Gridinsoft Logo
File Icon

The winzip28-downwz.exe (WinZipStub Installer) File Analysis

Updated 1 year ago
Checked by Malware Check
winzip28-downwz.exe

Technical Analysis

File Name winzip28-downwz.exe
File Type
PE32 executable (GUI) Intel 80386, for MS Windows
Scanner Version 1.0.143.174
Database Version 2023-10-24 19:01:46 UTC

Clean File

No threats detected by our scanner

0%
Detection Rate
2,940,624
File Size (bytes)
2023-10-24
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
beca3a1fbe8b525f47bf01d3fd75246f
SHA1
678629c034660c27130256ceec14413a179f9849
SHA256
63dc21555eebe2bf8c44b095a2b95266de580ef7ef7e80520803a39efc8721b1
SHA512
b574b3d3481f47fbf9a757f263ed4cd4907774d563a9d6ec8eed47086a3e36787e26dfc4fc88bdd05fe60bff7842e427bb623f3a7524731874b53f34467ecd1b
ImpHash
10514f44e4fd4b5b8e51494a6703d9ee

PE Analysis

Basic Information

Icon
Hash: c949113eafa043e889f92333bea10522
Fuzzy: 3017991b989b058310fe9b77254373f7
dHash: f4d8d8dad8c8c4c1
Image Base 0x00400000
Entry Point 0x0058b11a
Compilation Time 2023-09-22 02:04:13
Checksum 0x002ce945 (Actual: 0x002ce945)
OS Version 6.0
PEiD Signatures PE32 executable (GUI) Intel 80386, for MS Windows
Digital Signature OK
Imports 11 libraries
Exports 0 functions
Resources 7 Resources
Sections 6 Sections

Digital Signatures

DigiCert Trusted Root G4 DigiCert, Inc. (US)
DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1 Corel Corporation (CA)

Version Information

Translation 0x0000 0x04b0
CompanyName WinZip Computing
FileDescription WinZipStub Installer
FileVersion 28.0.15640.0
InternalName WinZipStubInstaller.exe
LegalCopyright (c) 2015-2023 Corel Corporation All rights reserved.
ProductName WinZipStub
ProductVersion 28.0.15640.0

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00001000 2,107,952 bytes 2,108,416 bytes 6.57 (Compressed) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ D5970D36CE294A661C49B53D93E1786B
.rdata 0x00204000 460,562 bytes 460,800 bytes 4.99 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ B127040EB5475CAF457BFCC45B8CF782
.data 0x00275000 57,660 bytes 34,304 bytes 5.00 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 8930F5AE07D079B8FE6C5C80E108E0E3
.data_1 0x00284000 28 bytes 512 bytes 0.34 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 0C491D35AA5B37101208B14CA5F518AF
.rsrc 0x00285000 21,272 bytes 21,504 bytes 5.60 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ D4E2524A6A0317BC99C18DE58382733A
.reloc 0x0028b000 165,188 bytes 165,376 bytes 6.58 (Compressed) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ 3AFF4EF84B9A894DA442D4821A6C8224
Entropy Analysis Alert

2 section(s) with elevated entropy (≥6.5) - possible compression

Resource Analysis

Total Resources: 7 (20,781 bytes)
Resource Type Count Total Size Percentage
RT_ICON 3 17,790 bytes
85.6%
RT_DIALOG 1 156 bytes
0.8%
RT_GROUP_ICON 1 48 bytes
0.2%
RT_VERSION 1 774 bytes
3.7%
RT_MANIFEST 1 2,013 bytes
9.7%

Certificate Chain Analysis

Certificate #1
Subject DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1
DigiCert, Inc.
US
Issuer DigiCert Trusted Root G4
Serial Number 11533403529598586876501374841704918745
Certificate #2
Subject Corel Corporation
Corel Corporation
CA
Issuer DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1
Serial Number 17037126910609742952649751489588005762
Certificate Verification Status

OK

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

  1. Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
  2. Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
  3. Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
  4. Email Security: Be cautious with email attachments and links, even from known contacts.
Proactive Protection
This file passed all security checks, but stay vigilant. New malware variants appear daily that can evade detection. Always verify files come from official sources and check digital signatures when available.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.
Your Score for

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Anti-Malware Download Now
Gridinsoft Anti-Malware