home

wzcline.exe

WinZip Computing, Inc.

The program is a setup application that uses the WinZip SFX installer. The file has been seen being downloaded from telechargement2.pcastuces.com.
Publisher:
WinZip Computing, Inc.  (signed and verified)

MD5:
464327f96b32a7d190091b7c8afa0f81

SHA-1:
0f1e5f736a11121d0906d58aba2866ead47f8a83

SHA-256:
60448955f3b3760ff09cdf9b0a1d52c4996bdae4bade4a5ac4c50a71d1adee4b

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 9:27:10 AM UTC  (today)

File size:
281.5 KB (288,232 bytes)

File type:
Executable application (Win32 EXE)

Installer:
WinZip SFX

Digital Signature
Signed by:
WinZip Computing, Inc.

Authority:
VeriSign, Inc.

Valid from:
4/13/2000 2:00:00 AM

Valid to:
4/13/2001 1:59:59 AM

Subject:
CN="WinZip Computing, Inc.", L=Mansfield, S=CT, C=US, OU=Digital ID Class 3 - Microsoft Software Validation v2, OU="www.verisign.com/repository/CPS Incorp. by Ref.,LIAB.LTD(c)96", OU=VeriSign Commercial Software Publishers CA, O="VeriSign, Inc.", L=Internet

Issuer:
OU=VeriSign Commercial Software Publishers CA, O="VeriSign, Inc.", L=Internet

Serial number:
5AC5C50620437D42573FE25E2726CBC1

File PE Metadata
Compilation timestamp:
5/9/2000 7:16:46 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
5.10

CTPH (ssdeep):
6144:Uj/YjxSZVXt8gdoJUt7vwP9iP55DKMEDAJghs:Uj/sidd574P9iP55DLEDAJghs

Entry address:
0x3E8C

Entry point:
53, FF, 15, 4C, 70, 40, 00, B3, 22, 38, 18, 74, 03, 80, C3, FE, 8A, 48, 01, 40, 33, D2, 3A, CA, 74, 0A, 3A, CB, 74, 06, 8A, 48, 01, 40, EB, F2, 38, 10, 74, 01, 40, 52, 50, 52, 52, FF, 15, 50, 70, 40, 00, 50, E8, C5, F3, FF, FF, 50, FF, 15, 54, 70, 40, 00, 5B, C3, 8B, 44, 24, 04, 8B, 40, 3C, 05, F8, 00, 00, 00, C3, 55, 8B, EC, 51, A1, 88, 95, 40, 00, 83, 0D, 20, 94, 40, 00, FF, 56, 33, F6, 39, 35, 54, 8F, 40, 00, 89, 35, 4C, 95, 40, 00, 89, 35, 84, 95, 40, 00, A3, 04, 97, 40, 00, 75, 05, E8, A0, D3, FF, FF...
 
[+]

Packer / compiler:
WinZip, 0x32-bit SFX v8.x module

Code size:
21 KB (21,504 bytes)

The file wzcline.exe has been discovered within the following program.

TurboPay9  by Consoft Group Ltd.
About 1% of users remove it
 
Powered by Should I Remove It?

The file wzcline.exe has been seen being distributed by the following URL.

http://telechargement2.pcastuces.com/temp6bs2/.../wzcline.exe

Scan wzcline.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.