home

zipse.exe

Self Extractor

MyPublisher Inc.

Publisher:
MyPublisher  (signed by MyPublisher Inc.)

Product:
Self Extractor

Description:
zipse

Version:
1, 0, 0, 1

MD5:
d5d7b00b0cfe5bbc12f33278f7d0e0ee

SHA-1:
ed57b34049a4ac53a2afb6b7ccb65fa0575692cf

SHA-256:
a7b3b8e21dd6fe800e3462f979817f5b093ee6c87052ba3a0ba17607e0c087b1

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 10:06:07 AM UTC  (today)

File size:
37.5 MB (39,335,712 bytes)

Product version:
0.0.0.0000

Copyright:
Copyright © 2006

Original file name:
zipse.exe

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\1f77.tmp

Digital Signature
Signed by:
MyPublisher Inc.

Authority:
VeriSign, Inc.

Valid from:
9/16/2012 7:00:00 PM

Valid to:
11/13/2015 5:59:59 PM

Subject:
CN=MyPublisher Inc., OU=IT, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=MyPublisher Inc., L=Valhalla, S=New York, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
3D72BD73320219623B366E3D32AA76D2

File PE Metadata
Compilation timestamp:
6/16/2015 4:36:58 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
786432:sg5h1tigwEnr4mRP4PcWORAbetVa4pGDlsNWzOL+cwiBxqRQTxn5:tjr7rlF4DORAbeK4VkNi3oQTj

Entry address:
0x832F

Entry point:
E8, 26, 2F, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 51, 83, 65, FC, 00, 56, 8D, 45, FC, 50, FF, 75, 0C, FF, 75, 08, E8, A2, 2F, 00, 00, 8B, F0, 83, C4, 0C, 85, F6, 75, 18, 39, 45, FC, 74, 13, E8, 20, 11, 00, 00, 85, C0, 74, 0A, E8, 17, 11, 00, 00, 8B, 4D, FC, 89, 08, 8B, C6, 5E, C9, C3, 8B, FF, 55, 8B, EC, 83, 7D, 08, 00, 74, 2D, FF, 75, 08, 6A, 00, FF, 35, 28, 5C, 41, 00, FF, 15, 58, F0, 40, 00, 85, C0, 75, 18, 56, E8, E7, 10, 00, 00, 8B, F0, FF, 15, 0C, F0, 40, 00, 50, E8, 97, 10, 00, 00, 59, 89...
 
[+]

Entropy:
7.9995  (probably packed)

Code size:
54 KB (55,296 bytes)

The file zipse.exe has been seen being distributed by the following URL.

http://assets.mypublisher.com/software/.../MyPublishersetup-USD-en-US.exe

Scan zipse.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.