× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 64a74486a32ad21db2ba1b66ac75c13144099a87caed5df1a6f0309be89efa0f
File name: zipeg
Detection ratio: 0 / 55
Analysis date: 2015-04-17 06:02:58 UTC ( 4 days ago )
Probably harmless! There are strong indicators suggesting that this file is safe to use.
Antivirus Result Update
AVG 20150417
AVware 20150419
Ad-Aware 20150417
AegisLab 20150417
Agnitum 20150417
AhnLab-V3 20150417
Alibaba 20150417
Antiy-AVL 20150417
Avast 20150417
Baidu-International 20150417
BitDefender 20150417
Bkav 20150417
ByteHero 20150417
CAT-QuickHeal 20150417
CMC 20150416
ClamAV 20150417
Comodo 20150417
Cyren 20150417
DrWeb 20150419
ESET-NOD32 20150417
Emsisoft 20150417
F-Prot 20150417
F-Secure 20150417
Fortinet 20150417
GData 20150417
Ikarus 20150417
Jiangmin 20150414
K7AntiVirus 20150417
K7GW 20150417
Kaspersky 20150417
Kingsoft 20150417
Malwarebytes 20150417
McAfee 20150417
McAfee-GW-Edition 20150417
MicroWorld-eScan 20150417
Microsoft 20150417
NANO-Antivirus 20150417
Norman 20150417
Panda 20150417
Qihoo-360 20150417
Rising 20150417
SUPERAntiSpyware 20150417
Sophos 20150417
Symantec 20150417
Tencent 20150417
TheHacker 20150417
TotalDefense 20150417
TrendMicro 20150417
TrendMicro-HouseCall 20150417
VBA32 20150417
VIPRE 20150419
ViRobot 20150417
Zillya 20150417
Zoner 20150417
nProtect 20150417
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block
Copyright
Copyright (C) 2006-2012 Leo Kuznetsov

Publisher http://www.zipeg.com
Product Zipeg
Original name zipeg.exe
Internal name zipeg
File version 2, 9, 4, 1316
Description Zipeg Archive Explorer
Comments Zipeg Archive Explorer for: zip, rar, arj, 7z, lha, iso, jar, nsis, tar, tgz, bz2, gz, cbr, cbz, war, ear archives
Signature verification The signature of the certificate cannot be verified.
Signers
[+] http://www.zipeg.com
Status The signature of the certificate cannot be verified.
Valid from 1:36 AM 2/8/2007
Valid to 12:59 AM 1/1/2040
Valid usage All
Algorithm MD5
Thumbprint 01B6905D5563FF0DC6E94D89BE8E3B787E34CCF8
Serial number 3F 80 1C BB 0D EA F7 94 49 FB C3 B3 D2 15 52 05
[+] Root Agency
Status The signature of the certificate cannot be verified.
Valid from 11:02 PM 5/28/1996
Valid to 12:59 AM 1/1/2040
Valid usage All
Algorithm MD5
Thumbprint FEE449EE0E3965A5246F000E87FDE2A065FD89D4
Serial number 06 37 6C 00 AA 00 64 8A 11 CF B8 D4 AA 5C 35 F4
Counter signers
[+] Symantec Time Stamping Services Signer - G3
Status Certificate out of its validity period
Valid from 1:00 AM 5/1/2012
Valid to 12:59 AM 1/1/2013
Valid usage Timestamp Signing
Algorithm SHA1
Thumbrint 8FD99D63FB3AFBD534A4F6E31DACD27F59504021
Serial number 79 A2 A5 85 F9 D1 15 42 13 D9 B8 3E F6 B6 8D ED
[+] VeriSign Time Stamping Services CA
Status Certificate out of its validity period
Valid from 1:00 AM 12/4/2003
Valid to 12:59 AM 12/4/2013
Valid usage Timestamp Signing
Algorithm SHA1
Thumbrint F46AC0C6EFBB8C6A14F55F09E2D37DF4C0DE012D
Serial number 47 BF 19 95 DF 8D 52 46 43 F7 DB 6D 48 0D 31 A4
[+] Thawte Timestamping CA
Status Valid
Valid from 1:00 AM 1/1/1997
Valid to 12:59 AM 1/1/2021
Valid usage Timestamp Signing
Algorithm MD5
Thumbrint BE36A4562FB2EE05DBB3D32323ADF445084ED656
Serial number 00
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2012-07-17 16:53:21
Link date 5:53 PM 7/17/2012
Entry Point 0x0000EEE2
Number of sections 4
PE sections
PE imports
RegDeleteKeyA
RegCloseKey
RegSetValueExA
RegQueryValueExA
RegEnumKeyA
RegDeleteValueA
RegOpenKeyExA
RegCreateKeyA
RegEnumKeyExA
InitCommonControlsEx
SetBkColor
GetStockObject
SetTextColor
GetStdHandle
GetConsoleOutputCP
FileTimeToSystemTime
GetFileAttributesA
WaitForSingleObject
GetDriveTypeA
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
GetLocaleInfoA
SetErrorMode
FreeEnvironmentStringsW
SetStdHandle
GetTempPathA
GetCPInfo
GetStringTypeA
WriteFile
GetSystemTimeAsFileTime
GlobalMemoryStatusEx
HeapReAlloc
GetStringTypeW
GetFullPathNameA
GetExitCodeProcess
LoadResource
FindClose
TlsGetValue
SetLastError
IsDebuggerPresent
HeapAlloc
RemoveDirectoryA
RaiseException
SetThreadPriority
UnhandledExceptionFilter
InterlockedDecrement
MultiByteToWideChar
GetModuleHandleA
CreateThread
SetEnvironmentVariableW
GetExitCodeThread
SetUnhandledExceptionFilter
GetSystemDirectoryA
MoveFileExA
SetEnvironmentVariableA
SetPriorityClass
TerminateProcess
WriteConsoleA
SetEndOfFile
GetCurrentThreadId
InterlockedIncrement
SetCurrentDirectoryA
WriteConsoleW
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
SetHandleCount
GetOEMCP
QueryPerformanceCounter
GetTickCount
TlsAlloc
FlushFileBuffers
LoadLibraryA
RtlUnwind
ExitThread
GetStartupInfoA
GetFileSize
OpenProcess
CreateDirectoryA
DeleteFileA
GetProcAddress
GetProcessHeap
CompareStringW
FindFirstFileA
CompareStringA
GetTempFileNameA
FindNextFileA
GetTimeZoneInformation
GetFileType
TlsSetValue
CreateFileA
ExitProcess
LeaveCriticalSection
GetLastError
LCMapStringW
GetConsoleCP
LCMapStringA
GetEnvironmentStringsW
GetModuleFileNameA
FileTimeToLocalFileTime
SizeofResource
GetCurrentProcessId
LockResource
GetCommandLineW
GetCurrentDirectoryA
HeapSize
GetCommandLineA
GetCurrentThread
QueryPerformanceFrequency
TlsFree
SetFilePointer
ReadFile
CloseHandle
GetACP
GetModuleHandleW
GetEnvironmentStrings
CreateProcessA
WideCharToMultiByte
IsValidCodePage
HeapCreate
VirtualFree
Sleep
FindResourceA
VirtualAlloc
EnumProcesses
EnumProcessModules
GetModuleFileNameExW
SHChangeNotify
SHGetPathFromIDListA
SHGetSpecialFolderLocation
ShellExecuteA
CommandLineToArgvW
SetFocus
GetMessageA
UpdateWindow
EndDialog
ShowWindow
DispatchMessageA
MessageBoxA
SetWindowLongA
DialogBoxParamA
SetWindowTextA
wsprintfA
SendMessageA
GetDlgItem
CreateDialogParamA
InvalidateRect
GetWindowLongA
SetTimer
LoadIconA
WaitForInputIdle
GetWindowTextA
IsDialogMessageA
DestroyWindow
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
CoCreateInstance
CoUninitialize
OleInitialize
Number of PE resources by type
RT_ICON 21
RT_RCDATA 6
RT_DIALOG 4
RT_GROUP_ICON 4
RT_MANIFEST 1
RT_BITMAP 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 38
ExifTool file metadata
LegalTrademarks
zipeg

SubsystemVersion
5.0

Comments
Zipeg Archive Explorer for: zip, rar, arj, 7z, lha, iso, jar, nsis, tar, tgz, bz2, gz, cbr, cbz, war, ear archives

LinkerVersion
9.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
2.9.3.1316

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
Zipeg Archive Explorer

CharacterSet
Unicode

InitializedDataSize
1581056

FileOS
Windows NT 32-bit

MIMEType
application/octet-stream

LegalCopyright
Copyright (C) 2006-2012 Leo Kuznetsov

FileVersion
2, 9, 4, 1316

TimeStamp
2012:07:17 17:53:21+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
zipeg

ProductVersion
2, 9, 4, 1316

UninitializedDataSize
0

OSVersion
5.0

OriginalFilename
zipeg.exe

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
www.zipeg.com

CodeSize
116224

ProductName
Zipeg

ProductVersionNumber
2.9.3.1316

EntryPoint
0xeee2

ObjectFileType
Executable application

CarbonBlack CarbonBlack acts as a surveillance camera for computers
Execution parents
Compressed bundles
File identification
MD5 882a9b56a23aee87e7b211635b571f4d
SHA1 bc30f9c934d341baf604eb6bc96d64619f33e9e2
SHA256 64a74486a32ad21db2ba1b66ac75c13144099a87caed5df1a6f0309be89efa0f
ssdeep
24576:biNlOeTUXB/wGbYCZni8G07YisGUi8p+zqti8Vg9mtAx23EMHWAKWVsMb+7bw:2Nl1TMxwKYqMfGU0b0PdD2h9bw

authentihash ea49f5cce1b24a4709fa156e0ca5e75a80c3b51309630545d4712f3dd8d7ad6e
imphash d9ea9fbbe6b0bfa95efae1aab83c22cc
File size 1.6 MB ( 1701552 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (67.3%)
Win32 Dynamic Link Library (generic) (14.2%)
Win32 Executable (generic) (9.7%)
Generic Win/DOS Executable (4.3%)
DOS Executable Generic (4.3%)
Tags
peexe signed software-collection

VirusTotal metadata
First submission 2012-07-18 11:43:07 UTC ( 2 years, 9 months ago )
Last submission 2015-04-16 10:35:10 UTC ( 4 days, 19 hours ago )
File names test.exe
zipeg-update.exe
output.12355080.txt
A7E58CF4B04E8B3DF65519CAA47B4D006927E6CE.exe
zipeg-2-9-4-1316-en-win.exe
Zipeg_2.9.4.1316.exe
12355080
zipeg-setup.exe
ZipegForWindows.exe
zipeg.2.9.4.1316.exe
zipeg.exe
882a9b56a23aee87e7b211635b571f4d
Zipeg Archive Explorer_2.9.4.1316.exe
octet-stream
Zipeg2941316.exe
zipeg_win.exe
zipeg
zipeg-3222-jetelecharge.exe
myfile
zipeg-setup.exe
file-4753458_exe
zipeg_win.exe
Advanced heuristic and reputation engines
ClamAV PUA
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: http://www.clamav.net/doc/pua.html .

Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!