home

zummais.exe

Linkury LTD

The application zummais.exe by Linkury has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Linkury LTD  (signed and verified)

Version:
2.0.0.9

MD5:
96bf4c14b3c3c1f283e17d3a13ee58e0

SHA-1:
2ce4353c9f342d6c8517ca900294b4448ee96c0d

SHA-256:
83963a1e7e899582d3624395350a8ad8e7aa7e2e2658f425d6c5cd1b3d89e607

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
11/23/2024 10:00:34 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Linkury (M)
16.9.10.0

File size:
118.6 KB (121,448 bytes)

Product version:
1.0.0.1

Copyright:
Copyright (C) 2015

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\ProgramData\safefinder\zummais.exe

Digital Signature
Signed by:
Linkury LTD

Authority:
GlobalSign nv-sa

Valid from:
10/6/2015 6:14:15 PM

Valid to:
1/23/2017 5:41:00 PM

Subject:
CN=Linkury LTD, O=Linkury LTD, L=Herzliya, S=Israel, C=IL

Issuer:
CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121E8F0D6CA2B1A5855D63B5F416E91066F

File PE Metadata
Compilation timestamp:
5/5/2016 3:37:46 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
12.0

CTPH (ssdeep):
3072:pNMSg393Xplo/bN9LYgXyhxQwpvVtQf+xMN7RRif:pe3Vbo/bL9ylZvQfI8

Entry address:
0x51F3

Entry point:
E8, 9F, 3A, 00, 00, E9, 7B, FE, FF, FF, 55, 8B, EC, FF, 15, 44, 30, 41, 00, 6A, 01, A3, 44, C8, 41, 00, E8, BE, 3B, 00, 00, FF, 75, 08, E8, 66, 3F, 00, 00, 83, 3D, 44, C8, 41, 00, 00, 59, 59, 75, 08, 6A, 01, E8, A4, 3B, 00, 00, 59, 68, 09, 04, 00, C0, E8, 34, 3F, 00, 00, 59, 5D, C3, 55, 8B, EC, 81, EC, 24, 03, 00, 00, 6A, 17, E8, E2, C0, 00, 00, 85, C0, 74, 05, 6A, 02, 59, CD, 29, A3, 28, C6, 41, 00, 89, 0D, 24, C6, 41, 00, 89, 15, 20, C6, 41, 00, 89, 1D, 1C, C6, 41, 00, 89, 35, 18, C6, 41, 00, 89, 3D, 14...
 
[+]

Code size:
70.5 KB (72,192 bytes)

Remove zummais.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.