home

wzp.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from d26yaxxlnmhaem.cloudfront.net and multiple other hosts.
MD5:
afa78d9f24e156a0ce08a9957b577997

SHA-1:
a4dbcdbb00357523f4ffba5de7381ef3eaa91858

SHA-256:
f6f190cd8f38740763a7ef3ae09eafd39f54bd0559f4054e4ce4432fa5709559

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/5/2024 8:30:02 PM UTC  (today)

File size:
2.9 MB (3,035,835 bytes)

File type:
Executable application (Win64 EXE)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\wzp.exe

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
49152:wFNNBZzZUQvwedoUvsJ8TG7a93u5dGJcCtwEHCEpU8fvurPL1kZhPVPV1RGg1OAp:wFNBSYwsoUv68T/daGJcCtwaFU8eLCPj

Entry point:
6D, 20, E6, F5, 7D, 46, 00, 5E, 48, B8, 98, BD, 2C, 08, 74, 00, 00, 00, 00, 00, 7F, 00, 00, 00, 00, 00, 00, 00, 8B, 87, 05, 0A, BB, F5, 4C, BA, 59, 07, 00, 40, 56, 18, E2, A0, CC, B5, 24, 82, 28, A1, 7A, 8B, EC, 15, 5A, 0D, A1, 1C, FE, A0, C5, 2D, 7E, 45, FC, ED, D4, 53, 78, 94, 15, 80, 68, 72, EF, 74, E4, 05, 74, 9E, 89, 9B, 28, 47, 79, E0, 85, 4F, 10, 85, 2F, FD, 1A, 2F, 2B, 4A, 67, B2, F5, 48, F7, 7A, FF, 7E, 7C, 0E, 3A, 11, 87, 25, 76, A1, 73, EA, 73, 31, 70, 97, 48, 8C, 60, 27, A4, 25, 79, 20, 25, 73...
 
[+]

Entropy:
7.9999  (probably packed)

The file wzp.exe has been seen being distributed by the following 6 URLs.

http://d26yaxxlnmhaem.cloudfront.net/Public/softs/wzp/2.2.47/.../wzp.exe

http://113.171.224.168/.../wzp.exe

http://d26yaxxlnmhaem.cloudfront.net/Public/softs/wzp/2.2.62/.../wzp.exe

http://113.171.224.209/.../wzp.exe

http://113.171.224.243/.../wzp.exe

http://d26yaxxlnmhaem.cloudfront.net/Public/softs/wzp/2.2.60/.../wzp.exe

Scan wzp.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.