home

wzpqyn.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from d26yaxxlnmhaem.cloudfront.net.
MD5:
4abce4604f03a129fb76a5adf2697713

SHA-1:
019d4ae01e53eade621c598307c86aa5d12de35b

SHA-256:
1f31c2b30702406c907cf1910dbf3cedfc5955d69a1efec982269848713d3254

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/5/2024 8:13:37 PM UTC  (today)

File size:
2.9 MB (3,022,504 bytes)

File type:
Executable application (Win64 EXE)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\wzpqyn.exe

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
49152:0e0+F3AEZUQf+oSu6OSezpyIRvTfjh/kKOLaxdz4zK5DVrONDBDAzaIJCtOoz55T:VdQNoSnOByINfjh/khGxF5DUEzaIEsoD

Entry point:
6D, 20, E6, F5, 7D, 46, 00, 5E, B3, AC, 80, 09, 39, 44, 74, 00, 00, 00, 00, 00, 7F, 00, 00, 00, 00, 00, 00, 00, A7, 9D, 93, 02, BB, F5, 4D, BA, 59, 07, 00, 40, 56, 18, E2, A0, CC, B5, 24, 82, 28, 8B, 6B, 07, 14, 36, A2, 04, 6F, 0E, 8A, 6B, D3, 02, 82, 7A, D8, 7A, 36, 20, A9, 3A, 1E, E0, BC, F0, C3, 9D, 27, 90, D9, 7F, 4D, AD, 06, C5, D7, 56, 06, 47, 58, 60, 35, 9F, F9, 30, 33, 94, 7B, 4C, 44, E5, 88, 92, 22, 16, 50, 60, 23, 7F, 48, 38, 9D, E4, FF, D7, 7D, 04, D3, 34, 53, 1B, 4C, 22, 58, 0F, 80, 14, 44, 44...
 
[+]

Entropy:
7.9999  (probably packed)

The file wzpqyn.exe has been seen being distributed by the following URL.

http://d26yaxxlnmhaem.cloudfront.net/Public/softs/wzp/2.2.46/.../wzpqyn.exe

Scan wzpqyn.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.