» zadig_xp.exe
Overview
Analysis
File Details
Downloads (1)

zadig_xp.exe

Zadig

Akeo Consulting

This is a setup program which is used to install the application. The file has been seen being downloaded from companion9x.googlecode.com.

File name:

zadig_xp.exe

Publisher:

akeo.ie (signed by Akeo Consulting)

Product:

Zadig

Version:

2.0.1.160

MD5:

aa172567fb85cdc65edca10aa4b08083

SHA-1:

690a3a871d59ecc31a0461ad95c6bbbf935ccd3f

SHA-256:

e876d1b0cfa9d2e0f1f29655e01ff8d193fec41135bac091495a635d07c7ee18

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/20/2024 1:53:56 AM UTC (today)

File size:

6.5 MB (6,847,120 bytes)

Product version:

2.0.1.160

Trademarks:

http://www.gnu.org/copyleft/gpl.html

Original file name:

zadig.exe

File type:

Executable application (Win32 EXE)

Language:

English

Digital Signature

Signed by:

Akeo Consulting

Authority:

COMODO CA Limited

Valid from:

11/12/2012 12:00:00 AM

Valid to:

11/12/2017 11:59:59 PM

Subject:

CN=Akeo Consulting, O=Akeo Consulting, STREET="24, Grey Rock", L=Milford, S=Co. Donegal, PostalCode=Co. Donegal, C=IE

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

47D73D146614770CB3DAAF5502C48D9C

File PE Metadata

Compilation timestamp:

11/14/2012 11:47:49 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.22

CTPH (ssdeep):

98304:I3h1DOeFVJ2HBc/lw+7Z2ans8GVoLd+GnhojkzBAw7uiDtN0A0AZ4lBkCOXF:I3TlsctdF2ansBGdPnuw7uiD4FECEF

Entry address:

0x14C0

Entry point:

83, EC, 0C, C7, 05, 5C, 57, A3, 00, 01, 00, 00, 00, E8, 0E, 68, 01, 00, 83, C4, 0C, E9, A6, FC, FF, FF, 8D, B6, 00, 00, 00, 00, 83, EC, 0C, C7, 05, 5C, 57, A3, 00, 00, 00, 00, 00, E8, EE, 67, 01, 00, 83, C4, 0C, E9, 86, FC, FF, FF, 90, 90, 90, 90, 90, 90, 83, EC, 3C, 89, 7C, 24, 34, 8B, 7C, 24, 44, 89, 5C, 24, 2C, 8B, 5C, 24, 40, 89, 74, 24, 30, 8B, 74, 24, 48, 89, 6C, 24, 38, 83, FF, 20, 74, 3C, 8B, 44, 24, 4C, 89, 74, 24, 0C, 89, 7C, 24, 08, 89, 5C, 24, 04, 89, 44, 24, 10, A1, E8, 64, A3, 00, 89, 04, 24... 
[+]

Entropy:

7.6748

Code size:

113 KB (115,712 bytes)

The file zadig_xp.exe has been seen being distributed by the following URL.

https://companion9x.googlecode.com/.../zadig_xp.exe

Scan zadig_xp.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.