home

zipreader.exe

ZIPReader

PKWARE, Inc.

This is a setup program which is used to install the application. The file has been seen being downloaded from www.google.com and multiple other hosts.
Publisher:
PKWARE, Inc.  (signed and verified)

Product:
ZIPReader

Description:
ZIP Reader (Unicode)

Version:
14.0.1029.0

MD5:
b19aba5382ec17021ecdd8e7d81302e3

SHA-1:
4f97f104fa206d7e8a9dbf6fdab571b2b0dd0686

SHA-256:
d39835db020eeda7fc1158ee69f8cd843fdc49a45881d33bc24b2b1ed3fe609c

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/29/2024 2:33:06 PM UTC  (today)

File size:
3.3 MB (3,466,696 bytes)

Product version:
14.00.0010

Copyright:
Portions copyright (C) 1989-2012 PKWARE, Inc.

Trademarks:
PKWARE, PKZIP, PKUNZIP, PKSFX, and SecureZIP are registered trademarks of PKWARE, Inc.

Original file name:
ZIPReader0.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Digital Signature
Signed by:
PKWARE, Inc.

Authority:
VeriSign, Inc.

Valid from:
5/10/2011 7:00:00 PM

Valid to:
5/7/2014 6:59:59 PM

Subject:
CN="PKWARE, Inc.", OU=Engineering, OU=Digital ID Class 3 - Microsoft Software Validation v2, O="PKWARE, Inc.", L=Brown Deer, S=Wisconsin, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
299A1F243ED99C987146A78C78DBBF06

File PE Metadata
Compilation timestamp:
6/5/2012 9:46:35 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
49152:spBlDc0rNK3ElSqNwSTgnSAJyigzYI1KH9yVTuOHy7eOU:spBlQINdSVSpnzYOY17o

Entry address:
0x1ECE5F

Entry point:
E8, 8F, AC, 00, 00, E9, 89, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, 8B, FF, 55, 8B, EC, 83, EC, 18, 53, 8B, 5D, 0C, 56, 8B, 73, 08, 33, 35, 68, 81, 69, 00, 57, 8B, 06, C6, 45, FF, 00, C7, 45, F4, 01, 00, 00, 00, 8D, 7B, 10, 83, F8, FE, 74, 0D, 8B, 4E, 04, 03, CF, 33, 0C, 38, E8, A8, D8, FF, FF, 8B, 4E, 0C, 8B, 46, 08, 03, CF, 33, 0C, 38, E8, 98, D8, FF, FF, 8B, 45, 08, F6, 40, 04, 66, 0F, 85, 19, 01, 00, 00, 8B, 4D, 10, 8D, 55, E8, 89, 53, FC, 8B, 5B, 0C, 89, 45, E8, 89, 4D, EC, 83, FB, FE, 74, 5F, 8D, 49...
 
[+]

Code size:
2.2 MB (2,265,088 bytes)

The file zipreader.exe has been seen being distributed by the following 12 URLs.

https://www.google.com/url?hl=en&q=https://urldefense.proofpoint.com/.../url?u=http-3A__pkware.cachefly.net_products_Reader_ZIPReader.exe&d=BQMFAg&c=j-EkbjBYwkAB4f8ZbVn1Fw&r=_aIVSi-En-QR8FEGj0v_j7A31qZeuB7hOs0ohrTcjow&m=X31qhc-RoBiPf5bHo3tEQl0qckH6GoKKhijCS740zQU&s=B-1hRt0hNsaUeEnnYOMOs-SnsFraC-bpOHavXba4T-Q&e=&source=gmail&ust=1486201465934000&usg=AFQjCNHZZ8mNeB66qRPKoK0wbEe_y7fhpA

https://www.google.com/url?hl=fr&q=http://pkware.cachefly.net/products/.../ZIPReader.exe&source=gmail&ust=1480590953875000&usg=AFQjCNFhRTJVi6u5MPy1XuVtYkDVHA-v4g

&onid=2250&oid=3001-2250_4-10228628&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=utilities/file-compression&topicbrcrm=&pid=14265902&mfgid=50928&merid=50928&ctype=dm&cval=NONE&devicetype=<!--esidesktop&pguid=5511e8481e5846ce8e8f08af&viewguid=fcttvssv9U0tfdRXQdKyg4wZvnI2efiPN5IH&destUrl=http://files.downloadnow.com/s/software/14/26/59/.../ZIPReader.exe

http://a.tuviviet.net/v2106xm/2015/4/.../zip-reader-140.exe

http://www.tamindir.com/indir/MjAxNS0wNC0xNiAwODoxODoxOA==/zip-reader/.../14.0.1029.0

https://www.google.com/url?hl=en&q=http://pkware.cachefly.net/products/.../ZIPReader.exe&source=gmail&ust=1466563491561000&usg=AFQjCNGwyQPdl9uCExwVCUwx3iVGo4NIUA

http://files.downloadnow-2.com/s/software/14/26/59/.../ZIPReader.exe

&onid=2250&oid=3001-2250_4-10228628&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=utilities/file-compression&topicbrcrm=&pid=14265902&mfgid=50928&merid=50928&ctype=dm&cval=NONE&devicetype=desktop&pguid=8094bfa37ff5f33476f40582&viewguid=aymsil0HnJOB7H@0fyfzhRnKJ9dEDYiTvKNr&destUrl=http://software-files-a.cnet.com/s/software/14/26/59/.../ZIPReader.exe

https://pkware.cachefly.net/products/.../ZIPReader.exe

http://files.downloadnow.com/s/software/14/26/59/.../ZIPReader.exe

http://software-files-a.cnet.com/s/software/14/26/59/.../ZIPReader.exe

http://pkware.cachefly.net/products/.../ZIPReader.exe

Scan zipreader.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.