

540 KB (552,960 bytes)

The file zsnesw.exe has been discovered within the following programs.

Arkanoid - Doh it Again by GameFabrique

Arkanoid - Doh it Again is a free video game distributed through GameFabrique (which hosts free and abandonware games from NES, SNES and Sega Genesis) using a specialized software emulator.

www.gamefabrique.com

3% remove it

Art of Fighting by GameFabrique

Art of Fighting is a free video game distributed through GameFabrique (which hosts free and abandonware games from NES, SNES and Sega Genesis) using a specialized software emulator.

10% remove it

Battletoads & Double Dragon - The Ultimate Team by GameFabrique

Battletoads & Double Dragon - The Ultimate Team is a free video game distributed through GameFabrique (which hosts free and abandonware games from NES, SNES and Sega Genesis) using a specialized software emulator.

6% remove it

Bonkers by GameFabrique

Bonkers is a free video game distributed through GameFabrique (which hosts free and abandonware games from NES, SNES and Sega Genesis) using a specialized software emulator.

10% remove it

Contra III - The Alien Wars by GameFabrique

Contra III - The Alien Wars is a free video game distributed through GameFabrique (which hosts free and abandonware games from NES, SNES and Sega Genesis) using a specialized software emulator.

www.gamefabrique.com/games/contra-3-the-alien-wars

5% remove it

Desert Strike - Return to the Gulf by GameFabrique

Desert Strike - Return to the Gulf is a free video game distributed through GameFabrique (which hosts free and abandonware games from NES, SNES and Sega Genesis) using a specialized software emulator.

6% remove it

Earthbound by DotNes

This is a retro NES video game emulated for the PC and distributed through the DotNes portal on GameFabrique.

www.dotnes.com

7% remove it

Flashback by GameFabrique

Flashback is a free video game distributed through GameFabrique (which hosts free and abandonware games from NES, SNES and Sega Genesis) using a specialized software emulator.

7% remove it

Mario is Missing by GameFabrique

Mario is Missing is a free video game distributed through GameFabrique (which hosts free and abandonware games from NES, SNES and Sega Genesis) using a specialized software emulator.

7% remove it

Project64 1.6 by Project64

Publisher's description - “Project64 is a Nintendo 64 emulator for Windows by Zilmar, Jabo, Tooie and Witten. Project64 or PJ64 dates back to its first public release Project64 v1.0 in May 26th 2001. Project64 is an emulator designed to emulate a Nintendo64 video game system on a Microsoft Windows based PC.”

www.pj64.net

About 7% of users remove it

Latest 20 of 19 programs

The file zsnesw.exe has been seen being distributed by the following 37 URLs.

http://download2051.mediafire.com/dja4lu925x5g/.../zsnesw.exe

http://download1594.mediafire.com/rexnv6ie2x5g/.../zsnesw.exe

https://onedrive.live.com/download.aspx?cid=90B52DEA7EEF6ADA&authKey=!AJUFsN51hYvjbe4&resid=90B52DEA7EEF6ADA!167643&canary=DYxWcSvVG/.../ofj6vbKqws=0&ithint=.exe

http://download2051.mediafire.com/a3mmu511pwcg/.../zsnesw.exe

http://download2051.mediafire.com/ff1dcz3e760g/.../zsnesw.exe

http://download14.mediafire.com/te30ch9p9prg/.../zsnesw.exe

http://download2051.mediafire.com/aptfj7gti5ag/.../zsnesw.exe

http://download1594.mediafire.com/xp01fl81qr6g/.../zsnesw.exe

http://download14.mediafire.com/928wk0dahlig/.../zsnesw.exe

http://download1691.mediafire.com/v7x9i06bo3eg/.../zsnesw.exe

http://download14.mediafire.com/jw0etr1sf7ug/.../zsnesw.exe

http://download1692.mediafire.com/hlq4vgf9vl9g/.../zsnesw.exe

https://docs.google.com/uc?authuser=0&id=0B8bCfBAln48pazh0dUZPTV9FVFE&export=download

http://download2051.mediafire.com/2ww471oer3pg/.../zsnesw.exe

http://download1691.mediafire.com/d7hjhbdj26pg/.../zsnesw.exe

http://download1691.mediafire.com/g6rscn7fenbg/.../zsnesw.exe

http://dc703.4shared.com/download/.../zsnesw.exe

http://download1692.mediafire.com/ljrs9ys335ug/.../zsnesw.exe

http://download2051.mediafire.com/1uq5dnd8ar2g/.../zsnesw.exe

http://download14.mediafire.com/b5pe8r6224fg/.../zsnesw.exe

https://onedrive.live.com/download.aspx?cid=6F45FEFDFCB4DA24&authKey=!AKieRGvQqR8c1Rc&resid=6F45FEFDFCB4DA24!1680&ithint=.exe

https://www.dropbox.com/pri/get/Pc/Jogos/.../zsnesw.exe

http://download1692.mediafire.com/6fuq6pggpm7g/.../zsnesw.exe

http://download14.mediafire.com/ryxrabtrsbhg/.../zsnesw.exe

http://download1594.mediafire.com/se8x0ju05sig/.../zsnesw.exe

http://download14.mediafire.com/66puix2nj7gg/.../zsnesw.exe

http://download1692.mediafire.com/6hkoga7schdg/.../zsnesw.exe

http://download14.mediafire.com/eq461cqjjwgg/.../zsnesw.exe

http://download14.mediafire.com/d4ehvu8mirog/.../zsnesw.exe

https://doc-08-c0-docs.googleusercontent.com/docs/securesc/5s3k8fgeornamhhrr68farv6ro1omidg/ma6if3sgt8crdpl6ec9kneges9erdf8f/1474315200000/14468243029731771089/.../0B2SU5N_mf9geR0I2UUZfQW9wZjg?e=download

Latest 30 of 37 download URLs

Scan zsnesw.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.