home

wzpqyn.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from d26yaxxlnmhaem.cloudfront.net.
MD5:
9b3f85cc4dee409ce00ef86e894eb458

SHA-1:
88e43ed6de20de3506ec8d920496dd1f19c97fa7

SHA-256:
077e2a230e8f3f437c50829928aa346491b49d73dc9e7a6ec7144631d5a55fc2

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/5/2024 8:24:43 PM UTC  (today)

File size:
2.9 MB (3,030,816 bytes)

File type:
Executable application (Win64 EXE)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\wzpqyn.exe

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
49152:Wso88PckpSsGs6dMoG/QvjYnn5hCVZ7a5R7lvnnEYLqYIeI+TfBdnDHvm31:zGlWs6dMRWI5hCVBa5rvnEY2YI+dFHeF

Entry point:
6D, 20, E6, F5, 7D, 46, 00, 5E, AB, 4F, B5, 7E, 81, 64, 74, 00, 00, 00, 00, 00, 7F, 00, 00, 00, 00, 00, 00, 00, 82, 99, 1E, 6A, BB, F5, 4D, BA, 59, 07, 00, 40, 56, 18, E2, A0, CC, B5, 24, 82, 28, E7, 1B, 75, D9, B1, 92, C2, D6, F3, 88, C2, 81, BC, 1C, DC, 03, 56, 16, 02, 90, 19, DD, 51, D8, 14, EA, BA, 35, 62, 54, 2A, 73, FB, F8, 2F, 5F, D8, F3, E5, C7, 57, 71, FF, 10, 6C, 05, 37, A7, E4, 15, DB, 06, 23, 79, 7C, 66, CF, B8, B8, 7C, 84, 3F, 5A, 17, 2A, 5A, 2C, F1, D9, 57, 5E, ED, F7, D1, 07, 75, 83, 2D, C3...
 
[+]

The file wzpqyn.exe has been seen being distributed by the following URL.

http://d26yaxxlnmhaem.cloudfront.net/Public/softs/wzp/2.2.59/.../wzpqyn.exe

Scan wzpqyn.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.