» zaavsetupweb_142_255_000.exe
Overview
Analysis
File Details
Downloads (1)

zaavsetupweb_142_255_000.exe

ZoneAlarm

Check Point Software Technologies Ltd.

This is a setup program which is used to install the application. The file has been seen being downloaded from download.zonealarm.com.

File name:

Publisher:

Check Point Software Technologies Ltd. (signed and verified)

Product:

ZoneAlarm

Version:

14.2.255.0

MD5:

dd94b771afad4c61bfb6ea53daf08cc9

SHA-1:

f67c8b9bcf0031253ed7d61cc60b9bfcdd560694

SHA-256:

829b3e6b8322ac1278476d82ff38efdfe6b2e33bdc5ff2a825852b8ca5e5cc9d

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/18/2024 3:37:05 PM UTC (today)

File size:

3.4 MB (3,516,000 bytes)

Product version:

14.2.255.0

Original file name:

Install.exe

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\programs\zaavsetupweb_142_255_000.exe

Digital Signature

Signed by:

Check Point Software Technologies Ltd.

Authority:

Symantec Corporation

Valid from:

12/21/2015 3:00:00 AM

Valid to:

12/21/2018 2:59:59 AM

Subject:

CN=Check Point Software Technologies Ltd., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Check Point Software Technologies Ltd., L=Ramat-Gan, S=Ramat-Gan, C=IL

Issuer:

CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:

61D73145ADE15140CEE8B9F52BA0DF43

File PE Metadata

Compilation timestamp:

6/16/2016 3:58:24 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

49152:24KNrsmd+D0T0jTvhDtcZ7HlElDrP0jMPhZgRk+YbQ3gxhCRs8NLPipLv1M3eyfo:2HNKtc12cjcLgOTQQDCRsCTipBI

Entry address:

0x6725E

Entry point:

E8, 12, 9B, 00, 00, E9, 79, FE, FF, FF, 8B, FF, 55, 8B, EC, 51, 8B, 4D, 08, 53, 56, 57, 33, FF, 89, 7D, FC, 3B, CF, 0F, 84, 82, 00, 00, 00, 8B, 55, 0C, 3B, D7, 75, 07, 39, 7D, 10, 75, 76, EB, 05, 39, 7D, 10, 74, 6F, 39, 7D, 14, 75, 07, 39, 7D, 18, 75, 65, EB, 05, 39, 7D, 18, 74, 5E, 39, 7D, 1C, 75, 07, 39, 7D, 20, 75, 54, EB, 05, 39, 7D, 20, 74, 4D, 39, 7D, 24, 75, 43, 39, 7D, 28, 75, 43, 33, C0, 40, 8B, F1, 66, 39, 3E, 74, 07, 48, 46, 46, 3B, C7, 77, F4, 66, 83, 3E, 3A, 75, 38, 3B, D7, 74, 19, 83, 7D, 10... 
[+]

Entropy:

7.7410 (probably packed)

Code size:

641 KB (656,384 bytes)

The file zaavsetupweb_142_255_000.exe has been seen being distributed by the following URL.

http://download.zonealarm.com/bin/free/.../zaAvSetupWeb_142_255_000.exe

Scan zaavsetupweb_142_255_000.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.