home

winzipper.exe

The application winzipper.exe has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup program which is used to install the application. The file has been seen being downloaded from www.goplayer.cc.
MD5:
795bd4147806f00330739a3682955b4d

SHA-1:
5c79871e7baf114b0d8399f9164bff2f969fa00c

SHA-256:
0fbdc1edf9a6184ae92381d543dd755379bc594985dc5f425e7609af0cd01f72

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
4/26/2024 6:43:34 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.ELEX.WinZipper (M)
16.5.3.13

File size:
2.9 MB (3,092,144 bytes)

File type:
Executable application (Win64 EXE)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\winzipper.exe

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
49152:fQXcm2PNms9D6W8GM2QYPDoRtZVVVfX5spOO/VOEIg6JCEBUgNZ7ZUM4kux6/t7b:fQXcmam+BM2QADoJVVVfX5spOO/VJICy

Entry point:
03, D0, 58, 33, 17, 72, C6, 39, 9F, E1, F6, E5, 5A, 5D, 0E, 51, EC, 24, A7, DB, DC, A6, 27, C1, C1, 56, 27, 26, 7C, E6, 13, 1A, A5, 66, 74, 72, F8, 74, 30, AD, 85, B1, 95, AB, 4B, C6, 87, F9, 16, 01, 8B, E5, 98, 6B, D5, 3A, BA, 87, 4B, 60, 2D, 97, DA, 83, B7, 3E, E4, AB, E5, 01, 4C, 7E, 58, 71, 65, 58, 94, D7, 90, F2, EA, 54, AE, F9, D7, 7C, B2, BB, BC, 04, B3, 1C, D7, 18, 12, 29, 05, 6A, 1E, 1B, 87, 82, 9B, C6, 4B, B7, 7B, 71, E5, 2F, A3, 2B, 8E, 76, E8, A9, 73, F9, 2A, ED, E1, 47, 44, 89, 4A, 41, EE, 9B...
 
[+]

The file winzipper.exe has been seen being distributed by the following URL.

http://www.goplayer.cc/.../WinZipper.exe

Remove winzipper.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.