home

WinzipMalwareProtector.exe

WinZip Malware Protector

WinZip Computing LLC

Publisher:
Nico Mak Computing  (signed by WinZip Computing LLC)

Product:
WinZip Malware Protector

Version:
2.1.1000.15248

MD5:
a8cbb4373da10e59e06560e26be82e4d

SHA-1:
49e897e289d8c213e9b237f0c0c0cb53ab6ebb43

SHA-256:
de45496e01027e289e48782f32d44b6068bc4e02168b35b88e14dfbf61bc06ea

Scanner detections:
4 / 68

Status:
Clean  (4 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
4/18/2024 1:04:49 PM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
W32.Clodc46.Trojan
1.3.0.4613

ESET NOD32
MSIL/AdvancedSystemProtector (variant)
10.9160

McAfee
Artemis!1BE78DA8AF38
5600.6492

Trend Micro House Call
TROJ_GEN.F47V1004
7.2.42

File size:
6.5 MB (6,789,320 bytes)

Product version:
2.1.1000.15248

Copyright:
Copyright © 2013 Systweak Inc. All rights reserved.

Original file name:
WinzipMalwareProtector.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\winzip malware protector\winzipmalwareprotector.exe

Digital Signature
Signed by:
WinZip Computing LLC

Authority:
GlobalSign nv-sa

Valid from:
7/9/2013 11:49:58 AM

Valid to:
7/10/2015 11:49:58 AM

Subject:
E=help@winzip.com, CN=WinZip Computing LLC, O=WinZip Computing LLC, L=Storrs Mansfield, S=CT, C=US

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
112144096D1CB7E1128D086CAB8DEEAB88F2

File PE Metadata
Compilation timestamp:
4/17/2015 2:40:27 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
49152:h9HoJehzMMmj3eDQ/r14Rd7hvjRQKEw7Vqqx0BnLx9:zo4hgM3Q/rq7Tx0BnLx9

Entry address:
0x6712DE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.0212

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
6.4 MB (6,747,136 bytes)

Scan WinzipMalwareProtector.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.