home

kuaizip_setup_multi.exe

Kuaizip Compression software

Suzhou Shijie Software Co., LTD

The application kuaizip_setup_multi.exe by Suzhou Shijie Software Co. has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup and installation application and has been known to bundle potentially unwanted software. The file has been seen being downloaded from dw.uptodown.com and multiple other hosts.
Publisher:
Suzhou Shijie Software Co., LTD  (signed and verified)

Product:
Kuaizip Compression software

Description:
KuaiZip Setup

Version:
2.3.1

MD5:
5f7a338b720b7a6c1432c366b1b52177

SHA-1:
6416ea390830236950a764ede55160efd4d8ed39

SHA-256:
263e1f527f4474acc4ede958f673fcdde32df0a7a230d27ca1d0af08cd58d1ea

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
4/19/2024 4:20:12 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.KuaiZip (M)
16.9.21.21

File size:
4.2 MB (4,372,584 bytes)

Product version:
2.3.1

Copyright:
Shijie Suzhou Inc. Copyright 2010-2011

Original file name:
KuaiZip Setup

File type:
Executable application (Win32 EXE)

Language:
Chinese

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\kuaizip_setup_multi.exe

Digital Signature
Signed by:
Suzhou Shijie Software Co., LTD

Authority:
VeriSign, Inc.

Valid from:
4/15/2011 2:00:00 AM

Valid to:
4/15/2012 1:59:59 AM

Subject:
CN="Suzhou Shijie Software Co., LTD", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Suzhou Shijie Software Co., LTD", L=SuZhou, S=JiangSu, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
50A723C5B3EA71A90923EA0E5F2209FB

File PE Metadata
Compilation timestamp:
9/6/2011 5:13:56 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
98304:LTMk/dnfwBpOiVk8RMmGvhh5Ubs+/DhW:kk/xw5LRlGvhho/V

Entry address:
0x3F7F4

Entry point:
E8, 61, AA, 00, 00, E9, 79, FE, FF, FF, CC, CC, 68, 60, DC, 43, 00, 64, FF, 35, 00, 00, 00, 00, 8B, 44, 24, 10, 89, 6C, 24, 10, 8D, 6C, 24, 10, 2B, E0, 53, 56, 57, A1, FC, 86, 46, 00, 31, 45, FC, 33, C5, 50, 89, 65, E8, FF, 75, F8, 8B, 45, FC, C7, 45, FC, FE, FF, FF, FF, 89, 45, F8, 8D, 45, F0, 64, A3, 00, 00, 00, 00, C3, 8B, 4D, F0, 64, 89, 0D, 00, 00, 00, 00, 59, 5F, 5F, 5E, 5B, 8B, E5, 5D, 51, C3, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B, 64, 24, 0C, 53, 56, 57, 89, 28, 8B, E8, A1, FC, 86, 46...
 
[+]

Code size:
341.5 KB (349,696 bytes)

The file kuaizip_setup_multi.exe has been seen being distributed by the following 29 URLs.

https://dw.uptodown.com/dwn/cEAnmje9hMKRASYCoBw1HcRDITbaU27Jyw1Lg2OS4C4wg_4JH4zVnrDJcbXayNmo6Fd84AwBpXQop_0tb7GtUZCbF1i5QQ_J8vAk7fqQnak1Zk4La_8UBW_mb1xlHmPR/0fjwxpZ77Ff4gxxmxALws3mFzO_Y815voLpi9M5E8d6Fwsp5s_NKRM1RYHEr2is9DgnaCBxv4gW2S5JGZyO5hqIbgHxKIUyIW3vmfOyt_lZFHXu4x4VYDS5acMAUEaqF/HatPaY3zbVfPQA8zZRvNeRJrSOgBihCNjRTs3ezSyeP-Qlg--xdIApfcBrIop8HkrM9uO8x8WDuCDlPVUN0qTsdl_f8qLh-sxs8CTZ2Ap6Avooa7R9xBO0VEGumOugjU/.../

https://dw.uptodown.com/dwn/GPxJW7wA5OVjxYFsY5p1b9R0O5GlKVgGDAKW0EyCLW2YyJ8YIl256z5iMFgn7KwDxvCKyAg0-hehpiZP_7S6koqbOto8Am6ipO8t6XRV8wxq6fRD-cYsiYnbqPvySvIV/3quwzhvxS4y4ZifnFFVflLMetyqkDVRsTacH5RmhmBQETvTegTBMR5qyO0xOqhg6gY_64pK0pEbNLo-OfRz3Qx3XRiE2NVMO3gg-3L5fYU__E1BMPzrBF5Pta8pDLOqm/zzOdTqSa0s04g_0ppu2aUe79DkVJsOwTwdqgCtLolbdOe1NBq8nPKteqMsPZ1710O-Ip8_MqhTiW7gQZ3S1ZbeSZ-BEE1q0b6pUbvlnpKn25kcmN_Z87mPRfNDiua3TH/.../

http://www.freewarefiles.com/downloads_counter.php?programid=71251

https://dw.uptodown.com/dwn/8j7YvmLbrGptHRt04g_3iuYqaEyXJ_paXKmawKxwgPJoQOqwreBAYyiAae43iP5OlniOiClHE9hVDjxB7e6_0ecEdeQPhe1jSJXQkPHH9gZaobj0qomRl_GAROGZNdvI/B_c_AMsPfD8BZu3MKaf5jW0Sn2RzVBlEVHhkGyzGMKudHxRMaDu-7eOLXMpmmCQXYDEwFCMlKxL6uzZwNtB_9ziCsCdr22tdTUlzg7kkxVKQuqMbvJ6V166oYT9MHugj/HZMj8JYuI-2H9QUybKmyE2cHGf--SzRV3NegQSZwHUKhnwQWbRc_geG2icKgV_KUHH4PttFvr_gtZu2ceHUpGVNKDKj48MWg4r6u-la361tHxpMWe-sdV5X0atni5CNd/.../

https://dw.uptodown.com/dwn/DayaBrtfsvd_i5aXkjwoP4ifPbDR0419gIULxI_UDwxOZpcYCAALJ_AuoE3xX_0GyDGxzNFfkYt7eJPLZr3LL2_Vnu3k7m68wB42AUg5rCiJ9awkRacOLswBZBz8CGAI/kOCvYsqdcF-ex9G9qf4N9ol0Bb5QhTSL_W_wiX3xrs7yPaSgRlhDy6A3qev5b6GjNTDDz_nfDuJKpr2hbuws7ezwRkMY_er0xFWnVH5DUl64F238dPT1Z_egAD5XQ67w/vGMXV8pjEHN-fMPO1G3fntmR4GeDSf3wYqqx8oPi-816wpiy4kf46OrVguZc4vVK3zizrpdmBlf5nxRJl9KNKXG_vtoFT_k6FRkc1zEoBNJLXVCexH1aLK6RXh7ZvKxt/.../

http://gsf-cf.softonic.com/641/6ea/.../file?SD_used=0&channel=WEB&fdh=no&id_file=334361&instance=softonic_es&type=PROGRAM&Expires=1475564806&Signature=irN3xvT~lNtbTZ6gOiinNZm~2XpQAOcKh9QVmMlOO0OL3GjW1kkxglVH1frYhOr2YL5nWUTo3Ja-Ce3gn7fECj0kRXGr7M-oigYtcbO4KqvzgcEZqhJgwQtxiw3SSYrK49tPtWNocFSp~ldpIIurz5tEoInJzuQKj5g7G7lBsLg_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=KuaiZip_setup_multi.exe

https://dw.uptodown.com/dwn/_oEnnLgXqRu3DJQ4aNCrVefVFrsmR-n7O2ERomrcfg7JhIapHH-PZcSC85X6pXPedEGPxB_UKyoB5XWydfZ_CBiTk6Ds2zHXwgxUdTBKBtoYAykbdNLZtsA03uJ7vguH/VEFiQGiXbGa7aAi-7jRX0diBj18C33KNkjCfj7D6HtC4VDyyOXfhmRmyGrKOVJSRtsaVFUzc-zzboTU_UYRwFBhnsoV5HxgF7tRXN3rKDarEWzvi5JzisJkMPisrQvhK/gBjLEzlxzpqD9b_5txRkiiYh8z8fBn_yXJB9-WcLD1_eK8hcmU1YiwVhOsr_sL0oKg3wHMJM3_cKueinHRMlD0DgGI_M0FKYuvfj-IlmaKO-YN2hm6ykWc5Ham4TDLN-/.../

http://gsf-cf.softonic.com/641/6ea/.../file?SD_used=0&channel=WEB&fdh=no&id_file=334361&instance=softonic_es&type=PROGRAM&Expires=1449562348&Signature=Tyzf7yLB-ow-aOI1b6ABVmt5zv~zy3gCCSVuWIYM~IRGyXudGWwUT96J7HzKqX~HItAUikhOkp4A62qUvfb3kZ1lq7KiLc5qFuYedo87CTiiJ72Z17VZt~jaQI4NdEqYbMAjXVo1XtJyIFbMBaMay5v06EgCl64uw2sJIUjwzM8_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=KuaiZip_setup_multi.exe

http://gsf-cf.softonic.com/641/6ea/.../file?SD_used=0&channel=WEB&fdh=no&id_file=334361&instance=softonic_es&type=PROGRAM&Expires=1460101567&Signature=aYqvN4ACbObYqx3MW7G1lF7V0V758sS~Y0g1bYF5F-tSQMkhQWjGJqkHE8pniMKj34Xqm3rz2jLdMXPPFbmQsP6afibs2MvQj~-QAiboAjLw-4siBRlnP1LUOugKqLj-7fWy1T5y6SGo82xuM2pJvZ8aramnzI1AlCtH9CsBNEg_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=KuaiZip_setup_multi.exe

https://dw.uptodown.com/dwn/UhUEZWPf7VbyCxstXA5EOync_PJ3Vy9SfPKVR80XmwODXu9U9LZXez4TjtTLISMB56dBnfzjlIwEwz_PcVMA_RBg122Uebcpr_Jmh8WfjZ0xs2K185POwHIa7_A2ZkYn/AYSB2dqw4HWyluYJUT71s1pdcpdoI1a_Yw4GV1ejLM-eD7ZPu3pN4c9YzFcG25sT1C3rHt6pToSvc7iv_6vnC2sIVaVkYsfT-wWXAWfwsTR_GMIxV012ZSJT5-e4XkM1/DwhSe0yPd4vULQ7uzWD3hN5sZ00xyCScLvI6JqvKowJpI68V91ug6lXHqDHSqGplv3zc6YszsmbuHHdS9w9zoE7cUoaxxnMgEv5y5Xx1-Z2owYlTxQ6BYCl9y9FoarwV/.../

http://gsf-cf.softonic.com/641/6ea/.../file?SD_used=0&channel=WEB&fdh=no&id_file=334361&instance=softonic_es&type=PROGRAM&Expires=1473939849&Signature=NXtxJwBo3hPOnCv2B64~Qf4wAJui2SsnWJ3Zxg4lUspCKvjJ0Hgy7Abtl9oG7xin2GJUQtKr0U1rJBSvMz88pVPL4aw5fh9Zf-iq~QyqGSbDcdlmtEchorlL4m5lxjuOBbY~Mhe2v0Lo8yvfbOqCymkCfBPiCqk3pNoJQyC9XvY_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=KuaiZip_setup_multi.exe

http://dw.uptodown.com/dwn/q2EZn8sNeoAc_JmW6LqVjqLFGqosZ-jtuhgTp8Zq-pHLU44UFw-HRqOP2fuhzVBH1OTgAfF6oiJTCvRjQjLPTPd73JrRXn2ZPiw941WENYQxKDQUpqKwE_07Nt6YRv_c/unsC9ZLfDKsOJZuy1DhXXLgQpiSbBnvVZAHsNEk1oYvGKYEZkhnxHyS4A8VVqKoLKM-IGYmBvVYooT1H6vS-fc3JnC4lg74fwzPfu_4wGgfY3HStGGF-lTiyza2xivJi/bXrNgPZ7nBYw0IFz-fdMqqO9gP_FXQHBLzEuCVQRqAGFnvz6cV9B37WQ9TC9-_UImQNTQ7BQiFdUFt4QC946D-8IUiBLyqn8h1UL6hcVp50BCICXiuXKarelZzsLcCeg/.../

http://gsf-cf.softonic.com/641/6ea/.../file?SD_used=0&channel=WEB&fdh=no&id_file=334361&instance=softonic_es&type=PROGRAM&Expires=1457536046&Signature=He43B23eSa1BNXY1V~6iVLvL~s-e8fhD58imrIIQxTIY7ek55U-jEmUqv1HPN~~KlUxouWnF58KsImrsI8lRrcbysxIfrV8HPvwnp69RfFbMIBmdaNyqe8aQSBmKhw9mYDR7sYHfEyrnMbs63-DIM-3tIv99SpOMR7gunH8nAnc_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=KuaiZip_setup_multi.exe

http://gsf-cf.softonic.com/641/6ea/.../file?SD_used=0&channel=WEB&fdh=no&id_file=334361&instance=softonic_es&type=PROGRAM&Expires=1437117312&Signature=hVXJuuuJ31qnYGV~nlMN1Np0yi65XuCc0aoMyDh4IvO4NdjWP1xaooioCYePBcypNXQMS3fZ~FYQ6o06NyzUgHYGMBzag-b3GAcgYSxC41COIPva2heWem2uKxpWw03ScOXrTQOvGiPticaz9v4a7zTB6WvvLrm7Fqj~ayRzyqM_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=KuaiZip_setup_multi.exe

http://dw.uptodown.com/dwn/ZEsefia5k6s3jVbPRXzMIQE_pq4LYvqur_gZEH6ntQPKV2U7etEQkL-l-c22Y4-V199mDAqCKuawW9kGXLQn-eAlgJmk9dqBmwJInpcmz0Wnl2OnJPOCaSMLFro8KLKM/M10sfQSBQwLPvNBokRLXH_9NOPsJl_1cXU9Lam9PgG8auC7Nr8x1zOZ5M7zUREguJmvhDbuyyUotTKq2oCDZkpmdnRmfMzFmU77PTnVOKpDz7sTt5J7Mh10ruexwcCIw/.../

http://dw.uptodown.com/dwn/hc2icpTvhMyKkHyekR4-bt4QCepWGrDL14CGsSoYTkzUYgQKA_FfkKCYKuRc9YTk-PV1P_i6rO4N7bQsOE_ASIXIaioO5yw1Q3vH3i_NFbYcdH2HUr4i3TV8cFtd5o1z/ydur4kZX-5UyMLFrN9sQKiig6jU5ixSpMsG729aLWwYDfURL5L_Y2piVtt0hjGIDhqDLc7ABjUMHBJogFvr6jRT-1gw6GabfaM5k8O6PpcHIGa9XqUlrSVuG-GOLl95i/.../

http://dw.uptodown.com/dwn/e6LYL3ENxkHxXNN0nOQG6AGCWNfj74AijCwRG8aqZ-Qn7pHioqE4Qc3V3mBieQO-nzHGXISl6_5Ty9GFeE4qeZHhOdGs0_2mbJLxYt1eEWq4bVIFYM1d8mY1qZwhEOzy/ptI_vsm4WtsMOAceBWnz37hBXz1YADguYwHuagrsAg6hDVVgo9wNeuRljimpnBsvUrQUsPBNqcmviT06HJEXVOVkSztO3uvN04QuCfi7HXExGqUVfruul-4aeTd_Hdoz/.../

http://dw1.uptodown.com/dwn/t0obp_459L97xcHrBFammUWrMEQtt8N40pLiAFXwwq33hfVnmT49WzLaUWvrhXPcMhNM2FVe8nqvY6rnTTZiVe3qPFTJY5JfFr7CxKF00AGFIL-8rpNcpx3Nvx83oW_R/BDQRnha6Q2sjzW9cMF_WU272fxR8BNf-RpyuMJBU5WVw1yLbzh_g5hVMYRQj1BK2mzaMpm_xoRukkov1zZNBv_1F-0kAlUc8C5R6BWhED_iEDhJZoheZZlPK4ttdRbmo/.../kuaizip-2-3-2-en-win.exe

http://dw.uptodown.com/dwn/PPr-OMKbxM5mqXkbPtsgHnV3NyBQpIym58NLbKf48Ukib9BGSwcX7yKfkbrMJL1qj1irKomEfoMa8k14VP8Yw5GIOuwiNEVY6mzH5h1eY7qWBn8Z4jCOYYv10VlSxuRR/MjIQpnsBo7vNiu_8HN-ESIKZ0lm6K94khWmMQML5hUrH1thIMRz1rLak_pIEZJ4IVrREAKct5hiDoSargRZyuVhBhjuSijFpMpOk5Wqy6aWV7oMn_UOamzNO4W_cSckx/.../

http://dw.uptodown.com/dwn/WTTnjtdRCicllmn-IuZ-kGh6m-TxG6MAfXpmwmojDAWflFDd-ox9lGU4B8hFX--NwDE5i4W4tejnjz-9JUDRPCRpQnjqdGUhzBNY8-2jXsbIs4U8q7Th_Ps32ORBnPuJ/UHvBK6j6O53mILIu5EwfTIoxbCMorSu44cPNAiv6xkBzz7KPxqVUeY50wN4dwZpA8U0f8wKngAIQ46e8zK2SqJTIUGXWyZODaXfiuD1cIzgQ6AIE-P7r8lXfznqHZVMA/.../

http://gsf-cf.softonic.com/641/6ea/.../file?SD_used=0&channel=WEB&fdh=no&id_file=334361&instance=softonic_es&type=PROGRAM&Expires=1465800628&Signature=DReIY8YyKbqnwG0raIRbslkfrBC7pXGzs8wOljcaklQz-NGwQmscR3YsPtdTDEK1GSqYU6h3pirmTStyNVOTSf~1x8snucCzmC2SCMrmZxU2iXR684WjsenszMsEPE6c0EB7vwPimzb3Mf~NOG1SK9gbj2ijREu-R5iaVzHsJ78_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=KuaiZip_setup_multi.exe

http://dw.uptodown.com/dwn/bt5tbirJZgbkOZ8oG-6t7HEhpq2L_8dp3Klk6cOtMHZxbBCQ0WzHglmNNU0xYmdAwFdbV7fskper-QN0CAcaP8WTgKhznc8Dp9KGOKpSu20eVOmG5YBgwGYr0elchDT5/vTUnrUkGfPZgYfHc1-hXPVQbr4ECaiydpMF_GZRzCaa3ra5sOsdbqUDUzDxAQcQ5yXg0xk2PrH9HDlEDUHbWDOLTJr753288JSZp42BRtjE5HfV6Ac7fb5nJ1duqXppc/.../

http://dw.uptodown.com/dwn/kwY8lLZ6BKGfqKywTG9cd4DZcZiydldugYJfqfxfbDfpVYBDXEAtEJiZgBKJPJ8lz8VH4R7CW49LY3SoTQyrXCi6PeKCcfgqXt5_hNhb810nULLJk5ijOZMa77mQw_hW/hAydHKi6OiYnMuOHZkDHpVxve9Qdu1P2R-mC1IuE3Hrmrf09P58aBT0AGbmhFpsr_8_4EmoR2ePv8knW3gaJUrgntq-ukr_hQuG_ORsK-hXlfd2DWB0l93rcS55HyQ6J/.../

http://gsf-cf.softonic.com/641/6ea/.../file?SD_used=0&channel=WEB&fdh=no&id_file=334361&instance=softonic_es&type=PROGRAM&Expires=1456886528&Signature=c9HctweFlWeo3d6hcRlCjlsk7HEINRvDFG14xvPZtqIsCwH1cmX5vXCn4ld3bOX0lZh2yStYoU920J5lUcihIRrpVbQo2uKSsNX2VLV1d41ztOWNpz9rAo7sReLEEYb7eJppTXVVBvCy-eelB1v6BVpc8KHNaRq5yrJSEt1cU1c_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=KuaiZip_setup_multi.exe

http://dw.uptodown.com/dwn/VOO-ibneJOSv8gAMlRyI20wZ3QIbfr9g925PvpgZjWjOfskuv75WixXMg4HHYk8fzNJ045f32VyofJxVrCuMicDGpjf8KJbhkn6sWisap24ZcBh4gpqV74IIxJPnj4wJ/eH3W-saY1EzqWX8mPS3EkENoae77zDaTgWwQEjDVBu0AddENUPcC5pFRKAdxDbWbRm3mmSQ9MHpMsDDvJX1HwpPnB8WQ1zCx2zIL3PVjotMDoAZz43GH8ub6113BiKH7/.../

http://download1078.mediafire.com/xbv3uhntsogg/.../KuaiZip_setup_multi.exe

http://gsf-cf.softonic.com/641/6ea/.../file?SD_used=0&channel=WEB&fdh=no&id_file=334361&instance=softonic_es&type=PROGRAM&Expires=1445049893&Signature=Efdr3ZOGz2x~TMNlCIb9ukiW-1ldofvu43hPosynACrKMp0CGO0~2nx9hexBx7LwdpU6Gch2QcYeQXh0-RIYhJetwd6b0lBYeea41YuZ4H4LrbK3OxiAASkn3TYCB-9v36iuSYS45RmZ6FHDkvMvDWCVfrRIdwa445qOZPTmK4k_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=KuaiZip_setup_multi.exe

http://files.downloadnow.com/s/software/.../21/71/.../KuaiZip_setup_multi.exe

http://www.kuaizip.com/en/.../KuaiZip_setup_multi.exe

Remove kuaizip_setup_multi.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.