home

zookpluginserver.exe

sec_citrix_201005

Mastersoft Corp.

It runs as a windows Service named “ZOOKPlugin Server”.
Publisher:
Mastersoft  (signed by Mastersoft Corp.)

Product:
sec_citrix_201005

Description:
ezHelpServer

Version:
1, 0, 1, 48

MD5:
c89fee7fa194b6309895cbddd79e9bfb

SHA-1:
08050afce5c606121efdd9a7f9692eb646d9e75a

SHA-256:
9ee8f34f7e71f25b60d3c822cb7c09206cad86c8cb59f1ef9d00e04cc2c4923f

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 7:24:14 PM UTC  (today)

File size:
1.3 MB (1,364,928 bytes)

Product version:
1, 0, 0, 1

Copyright:
Copyright (c) Mastersoft. All rights reserved.

Original file name:
ezHelpServer.exe

File type:
Executable application (Win32 EXE)

Digital Signature
Signed by:
Mastersoft Corp.

Authority:
Thawte Consulting (Pty) Ltd.

Valid from:
11/4/2009 9:00:00 AM

Valid to:
11/5/2011 8:59:59 AM

Subject:
CN=Mastersoft Corp., O=Mastersoft Corp., L="Seocho-gu ", S=Seoul, C=KR

Issuer:
CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:
31CC19D889E2E985F7D3FE8160731BC4

File PE Metadata
Compilation timestamp:
1/10/2011 10:56:11 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
24576:XDRHyDg+i7+qgYVUPSsn9f+bM5zVut2cN/zkD5Y+VMYQg:XDAgmqgYVUPT+bM5zVutZb2LL

Entry address:
0x8B700

Entry point:
E8, D0, AA, 00, 00, E9, 78, FE, FF, FF, 8B, FF, 55, 8B, EC, 83, 3D, 64, 97, 4D, 00, 00, 56, 8B, 35, 4C, 77, 4D, 00, 75, 04, 33, C0, EB, 63, 57, 85, F6, 75, 1B, 39, 35, 54, 77, 4D, 00, 74, 53, E8, 3E, AC, 00, 00, 85, C0, 75, 4A, 8B, 35, 4C, 77, 4D, 00, 85, F6, 74, 40, 83, 7D, 08, 00, 74, 3A, FF, 75, 08, E8, 4F, BC, FF, FF, 59, 8B, F8, EB, 27, 50, E8, 44, BC, FF, FF, 59, 3B, C7, 76, 19, 8B, 06, 80, 3C, 38, 3D, 75, 11, 57, FF, 75, 08, 50, E8, E6, AB, 00, 00, 83, C4, 0C, 85, C0, 74, 0F, 83, C6, 04, 8B, 06, 85...
 
[+]

Entropy:
6.3480

Code size:
742 KB (759,808 bytes)

Service
Display name:
ZOOKPlugin Server

Service name:
ZOOKPluginServer

Type:
Win32OwnProcess, InteractiveProcess


Scan zookpluginserver.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.