» bitzipper51trialsetupen.exe
Overview
Analysis
File Details
Downloads (12)

bitzipper51trialsetupen.exe

BitZipper

Bitberry Software

The application bitzipper51trialsetupen.exe, “BitZipper Setup ” by Bitberry Software has been detected as a potentially unwanted program by 4 anti-malware scanners. The program is a setup application that uses the Inno Setup installer. The file has been seen being downloaded from gsf-cf.softonic.com and multiple other hosts.

File name:

Publisher:

Bitberry Software (signed by Bitberry Software)

Product:

BitZipper

Description:

BitZipper Setup

MD5:

3b3c036009e807334a32f55cc8b56288

SHA-1:

ac988fed156d6c6eaa3b780a058beb73c32dd7b9

SHA-256:

548c7dc00eb428e2b84ef8c4929fb83928f96232427db59417d7c7c77ec76123

Scanner detections:

4 / 68

Status:

Potentially unwanted

Explanation:

Bundles the Conduit Toolbar and/or Conduit Search Protect.

Analysis date:

5/10/2024 3:02:42 PM UTC (today)

Scan engine

Detection

Engine version

Dr.Web

Adware.Conduit.37

9.0.1.099

ESET NOD32

Win32/Toolbar.Conduit.B potentially unwanted (variant)

9.11385

F-Prot

W32/Conduit.A.gen

v6.4.7.1.166

Reason Heuristics

PUP.Installer.Bitberry

15.4.9.13

File size:

5.6 MB (5,887,936 bytes)

File type:

Executable application (Win32 EXE)

Installer:

Inno Setup

Language:

Language Neutral

Digital Signature

Signed by:

Bitberry Software

Authority:

The USERTRUST Network

Valid from:

10/7/2007 6:00:00 PM

Valid to:

10/7/2010 5:59:59 PM

Subject:

CN=Bitberry Software, O=Bitberry Software, STREET=Skolegade 35, L=Holbaek, S=DK, PostalCode=4300, C=DK

Issuer:

CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:

0CC5065224E5CAA1F9961C524F8B229D

File PE Metadata

Compilation timestamp:

6/19/1992 4:22:17 PM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

98304:Itd2sUcpg9K3Ttq1DjVBkmIVaRoqp+FZqyTFh2x5pAnvMCqG:y41f9I8mZv5hccnvMo

Entry address:

0x9A58

Entry point:

55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, 6E, 96, FF, FF, E8, 75, A8, FF, FF, E8, A0, CA, FF, FF, E8, E7, CA, FF, FF, E8, 0E, F3, FF, FF, E8, 75, F4, FF, FF, 33, C0, 55, 68, 0B, A1, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, D4, A0, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 9B, FE, FF, FF, E8, 02, FA, FF, FF, 8D, 55, F0, 33, C0, E8, AC, D0, FF, FF, 8B, 55, F0, B8, E4, CD, 40, 00, E8, 1F, 97, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, E4, CD, 40, 00, B2, 01, B8... 
[+]

Entropy:

7.9992

Packer / compiler:

Inno Setup v5.x - Installer Maker

Code size:

36.5 KB (37,376 bytes)

The file bitzipper51trialsetupen.exe has been seen being distributed by the following 12 URLs.

http://gsf-cf.softonic.com/ac9/88f/.../file?SD_used=0&channel=WEB&fdh=no&id_file=18864&instance=softonic_en&type=PROGRAM&Expires=1482104253&Signature=D~ru~758jeri54mWCDfGskk4XM-amtQjl4DckjLs9VcQuFeigYdFkoksAJh7XOgqGiOw~5qFjOcFMTR5gCG7eT4mB~bpbfv6VmbSUg51RQRq1Rpy8aQmzxEGibEE9Ej70unnPp6oFpaSAz0qGkC1VJwScbynUGJwZwdDUkNeu8o_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=BitZipper51TrialSetupEn.exe

http://gsf-cf.softonic.com/ac9/88f/.../file?SD_used=0&channel=WEB&fdh=no&id_file=18864&instance=softonic_es&type=PROGRAM&Expires=1485163128&Signature=V1xwJMrofgcGBFw-QRNKjTPL9jsZAR0iysYjnAk9Wso91O0nulUKoVBKZPWhIzJOF5Pc2SY~6DVw4x2VIgTveUFqz9JX-x5v2Qu-6RXJr-XH6GNJ~sPQBEIJpsDFAewzU1Tp3WFTfrc0uW45hA5n8p59NgPvHRUkbanRvk~~QA8_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=BitZipper51TrialSetupEn.exe

http://gsf-cf.softonic.com/ac9/88f/.../file?SD_used=0&channel=WEB&fdh=no&id_file=18864&instance=softonic_es&type=PROGRAM&Expires=1477276297&Signature=VkRaB00YhyO-7PvpD6H5WDjmvs77-y3EzNLZ3-1mWnt63D859MFRBp6dByN2AaJPoubCPiQiy8Sox-TO9vIykuUqG3wtxSUl04ISTVI1VZy~E3Jd-T5NC86QICz2yrlJ56aHal6K-X2SnGKfIafVaJa5-aiJIC34JCw99bEVA0Y_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=BitZipper51TrialSetupEn.exe

http://gsf-cf.softonic.com/ac9/88f/.../file?SD_used=0&channel=WEB&fdh=no&id_file=18864&instance=softonic_en&type=PROGRAM&Expires=1483139497&Signature=Ul8prKUs4Cfaz-CzrPr3AyaaRnPebXimDb8KHF316fNd6zuCIzrHA4~InFVuYYnwGQBJNvplKnYCIWo6IbeCI-7~69mf8etxgo1pmwi2-CXukP-0qVbY-qqYepA72vtj~xE9kHsWso4J-s1TcMfZzD0xnObLKcQSBhDm5-uw4KA_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=BitZipper51TrialSetupEn.exe

http://gsf-cf.softonic.com/ac9/88f/.../file?SD_used=0&channel=WEB&fdh=no&id_file=18864&instance=softonic_en&type=PROGRAM&Expires=1482767095&Signature=UxCMR31ax7MG5PYagIVLCwi739Bgy76OWD1jySqfwLasRqfkhf8ZXe3T0j5R2zk50T9gqPQium9kmVcjw~bXl2pkoYobikT8xevzLqabLbdQF4rnADULNTM3INrFtkso6HAOz2FHvu1Ams09yBViU0Fu1GYb2N9hY74Wu8JM0lI_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=BitZipper51TrialSetupEn.exe

http://gsf-cf.softonic.com/ac9/88f/.../file?SD_used=0&channel=WEB&fdh=no&id_file=18864&instance=softonic_en&type=PROGRAM&Expires=1472602805&Signature=fgjk60360uqBWMNVPVHN8wvWQOvJktGA5-ckplQ3Jmj0h1Sy52j09cNn71ANvhZ8T7DvTH3GNniZf7TOV0sskKfYxDPiu13gLp3ttO3Uzw8PgQB3dOBJA5mSB0klJ~OC5b~3YRM2bvkqcKOv0rB2ZoCuZ5Y384La9OvFwyWvU2w_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=BitZipper51TrialSetupEn.exe

http://gsf-cf.softonic.com/ac9/88f/.../file?SD_used=0&channel=WEB&fdh=no&id_file=18864&instance=softonic_en&type=PROGRAM&Expires=1476473782&Signature=YOpNayqPWQ6qgMkdvvoVBgoZ3uxWduU2dE1Zi77iEPj0D7dIhn~actKt6gygMUD9efvhvYAo-C~6Zjg73QJUbrlPHY-M-dkGdd~zDXoDn~Tkma9RVcCxkQ3M0Hur-04WLcRc3XtcvrBzwdSJ1H3VE0HKtbENrAWQg45gS-WhF6Y_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=BitZipper51TrialSetupEn.exe

http://gsf-cf.softonic.com/ac9/88f/.../file?SD_used=0&channel=WEB&fdh=no&id_file=18864&instance=softonic_en&type=PROGRAM&Expires=1475866737&Signature=D79li5q3EsLSTz7BGaCJBKC~O8utfElij91itesRrvYw8afyqM7VkyiCQhnPY73G66sSx3KeFTR7vjPlXHHpEjOUG67pMY49YRDI8uCWeaRTVBWxFLN1oXhGMYiaxBywDjfpLgMLJmAi-58QUzYRttelipTQJvrYImPdPdhCYsA_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=BitZipper51TrialSetupEn.exe

http://gsf-cf.softonic.com/ac9/88f/.../file?SD_used=0&channel=WEB&fdh=no&id_file=18864&instance=softonic_es&type=PROGRAM&Expires=1476473554&Signature=bvsbaQTBlROeS6LhJ3PMJjUYMzcWYFHZMu5GSQI4X9tsEbUhTmTMN~zrIMV-3UXhfoVvc7NAtNU55QcMehM7ugMNRFSSzKHGRyewEhBmw8BLGsu7XndRy3159ELPIlb2YGeE~xzSjtZgUIp6nnLlCSbr8qAcDn4Kjheny7f-yVo_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=BitZipper51TrialSetupEn.exe

http://gsf-cf.softonic.com/ac9/88f/.../file?SD_used=0&channel=WEB&fdh=no&id_file=18864&instance=softonic_en&type=PROGRAM&Expires=1465190845&Signature=iVnyQwdQ9wvsWE0GWUJMesJVOxKNpCT32Sb~ZLa8yCSGStD2xl5kUZ4SQyz9LcMbS~8h1jED6Q9DmhxoPthKxhooZmSjBRiL6VTdf6vuDogN~tYxRy-FcjXhDd94UsZYsvqmiS638uj-aAuow1o76IKGlrFSHts0U~41rwUFcJo_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=BitZipper51TrialSetupEn.exe

http://gsf-cf.softonic.com/ac9/88f/.../file?SD_used=0&channel=WEB&fdh=no&id_file=18864&instance=softonic_es&type=PROGRAM&Expires=1449847637&Signature=Cpho8vX0ZItOSPaCLCJ3TfMC4MH~96VKrlUNjV2BdZF60szLPW32ZCynqgEHc2AfC3JcEhBEhqNc2t6Wfbk5tf7thc3gEB1LpB9grTXnit8lnoTqGZDF6UfsXcvDYf-Fh~gS0aTq8gwK8rful1B9tnwrai5c~YbG~B4lWtDX1aY_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=BitZipper51TrialSetupEn.exe

http://gsf-cf.softonic.com/ac9/88f/.../file?SD_used=0&channel=WEB&fdh=no&id_file=18864&instance=softonic_es&type=PROGRAM&Expires=1436669753&Signature=O0JKqxoNHCPidsmaGf~t2XXcow6UuJ3Zxy3Ley94ifr4DLW9SM9-FF73mR~xe9WswriAkPmNXtJH27j9vSTomFLNnPIaUQq07xZg3Ofp89srnEedFlg07w0aPSmztFVxKqMPMlw33c0IFb~PgkPaZF0GToLmowRAg3rpWp5Qa3E_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=BitZipper51TrialSetupEn.exe

Remove bitzipper51trialsetupen.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.