home

dzp.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from 113.171.224.216 and multiple other hosts.
MD5:
029b9f700354184aa584e97b8d9e46a0

SHA-1:
9f3459bf1f2703ffe38b0b4c78652f6ad36b3b6f

SHA-256:
08143fe00aedfd13ee3b2f62dfc3fdaf53db7ddf5bc2d55eebedc9efa6ad8066

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/27/2024 3:56:48 PM UTC  (today)

File size:
2.9 MB (3,005,102 bytes)

File type:
Executable application (Win64 EXE)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\dzp.exe

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
49152:n3an175ifW13lGfEJQdN7bZDdNOvkONnc79IxBOLEh+1NEQ0BWly5PAJa:n3an175ifW13YEJQdN79OvkOPj2Eh+1y

Entry point:
6D, 20, E6, F5, 7D, 46, 00, 5E, 6E, 0F, 2E, E7, 33, 80, 77, 00, 00, 00, 00, 00, 7F, 00, 00, 00, 00, 00, 00, 00, 0C, 66, 6B, CE, BB, 20, B2, BA, 59, 07, 00, 40, 56, 18, E2, A0, CC, 05, CC, 82, 28, C5, D2, BF, AC, B2, 8A, BD, 08, 5E, ED, AF, CC, 1B, 29, A2, 50, AB, 78, 00, D7, D1, 6E, C7, 58, E8, DD, 87, BC, 30, 8C, 73, F6, 12, 91, F7, 0C, A2, 73, 7C, F0, 21, 07, F4, A4, 3D, 69, C4, 80, F0, A8, F2, E1, 94, 38, 6E, 6F, 13, F5, 95, 2C, 7D, 92, 8C, CD, 16, 2C, 9E, B5, A3, 5B, 06, 4A, DE, F5, 09, 4D, 95, 4F, 80...
 
[+]

Entropy:
7.9999  (probably packed)

The file dzp.exe has been seen being distributed by the following 2 URLs.

http://113.171.224.216/.../dzp.exe

http://www.reqxrnsx.com/Public/softs/lim4/9285/.../dzp.exe

Scan dzp.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.