» WinZipper.exe
Overview
Analysis
File Details
Programs (1)

WinZipper.exe

WinZipper

Taiwan Shui Mu Chih Ching Technology Limited

The application WinZipper.exe, “WinZipper application” by Taiwan Shui Mu Chih Ching Technology Limited has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. This file is typically installed with the program WinZipper by Taiwan Shui Mu Chih Ching Technology Limited. which is a potentially unwanted software program.

File name:

WinZipper.exe

Publisher:

Taiwan Shui Mu Chih Ching Technology Limited. (signed by Taiwan Shui Mu Chih Ching Technology Limited)

Product:

WinZipper

Description:

WinZipper application

Version:

1.3.11.7571

MD5:

d963a0e793d9f4f3b00cc3383591163d

SHA-1:

af70c082913f4a67732875be8c5503d0deb94ca2

Scanner detections:

1 / 68

Status:

Adware

Note:

Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:

5/5/2024 2:06:48 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.Thinknice (M)

16.10.2.6

File size:

472.7 KB (484,008 bytes)

Product version:

1.3.11.7571

Original file name:

WinZipper.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\winzipper\winzipper.exe

Digital Signature

Signed by:

Taiwan Shui Mu Chih Ching Technology Limited

Authority:

GlobalSign nv-sa

Valid from:

3/13/2013 12:45:13 PM

Valid to:

3/14/2014 12:45:13 PM

Subject:

CN=Taiwan Shui Mu Chih Ching Technology Limited, O=Taiwan Shui Mu Chih Ching Technology Limited, L=新北, S=台湾, C=TW

Issuer:

CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:

1121243D90C81CD8FEC70E99813154FB6459

File PE Metadata

Compilation timestamp:

6/8/2013 10:36:46 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

12288:PfvPwe+faGljoLschp9WiwqA8WYI3dmoILQle8EvI:H3wZfaGtoLmEw

Entry address:

0x47274

Entry point:

E8, 2A, 04, 00, 00, E9, 6B, FD, FF, FF, FF, 25, 2C, F2, 44, 00, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 8B, FF, 55, 8B, EC, FF, 75, 14, FF, 75, 10, FF, 75, 0C, FF, 75, 08, 68, 51, 6D, 44, 00, 68, 38, 60, 46, 00, E8, 8E, 04, 00, 00, 83, C4, 18, 5D, C3, CC, FF, 25, 28, F2, 44, 00, CC, CC, CC, CC, 51, 8D, 4C, 24, 08, 2B, C8, 83, E1, 0F, 03, C1, 1B, C9, 0B, C1, 59, E9, 7A, 04, 00, 00, 51, 8D, 4C, 24, 08, 2B, C8, 83, E1, 07, 03, C1, 1B, C9, 0B, C1, 59, E9, 64, 04, 00, 00, 8B, FF, 55, 8B, EC, 81, EC, 28... 
[+]

Entropy:

6.4470

Code size:

311 KB (318,464 bytes)

The file WinZipper.exe has been discovered within the following program.

WinZipper by Taiwan Shui Mu Chih Ching Technology Limited.

The free and trial versions bundle various potentually unwanted toolbars and web browser extensions including the AVG Toolbar which modifies the browser's search and home page settings..

www.winzipper.com

75% remove it

Remove WinZipper.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.