home

ZBrowser.exe

Zaycev.net

LLC Pentagon

The application ZBrowser.exe by LLC Pentagon has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
ZAYCEV MEDIA GROUP LTD  (signed by LLC Pentagon)

Product:
Zaycev.net

Description:
ZBrowser

Version:
1.0.5251.24719

MD5:
58bf160c9d6010f5b0fbc9b3562ba74a

SHA-1:
c9b77170cd4cf7a309a90be0a258c8b89ae51468

SHA-256:
8aadbd62a698263a0738435fe359d04b0f5a352ac89e31b095807636c5284737

Scanner detections:
1 / 68

Status:
Potentially unwanted

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
4/25/2024 12:35:05 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Pentagon (M)
16.6.20.2

File size:
4.3 MB (4,487,736 bytes)

Product version:
1.0.5251.24719

Copyright:
Copyright © itemaX 2013

Original file name:
ZBrowser.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\roaming\zbrowser\shadow\zbrowser.browser\zbrowser.exe

Digital Signature
Signed by:
LLC Pentagon

Authority:
VeriSign, Inc.

Valid from:
5/15/2014 4:00:00 AM

Valid to:
4/10/2015 3:59:59 AM

Subject:
CN=LLC Pentagon, O=LLC Pentagon, L=Chelyabinsk, S=Chelyabinsk oblast, C=RU

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
6953C3B39EC862D3EEFA6D7971B66B07

File PE Metadata
Compilation timestamp:
5/18/2014 11:44:02 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
98304:Bojot1UzbKTeU1n/7j5qNc18YgNbd+lKyP5cMr7Y4X/0rq:31abKv5e9ddKcC7Yaj

Entry address:
0x4216EE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
4.1 MB (4,323,328 bytes)

Remove ZBrowser.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.