» ryu+ga+gotoku+of+the+end_10924_i85425690_il345.exe
Overview
Analysis
File Details

ryu+ga+gotoku+of+the+end_10924_i85425690_il345.exe

WinZip

KASHTAN OOO

The executable ryu+ga+gotoku+of+the+end_10924_i85425690_il345.exe has been detected as malware by 1 anti-virus scanner. This is a setup and installation application and has been known to bundle potentially unwanted software.

File name:

Publisher:

WinZip Computing, S.L. (signed by KASHTAN OOO)

Product:

WinZip

Description:

WinZip Installer

Version:

1.0.28.1

MD5:

c710c4be5fe1701d584a9e86d78449d8

SHA-1:

2bc77a5beb248c0eb1c60aaa672921dd4316b781

SHA-256:

dcc7642df6221b766c855866b6443a973b853ab02bc8baafb6445aa0f187cbdf

Scanner detections:

1 / 68

Status:

Malware

Analysis date:

5/14/2024 11:46:14 PM UTC (a few moments ago)

Scan engine

Detection

Engine version

Reason Heuristics

PUP (M)

17.3.11.23

File size:

3.3 MB (3,465,104 bytes)

Product version:

1.0.28.1

WinZip Computing

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\programs\ryu+ga+gotoku+of+the+end_10924_i85425690_il345.exe

Digital Signature

Signed by:

KASHTAN OOO

Authority:

Thawte, Inc.

Valid from:

7/5/2015 5:00:00 AM

Valid to:

5/22/2016 4:59:59 AM

Subject:

CN=KASHTAN OOO, O=KASHTAN OOO, L=Naberezhnye Chelny, S=Tatarstan republic, C=RU

Issuer:

CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:

468BE39F7FCABE2D4D2D070862DD916B

File PE Metadata

Compilation timestamp:

11/16/2015 1:32:48 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

12.0

Entry address:

0x3458B8

Entry point:

68, 47, 16, 26, 6C, E8, E8, 98, FD, FF, 98, DA, 0A, BA, 9E, 87, B7, F3, 53, 14, B1, A0, 03, CB, D2, CB, 0F, BD, DC, F9, 8B, 5D, F4, 84, D5, 0F, B7, 0C, 4B, 66, 3B, EF, 66, 85, ED, 89, 4D, F0, 81, FA, 00, 00, 00, 01, E9, A8, 75, FF, FF, 7C, 3B, 16, 65, E2, 5E, 63, EE, 9A, CC, 41, 50, EF, 9A, A4, 4B, F7, EF, 9A, 36, 7C, 53, 16, 65, 7C, EB, F0, 10, 65, 2E, 51, 55, E9, 9A, 3D, F6, 2A, EF, 9A, FB, E5, B8, EF, 9A, D7, C2, DC, 6C, BA, E1, 64, 65, 01, 2C, 50, 43, EA, F7, 12, 65, 85, 84, 37, 10, 65, 33, E9, CB, E8... 
[+]

Entropy:

7.5826

Code size:

2.9 MB (3,012,608 bytes)

Remove ryu+ga+gotoku+of+the+end_10924_i85425690_il345.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.