home

zasetupweb_142_255_000.exe

ZoneAlarm

Check Point Software Technologies Ltd.

This is a setup program which is used to install the application. The file has been seen being downloaded from indir.gezginler.net and multiple other hosts.
Publisher:
Check Point Software Technologies Ltd.  (signed and verified)

Product:
ZoneAlarm

Version:
14.2.255.0

MD5:
e6a2095a69009dcd6a30a683ed3ffe72

SHA-1:
ef90ff28e53f92fb19dd567cbdd109d5663a2bdd

SHA-256:
a0b0d9bc0b91c7c3803cd8f44870c90ed59125b83cd134d8ab9660c09a51ec21

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 1:10:48 AM UTC  (today)

File size:
3.4 MB (3,515,928 bytes)

Product version:
14.2.255.0

Copyright:
Copyright © 1998-2016, Check Point, LTD

Original file name:
Install.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\zasetupweb_142_255_000.exe

Digital Signature
Signed by:
Check Point Software Technologies Ltd.

Authority:
Symantec Corporation

Valid from:
12/20/2015 5:00:00 PM

Valid to:
12/20/2018 4:59:59 PM

Subject:
CN=Check Point Software Technologies Ltd., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Check Point Software Technologies Ltd., L=Ramat-Gan, S=Ramat-Gan, C=IL

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
61D73145ADE15140CEE8B9F52BA0DF43

File PE Metadata
Compilation timestamp:
6/15/2016 5:07:09 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
49152:Y4KNrsm4+D0TDjTvhDtcZ7Hl/lHS6SWAgrydesg1s+/l0Piw/lo3FsSytBS+:YHNqtc1PIOFsY74iwrz

Entry address:
0x6725E

Entry point:
E8, 12, 9B, 00, 00, E9, 79, FE, FF, FF, 8B, FF, 55, 8B, EC, 51, 8B, 4D, 08, 53, 56, 57, 33, FF, 89, 7D, FC, 3B, CF, 0F, 84, 82, 00, 00, 00, 8B, 55, 0C, 3B, D7, 75, 07, 39, 7D, 10, 75, 76, EB, 05, 39, 7D, 10, 74, 6F, 39, 7D, 14, 75, 07, 39, 7D, 18, 75, 65, EB, 05, 39, 7D, 18, 74, 5E, 39, 7D, 1C, 75, 07, 39, 7D, 20, 75, 54, EB, 05, 39, 7D, 20, 74, 4D, 39, 7D, 24, 75, 43, 39, 7D, 28, 75, 43, 33, C0, 40, 8B, F1, 66, 39, 3E, 74, 07, 48, 46, 46, 3B, C7, 77, F4, 66, 83, 3E, 3A, 75, 38, 3B, D7, 74, 19, 83, 7D, 10...
 
[+]

Entropy:
7.7408  (probably packed)

Code size:
641 KB (656,384 bytes)

The file zasetupweb_142_255_000.exe has been seen being distributed by the following 3 URLs.

http://indir.gezginler.net/i/1578/.../

http://dl.cdn.chip.de/downloads/.../zaSetupWeb_142_255_000.exe

http://download.zonealarm.com/bin/free/.../zaSetupWeb_142_255_000.exe

Scan zasetupweb_142_255_000.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.