home

bist_d_sek1_loewe_und_maus_2011-02-24.exe

ZipNrun

MatchWare A/S

This is a setup program which is used to install the application. The file has been seen being downloaded from www.bifie.at.
Publisher:
MatchWare A/S

Product:
ZipNrun

Description:
ZipNrun module

Version:
9.0.152

MD5:
d7aa952c4cf1d7baae933ffea95fc037

SHA-1:
6dbb30db3d629b5726cb356ea133146d8c432f26

SHA-256:
919569fd8e9b8c0b66e02e48d4b7ed7c3359b7b8ba0950d4e2622528df9d024c

Scanner detections:
2 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
8/7/2025 6:28:34 PM UTC  (today)

Scan engine
Detection
Engine version

Comodo Security
Heur.Suspicious
22766

Dr.Web
Trojan.MulDrop5.26728
9.0.1.0192

File size:
4.1 MB (4,345,250 bytes)

Product version:
9.0.152

Copyright:
Copyright 1997-2007 MatchWare A/S

Original file name:
ZipNrun.dll

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\bist_d_sek1_loewe_und_maus_2011-02-24.exe

File PE Metadata
Compilation timestamp:
5/20/2010 2:19:14 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
98304:fEMTSU5IsD/bJOl+Thh5FzjulsZtsqZTuh2Zly+PVPhb:fRSUt1OUthffZtLgEldPthb

Entry address:
0x7687

Entry point:
E8, ED, 69, 00, 00, E9, 16, FE, FF, FF, 55, 8B, EC, 83, 7D, 08, 00, 74, 17, FF, 75, 1C, FF, 75, 18, FF, 75, 14, FF, 75, 10, FF, 75, 0C, E8, 6E, 0D, 00, 00, 83, C4, 14, 5D, C3, 6A, 0C, 68, 60, 64, 42, 00, E8, 79, 11, 00, 00, 6A, 0E, E8, 1C, 4B, 00, 00, 59, 83, 65, FC, 00, 8B, 75, 08, 8B, 4E, 04, 85, C9, 74, 2F, A1, EC, 9F, 44, 00, BA, E8, 9F, 44, 00, 89, 45, E4, 85, C0, 74, 11, 39, 08, 75, 2C, 8B, 48, 04, 89, 4A, 04, 50, E8, 8C, FC, FF, FF, 59, FF, 76, 04, E8, 83, FC, FF, FF, 59, 83, 66, 04, 00, C7, 45, FC...
 
[+]

Code size:
136 KB (139,264 bytes)

The file bist_d_sek1_loewe_und_maus_2011-02-24.exe has been seen being distributed by the following URL.

https://www.bifie.at/system/files/.../bist_d_sek1_loewe_und_maus_2011-02-24.exe

Scan bist_d_sek1_loewe_und_maus_2011-02-24.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.