home

en_live_mail_backup_2012_x86_trial_cnr.exe

zebNet Portable Applications

zebNet Ltd

This is a setup program which is used to install the application. The file has been seen being downloaded from dl.cdn.chip.eu.
Publisher:
zebNet Ltd  (signed and verified)

Product:
zebNet Portable Applications

Description:
zebNet Click and Run

Version:
1.4.1.2100

MD5:
c996946a0ad97f54f220d5cdf7e12986

SHA-1:
2e8c220c26eb528f488a477e35984ec67b3c54f1

SHA-256:
7c90466c524d6c51fcf0347ff19b0a47db31310134d6dd5a51a8fd57b33e1ae4

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

False Positives:
A number of engines detected this file but were erroneous detections (false positives).

Analysis date:
4/26/2024 1:29:14 PM UTC  (today)

File size:
1.3 MB (1,324,216 bytes)

Product version:
1.4.1.2100

Copyright:
Copyright © 2011 zebNet Ltd

Original file name:
trial.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\en_live_mail_backup_2012_x86_trial_cnr.exe

Digital Signature
Signed by:
zebNet Ltd

Authority:
GlobalSign nv-sa

Valid from:
6/1/2011 8:04:48 PM

Valid to:
6/1/2012 7:27:26 PM

Subject:
E=info@zebnet.co.uk, CN=zebNet Ltd, O=zebNet Ltd, L=Birmingham, S=Yardley, C=GB

Issuer:
CN=GlobalSign ObjectSign CA, OU=ObjectSign CA, O=GlobalSign nv-sa, C=BE

Serial number:
010000000001304C8C5921

File PE Metadata
Compilation timestamp:
4/28/2011 1:38:20 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
24576:tTOpNHZSN6aezgl2XJaXihKQ5y3+F/XxAkN02+uLnR:V9dezglAaXiE9OFvxl4e

Entry address:
0x121CF

Entry point:
55, 8B, EC, 6A, FF, 68, 28, 4C, 41, 00, 68, 60, 23, 41, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 68, 53, 56, 57, 89, 65, E8, 33, DB, 89, 5D, FC, 6A, 02, FF, 15, A0, 31, 41, 00, 59, 83, 0D, 24, 99, 41, 00, FF, 83, 0D, 28, 99, 41, 00, FF, FF, 15, A4, 31, 41, 00, 8B, 0D, 1C, 79, 41, 00, 89, 08, FF, 15, A8, 31, 41, 00, 8B, 0D, 18, 79, 41, 00, 89, 08, A1, AC, 31, 41, 00, 8B, 00, A3, 20, 99, 41, 00, E8, 1D, 01, 00, 00, 39, 1D, 10, 77, 41, 00, 75, 0C, 68, 58, 23, 41, 00, FF, 15, B0, 31...
 
[+]

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
70 KB (71,680 bytes)

The file en_live_mail_backup_2012_x86_trial_cnr.exe has been seen being distributed by the following URL.

http://dl.cdn.chip.eu/downloads/.../en_live_mail_backup_2012_x86_trial_cnr.exe

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.