home

bitzipper2015trialsetupde.exe

BitZipper

Bitberry Software ApS

The application bitzipper2015trialsetupde.exe, “Öffnen RAR, ZIP, 7z, ISO und andere Dateien ” by Bitberry Software ApS has been detected as a potentially unwanted program by 8 anti-malware scanners. The program is a setup application that uses the Inno Setup installer. The setup program uses the InstallCore monetization download manager to download additional third party applications that may be unwanted by the user. The file has been seen being downloaded from www.bitzipper.com.
Publisher:
Bitberry Software   (signed by Bitberry Software ApS)

Product:
BitZipper

Description:
Öffnen RAR, ZIP, 7z, ISO und andere Dateien

Version:
2015.14.12.3

MD5:
0bd27c14e254c28926d3e27f7699d7d2

SHA-1:
362c559cf4e67dd2c8ba65919b7f49a3d00cc81b

SHA-256:
ee8342ae4687a5a1e4a5ec7a68e713b637333cfad5229ec2da83d54aefa7ab1b

Scanner detections:
8 / 68

Status:
Potentially unwanted

Analysis date:
4/25/2024 7:19:09 PM UTC  (today)

Scan engine
Detection
Engine version

Dr.Web
Adware.Downware.8536
9.0.1.092

ESET NOD32
Win32/FileTypeAssistant.A potentially unwanted (variant)
9.11404

Fortinet FortiGate
Riskware/FileTypeAssistant
4/2/2015

herdProtect (fuzzy)
variant of bitzipper2015trialsetupes.exe
2015.7.7.6

K7 AntiVirus
Trojan
13.202.15438

Reason Heuristics
PUP.Optional.Installer.Bitberry
15.4.2.12

Sophos
Install Core Click run software
4.98

Trend Micro House Call
Suspicious_GEN.F47V0227
7.2.92

File size:
5.8 MB (6,118,848 bytes)

Product version:
2015.14.12.3

Copyright:
Copyright © 1999-2014 Bitberry Software

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Language:
Language Neutral

Digital Signature
Signed by:
Bitberry Software ApS

Authority:
VeriSign, Inc.

Valid from:
9/20/2013 2:00:00 AM

Valid to:
11/19/2016 12:59:59 AM

Subject:
CN=Bitberry Software ApS, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Bitberry Software ApS, L=Holbæk, S=Alberta, C=DK

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
23118AB330BEB5704ADCCE30BBB04D23

File PE Metadata
Compilation timestamp:
6/20/1992 12:22:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
98304:lf+OyWZCUdGY4BlRz/WveVH2FnUlsxKI8ec4ZDjARtuKWig4eXo1C5qtLCYhA0aB:VOUdGY4PkeVHbeKtec4ZDjEkS+SC5IW5

Entry address:
0xA5F8

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, CE, 8A, FF, FF, E8, D5, 9C, FF, FF, E8, 64, 9F, FF, FF, E8, 07, A0, FF, FF, E8, A6, BF, FF, FF, E8, 11, E9, FF, FF, E8, 78, EA, FF, FF, 33, C0, 55, 68, C9, AC, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 92, AC, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 26, F5, FF, FF, E8, 11, F1, FF, FF, 80, 3D, 34, B2, 40, 00, 00, 74, 0C, E8, 23, F6, FF, FF, 33, C0, E8, C4, 97, FF, FF, 8D, 55, F0, 33, C0, E8, B6, C5, FF, FF, 8B, 55...
 
[+]

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
39.5 KB (40,448 bytes)

The file bitzipper2015trialsetupde.exe has been seen being distributed by the following URL.

http://www.bitzipper.com/.../BitZipper2015TrialSetupDe.exe

Remove bitzipper2015trialsetupde.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.