home

mzdclient.exe

MZDCLIENT

Changsha Spring Culture Communications Ltd.

The application mzdclient.exe, “MZDCLIENT—(2013.08.03)” by Changsha Spring Culture Communications has been detected as a potentially unwanted program by 28 anti-malware scanners.
Publisher:
HNSPRING  (signed by Changsha Spring Culture Communications Ltd.)

Product:
MZDCLIENT

Description:
MZDCLIENT—(2013.08.03)

Version:
1.0.0.1

MD5:
ba875bbf09dee95ada4d913b954b91f8

SHA-1:
dd085c1017122e44f812eab436760412460301a0

SHA-256:
dcddf8c819d8344e76bb15877a49f2e79eca9534ffd4264c6c652a2046b3eadb

Scanner detections:
28 / 68

Status:
Potentially unwanted

Analysis date:
4/19/2024 6:45:19 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.GenericKD.2816893
12

AegisLab AV Signature
Troj.W32.Generic!c
2.1.4+

AhnLab V3 Security
Trojan/Win32.Agent
2016.04.21

Avira AntiVirus
TR/Agent.1692040
8.3.3.4

Arcabit
Trojan.Generic.D2AFB7D
1.0.0.672

avast!
Win32:GenMaliciousA-ACB [Trj]
2014.9-170123

Bitdefender
Trojan.GenericKD.2816893
1.0.20.115

Comodo Security
UnclassifiedMalware
24842

Dr.Web
Trojan.Hosts.32797
9.0.1.023

Emsisoft Anti-Malware
Trojan.GenericKD.2816893
8.17.01.23.08

ESET NOD32
Win32/Agent.RKD (variant)
11.13365

Fortinet FortiGate
W32/Generic.RKD!tr
1/23/2017

F-Secure
Trojan.GenericKD.2816893
11.2017-23-01_2

G Data
Trojan.GenericKD.2816893
17.1.25

IKARUS anti.virus
AdWare.BHO
t3scan.2.0.9.0

K7 AntiVirus
Trojan
13.222.19366

Kaspersky
HEUR:Trojan.Win32.Generic
14.0.0.-1057

McAfee
Artemis!BA875BBF09DE
5600.6146

MicroWorld eScan
Trojan.GenericKD.2816893
18.0.0.69

NANO AntiVirus
Trojan.Win32.Hosts.djovsi
1.0.30.8000

nProtect
Trojan.GenericKD.2816893
16.04.20.01

Panda Antivirus
Generic Suspicious
17.01.23.08

Quick Heal
(Suspicious) - DNAScan
1.17.14.00

Rising Antivirus
PE:Malware.Generic(Thunder)!1.A1C4 [F]
23.00.65.17121

Sophos
Mal/FakeAV-OP
4.98

Trend Micro
TROJ_GEN.R011C0OJL15
10.465.23

VIPRE Antivirus
Trojan.Win32.Generic
48778

Zillya! Antivirus
Trojan.FakeAV.Win32.301751
2.0.0.2799

File size:
1.6 MB (1,692,040 bytes)

Product version:
1.0.0.1

Copyright:
Copyright (C) HNSPRING

Original file name:
ClientManage.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\windows\syswow64\mzdclient.exe

Digital Signature
Signed by:
Changsha Spring Culture Communications Ltd.

Authority:
VeriSign, Inc.

Valid from:
8/1/2012 8:00:00 AM

Valid to:
11/1/2015 7:59:59 AM

Subject:
CN=Changsha Spring Culture Communications Ltd., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Changsha Spring Culture Communications Ltd., L=Changsha, S=Hunan, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
55ECCB2274BCF4877B864F67ED1D1B49

File PE Metadata
Compilation timestamp:
8/3/2013 5:30:57 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

Entry address:
0x4D4000

Entry point:
60, BE, 00, B0, 73, 00, 8D, BE, 00, 60, CC, FF, 57, 83, CD, FF, EB, 10, 90, 90, 90, 90, 90, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, 0B, 75, 28, 8B, 1E, 83, EE, FC, 11, DB, 72, 1F, 48, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, EB, D4, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, EB, 52, 31, C9, 83, E8, 03, 72, 11, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 75, D1, F8, 89...
 
[+]

Entropy:
7.9327

Packer / compiler:
UPX 2.90LZMA

Code size:
1.6 MB (1,679,360 bytes)

Remove mzdclient.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.