home

winzipr.exe

MD5:
41d60f907d8124181f9b8fcaf7592c2e

SHA-1:
91daba95829322ae101ccdfaf77160e3748eb831

SHA-256:
765a1526fdc24ecb85c0bfa6bdf13977c85f97f60533dfdad6b5199ebf5a8d8f

Scanner detections:
8 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
4/18/2024 2:47:31 AM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Suspicious
7.1.1

Avira AntiVirus
TR/Crypt.XPACK.Gen
7.11.63.22

AVG
Suspicion: unknown virus
2015.0.3311

Comodo Security
UnclassifiedMalware
15397

McAfee
Artemis!41D60F907D81
5600.6967

Trend Micro House Call
TROJ_GEN.RCBH1IP
7.2.298

Vba32 AntiVirus
suspected of Crafted.Win32File.OLS
3.12.20.2

VIPRE Antivirus
FraudTool.Win32.SecurityShield.ek!c
15772

File size:
1.1 MB (1,171,456 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\roaming\archsoft\winzipr.exe

File PE Metadata
Compilation timestamp:
4/22/2011 12:51:05 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
83.82

.NET CLR dependent:
Yes

CTPH (ssdeep):
24576:HC4M91piiikNfpvxBLSSVGLc7EAfqja5+VYdezlrjiCgJicUth/i:3cIIJtGo7jaqOYgqtvEE

Entry address:
0xAA000

Entry point:
60, E8, 00, 00, 60, 11, 00, 00, 51, 0F, CA, F7, D2, 9C, F7, D2, 4E, 0E, 00, 00, B9, EB, 0F, B8, EB, 07, B9, EB, 7D, 0A, 00, 00, FD, EB, 0B, F2, A2, 21, 00, 00, F2, EB, 08, FD, EB, E9, F3, EB, E4, FC, E9, 9D, 0F, C9, 8B, CA, F7, D1, 59, 58, 50, 51, 0F, CA, F7, D2, 9C, F7, D2, 0F, CA, EB, 04, 14, 00, 00, B8, EB, 07, B9, EB, 0F, 90, EB, 08, FD, EB, 0B, F2, EB, F5, EB, F6, F2, EB, 08, FD, EB, E9, F3, EB, E4, FC, E9, 9D, 0F, C9, 8B, CA, F7, D1, 59, 58, 50, 51, 0F, 51, 26, 00, 00, F7, D2, 0F, CA, EB, 0F, B9, EB...
 
[+]

Packer / compiler:
ASPack v1.08.04

Code size:
444 KB (454,656 bytes)

Scan winzipr.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.