home

bist_d_sek1_textsorten_2011-10-14.exe

ZipNrun

MatchWare A/S

This is a setup program which is used to install the application. The file has been seen being downloaded from www.bifie.at.
Publisher:
MatchWare A/S

Product:
ZipNrun

Description:
ZipNrun module

Version:
9.0.152

MD5:
4cc5b2adf9b2fdca83d5e447236ad1a2

SHA-1:
a2286b31882880696c88691123930260e4bf3549

SHA-256:
47e186410b238e75def9a4e0547f768e897af9c8b40346c6784bccc678ae758e

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
8/7/2025 6:22:07 PM UTC  (today)

Scan engine
Detection
Engine version

Zillya! Antivirus
Trojan.ZBot.Win32.128
2.0.0.2593

File size:
4.2 MB (4,405,800 bytes)

Product version:
9.0.152

Copyright:
Copyright 1997-2007 MatchWare A/S

Original file name:
ZipNrun.dll

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\bist_d_sek1_textsorten_2011-10-14.exe

File PE Metadata
Compilation timestamp:
5/20/2010 2:19:14 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
98304:fEix+ZZ3FSdLCHM8m+GGjy5TSRi2EEMX2m4At9fFcHu:f3cZ226SvMGMt9faHu

Entry address:
0x7687

Entry point:
E8, ED, 69, 00, 00, E9, 16, FE, FF, FF, 55, 8B, EC, 83, 7D, 08, 00, 74, 17, FF, 75, 1C, FF, 75, 18, FF, 75, 14, FF, 75, 10, FF, 75, 0C, E8, 6E, 0D, 00, 00, 83, C4, 14, 5D, C3, 6A, 0C, 68, 60, 64, 42, 00, E8, 79, 11, 00, 00, 6A, 0E, E8, 1C, 4B, 00, 00, 59, 83, 65, FC, 00, 8B, 75, 08, 8B, 4E, 04, 85, C9, 74, 2F, A1, EC, 9F, 44, 00, BA, E8, 9F, 44, 00, 89, 45, E4, 85, C0, 74, 11, 39, 08, 75, 2C, 8B, 48, 04, 89, 4A, 04, 50, E8, 8C, FC, FF, FF, 59, FF, 76, 04, E8, 83, FC, FF, FF, 59, 83, 66, 04, 00, C7, 45, FC...
 
[+]

Code size:
136 KB (139,264 bytes)

The file bist_d_sek1_textsorten_2011-10-14.exe has been seen being distributed by the following URL.

https://www.bifie.at/system/files/.../bist_d_sek1_textsorten_2011-10-14.exe

Scan bist_d_sek1_textsorten_2011-10-14.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.