home

partnership.zip.exe

ucc22

The application partnership.zip.exe by ucc22 has been detected as a potentially unwanted program by 11 anti-malware scanners.
Publisher:
ucc22  (signed and verified)

MD5:
898713896a60106d42a24b5e018f264b

SHA-1:
fb5c2458de0e241d263255744603a967331efae9

SHA-256:
c8951b083b0e460714033d360c0504202a8e44fe97c768d40306de137c8a7618

Scanner detections:
11 / 68

Status:
Potentially unwanted

Analysis date:
4/19/2024 2:50:05 PM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
SPR/Tool.1362810
7.11.102.58

avast!
Win32:Adware-ADP [PUP]
2014.9-160511

AVG
Generic5
2017.0.2746

Bitdefender
Application.Generic.470436
1.0.20.660

Comodo Security
ApplicUnwnt
16927

ESET NOD32
Win32/Adware.Kraddare.FY (variant)
10.8793

G Data
Application.Generic.470436
16.5.22

IKARUS anti.virus
Win32.SuspectCrc
t3scan.2.0.127

Panda Antivirus
Suspicious file
16.05.11.09

Trend Micro House Call
TROJ_GEN.RCBH1AH
7.2.132

VIPRE Antivirus
Trojan.Win32.Generic
21412

File size:
1.3 MB (1,362,808 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\partnership.zip.exe

Digital Signature
Signed by:
ucc22

Authority:
Thawte, Inc.

Valid from:
6/13/2012 9:00:00 AM

Valid to:
6/14/2013 8:59:59 AM

Subject:
CN=ucc22, OU=Management, O=ucc22, L=Yongin-si, S=Gyeonggi-do, C=KR

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
14BA1A66053A94827BDF1F62C79FBDCD

File PE Metadata
Compilation timestamp:
6/20/1992 7:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:WaweXdpc+qrMwUtWwaFJymx4FyPsQVpXStquB14C9rYRH6oC8y:WAQMwoCXScub4uURHy8y

Entry address:
0x114E08

Entry point:
55, 8B, EC, 83, C4, F0, B8, E8, 46, 51, 00, E8, AC, 1D, EF, FF, 33, C0, 55, 68, 64, 4E, 51, 00, 64, FF, 30, 64, 89, 20, A1, 0C, DB, 51, 00, 8B, 00, E8, 06, 33, FB, FF, 8B, 0D, 20, DD, 51, 00, A1, 0C, DB, 51, 00, 8B, 00, 8B, 15, 5C, F6, 50, 00, E8, 06, 33, FB, FF, A1, 0C, DB, 51, 00, 8B, 00, E8, 7A, 33, FB, FF, 33, C0, 5A, 59, 59, 64, 89, 10, 68, 6B, 4E, 51, 00, C3, E9, 53, F2, EE, FF, EB, F8, E8, 38, F8, EE, FF, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.6737

Developed / compiled with:
Microsoft Visual C++

Code size:
1.1 MB (1,130,496 bytes)

Remove partnership.zip.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.