Gridinsoft Logo
File Icon

The ZenpyFree.exe (ZenpyLoader) File Analysis

Updated 2 months ago
Checked by Malaware Check
ZenpyFree.exe

Technical Analysis

File Name ZenpyFree.exe
File Type
Win32 EXE
Magic Bytes PE32+ executable (GUI) x86-64 Mono/.Net assembly, for MS Windows
SSDEEP Hash
393216:fONqv7nmC8d9S4McHJe9zDq+ZvZvZkSyPGkO:FvAd9SXcHJelqiiek
Scanner Version 1.0.211.174
Database Version 2025-03-19 02:00:30 UTC

Suspicious File Detected

Detected by 9 security engines - requires caution

This file requires additional checking for potential threats. Based on suspicious indicators, we will soon add it to our virus database.
13%
Detection Rate
27,949,056
File Size (bytes)
9/72
Engines Detected
2025-03-19
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
dbd00540fb3f276144e46c9e4db0b513
SHA1
300d2e8fe73345fd6b861a216e5f5c9d25e74fde
SHA256
ebc638d34de158fa06fad1281c953db44c2d98fe3d51c5f58f8520ff12a09163
SHA512
35ec32b6c640da45a3c9b92ef227fa5e27d6ade22403d8951e8e450790e15bd326f8abb07c556c37b03197acfd520bfd6cfb7d9638b37d075d6f3ccdd403a3e9

Security Engines with Detections (9 of 72)

Bkav
W64.AIDetectMalware.CS Malicious
Skyhigh
Artemis Malicious
McAfee
Artemis!DBD00540FB3F Malicious
CrowdStrike
win/malicious_confidence_70% (D) Malicious
Symantec
Trojan.Gen.9 Malicious
APEX
Malicious Malicious
Rising
Malware.Obfus/[email protected] (RDM.MSIL2:XUn7BRw6/YPGxfphguncTg) Malicious
McAfeeD
ti!EBC638D34DE1 Malicious
Cylance
Unsafe Malicious
63 engines reported no threats - Only engines with detections are shown above for clarity

PE Analysis

Basic Information

Icon
Hash: 5823489396fefabafc0b0badd43ab1b4
Fuzzy: aedcb3f9bcebaf7277710a4bd67274ff
dHash: f0943a79b9b998d8
Image Base 0x00400000
Entry Point 0x00400000
Compilation Time 2024-01-14 20:44:54
Checksum 0x00000000 (Actual: 0x01aac5b9)
OS Version 4.0
PEiD Signatures PE32+ executable (GUI) x86-64 Mono/.Net assembly, for MS Windows
Digital Signature No valid SignedData structure was found.
Imports 0
Exports 0 functions
Resources 4 Resources
Sections 2 Sections

Version Information

Translation 0x0000 0x04b0
Comments
CompanyName
FileDescription ZenpyLoader
FileVersion 1.0.0.0
InternalName ZenpyLoader.exe
LegalCopyright Copyright © 2023
LegalTrademarks
OriginalFilename ZenpyLoader.exe
ProductName ZenpyLoader
ProductVersion 1.0.0.0
Assembly Version 1.0.0.0

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00002000 27,820,236 bytes 27,820,544 bytes 7.04 (Compressed) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ F8D18775667665ECAB305B679D43CD9F
.rsrc 0x01a8c000 127,520 bytes 128,000 bytes 7.95 (Packed/Encrypted) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 4C35151C6AFAA6299857E0E12D9CAA2E
Entropy Analysis Alert

1 section(s) with high entropy (≥7.5) detected - possible packing/encryption

1 section(s) with elevated entropy (≥6.5) - possible compression

Resource Analysis

Total Resources: 4 (127,210 bytes)
Resource Type Count Total Size Percentage
RT_ICON 1 125,888 bytes
99%
RT_GROUP_ICON 1 20 bytes
0%
RT_VERSION 1 812 bytes
0.6%
RT_MANIFEST 1 490 bytes
0.4%

Certificate Chain Analysis

Certificate Information
Product ZenpyLoader
Description ZenpyLoader
File Version 1.0.0.0
Original Name ZenpyLoader.exe
Internal Name ZenpyLoader.exe
Copyright Copyright © 2023
Certificate Chain Summary
Microsoft Corporation #1 Primary
Validity Period: 2023-03-16 18:43:28 → 2024-03-14 18:43:28
Signature Algorithm: sha256RSA
Serial Number: 33 00 00 03 4D 4E 91 A6 1A 28 B0 78 8F 00 00 00 00 03 4D
Microsoft Code Signing PCA 2011 #2 Chain
Validity Period: 2011-07-08 20:59:09 → 2026-07-08 21:09:09
Signature Algorithm: sha256RSA
Serial Number: 61 0E 90 D2 00 00 00 00 00 03
Microsoft Time-Stamp Service #3 Chain
Validity Period: 2023-05-25 19:12:05 → 2024-02-01 19:12:05
Signature Algorithm: sha256RSA
Serial Number: 33 00 00 01 CD 55 07 2A E7 CA C1 99 1D 00 01 00 00 01 CD
Microsoft Time-Stamp PCA 2010 #4 Chain
Validity Period: 2021-09-30 18:22:25 → 2030-09-30 18:32:25
Signature Algorithm: sha256RSA
Serial Number: 33 00 00 00 15 C5 E7 6B 9E 02 9B 49 99 00 00 00 00 00 15
Microsoft 3rd Party Application Component #5 Chain
Validity Period: 2023-07-13 23:45:36 → 2024-09-15 23:45:36
Signature Algorithm: sha256RSA
Serial Number: 33 00 00 03 83 14 62 71 0B DF 9B A6 3D 00 00 00 00 03 83
Microsoft Time-Stamp Service #6 Chain
Validity Period: 2023-05-25 19:12:18 → 2024-02-01 19:12:18
Signature Algorithm: sha256RSA
Serial Number: 33 00 00 01 D1 B2 5B 40 28 6C 2E D2 45 00 01 00 00 01 D1

✓ This file has been digitally signed and the certificate chain has been verified

  • The signature ensures file integrity and authenticity from the publisher
  • Timestamping proves when the signature was applied
Certificate Verification Status

No valid SignedData structure was found.

Recommendation: Verify the file source and ensure it comes from a trusted publisher.

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

  1. Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
  2. Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
  3. Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
  4. Email Security: Be cautious with email attachments and links, even from known contacts.
Proactive Protection
9 antivirus engines detected potential threats. This could be a false positive, especially for system tools or packed software. Verify the file source and check if it's digitally signed by a trusted publisher.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.
Your Score for

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Anti-Malware Download Now
Gridinsoft Anti-Malware