home

webzip71_setup.exe

WebZIP

Spidersoft

This is a setup and installation application. The file has been seen being downloaded from www.traidnt.net and multiple other hosts.
Publisher:
Spidersoft

Product:
WebZIP

Description:
WebZIP Setup Application

Version:
7.1.2.52

MD5:
1cbef3ae114cd2fdb881b979b0fab680

SHA-1:
86d764bb8ae31ef62bf5e515e0b7315e74ab4e69

SHA-256:
a245a70b88990652576aaf25a18e0fe2a5a4453caa8d9358abe421e01eae9a8f

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/19/2024 12:57:02 AM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
HW32.CDB
1.3.0.4613

File size:
1.4 MB (1,430,703 bytes)

Product version:
7.1.2.1052

File type:
Executable application (Win32 EXE)

Language:
German (Germany)

Common path:
C:\users\{user}\downloads\webzip71_setup.exe

File PE Metadata
Compilation timestamp:
6/19/1992 11:22:17 PM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:cM6Mf9mqFFsI2XMUZfRfpJKbdKNrmMlB5q98dUtVLI2qUi/oDorHmptrb4m9AMTN:ZlmqFFr2cUZRKQNjvY2UrLIToDmHmpp/

Entry address:
0x63042

Entry point:
B8, 00, 30, 46, 00, 68, 58, 06, 42, 00, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 66, 9C, 60, 50, 68, 00, 00, 40, 00, 8B, 3C, 24, 8B, 30, 66, 81, C7, 80, 07, 8D, 74, 06, 08, 89, 38, 8B, 5E, 10, 50, 56, 6A, 02, 68, 80, 08, 00, 00, 57, 6A, 24, 6A, 06, 56, 6A, 04, 68, 80, 08, 00, 00, 57, FF, D3, 83, EE, 08, 59, F3, A5, 59, 66, 83, C7, 68, 81, C6, 34, 01, 00, 00, F3, A5, FF, D3, 58, 8D, 90, B8, 01, 00, 00, 8B, 0A, 0F, BA, F1, 1F, 73, 16, 8B, 04, 24, FD, 8B, F0, 8B, F8, 03, 72, 04, 03, 7A, 08, F3...
 
[+]

Packer / compiler:
Petite 2.2

Code size:
118.5 KB (121,344 bytes)

The file webzip71_setup.exe has been seen being distributed by the following 8 URLs.

http://www.traidnt.net/vb/safety_link.php?url=http://www.spidersoft.com/.../webzip71_setup.exe

http://cdn.portalprogramas-download.com/d/.../WebZIP

http://webzip.en.softonic.com/download-tracker?th=1/6CH9aeXedl4L8u BHNJXWTW LP1LFlnGQpxqjlxAPm/eURI0r2 Z1Ex4HTkguiuZyHJud643DM7EmpZq9imToA0z9tH3e6uPiw5y5Vr1EJ9MEJoj/.../s=

http://gsf-cf.softonic.com/86d/764/.../file?SD_used=0&channel=WEB&fdh=no&id_file=4872&instance=softonic_fr&type=PROGRAM&Expires=1432960765&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=Y4okdTksNztIMJ9xoI~mdF4zaC1-pkiuQH0MLtBRgXcOgLfxvNSwyUlj4r4CP53XOZu2EIf3hEY5nbFvv9kL7wtgTqi-b10~ibKi6z1nX6unkTRkuPXi6zf8ribGz5z~l4vhzAJKyKOEkHXTmMJLGIhMxTK4MLIpqlApij8797g_&filename=webzip71_setup.exe

http://gsf-cf.softonic.com/86d/764/.../file?SD_used=0&channel=WEB&fdh=no&id_file=4872&instance=softonic_es&type=PROGRAM&Expires=1432740919&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=i1R4ZEe61KuEsTMcjvFCzqalgkq9ZoOphd-EKKM03FUheTkXvVBi2PE1WAj5cZQdTSJk2IKg6YKk9ThniaJj8abmHntXkKYhaIYD3~ZB8i3sJu7M7ZVTsvuwAj9sBMXsYkXJVnCqKk~sCPz3gBb3Z38EGVjsXtC4Q6tHsJs5TBI_&filename=webzip71_setup.exe

http://webzip.fr.softonic.com/download-tracker?th=1/6CH9aeXedl4L8u BHNJXWTW LP1LFlnGQpxqjlxAPm/eURI0r2 Z1Ex4HTkguiuZyHJud643DM7EmpZq9imToA0z9tH3e6uPiw5y5Vr1EJ9MEJoj/.../s=

http://soft.mydiv.net/win/dlfile993a2_238479/.../webzip71_setup.exe

http://www.spidersoft.com/.../webzip71_setup.exe

Scan webzip71_setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.