home

dijpn.exe

The executable dijpn.exe has been detected as malware by 40 anti-virus scanners. Accoriding to the detections, it is a variant of Zbot (Zeus), a trojan that attempts to steal confidential information (online credentials, and banking details) from a compromised computer and send it to online criminals via a command-and-control server.
MD5:
eca85beb81a61c7955da16182c4e1e45

SHA-1:
46d19d8f4f1061da3b75c430105febb86c20c09d

SHA-256:
0e80aa63d9069f8325ed4d66327270a8c063fe94485e5266c0bb2eb117fe2e05

Scanner detections:
40 / 68

Status:
Malware

Analysis date:
4/23/2024 8:11:57 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.Generic.KD.731993
1017

Agnitum Outpost
TrojanSpy.Zbot
7.1.1

AhnLab V3 Security
Trojan/Win32.Inject
2014.03.07

Avira AntiVirus
TR/Rogue.KD.731994
7.11.135.72

avast!
Win32:MalOb-KU [Trj]
2014.9-140424

AVG
PSW.Generic10
2015.0.3495

Baidu Antivirus
Trojan.Win32.Generic
4.0.3.14424

Bitdefender
Trojan.Generic.KD.731993
1.0.20.570

Bkav FE
W32.Clod0b2.Trojan
1.3.0.4959

Comodo Security
TrojWare.Win32.Injector.WRR
17897

Dr.Web
Trojan.PWS.Panda.2395
9.0.1.0114

Emsisoft Anti-Malware
Trojan.Generic.KD.731993
8.14.04.24.01

ESET NOD32
Win32/Injector.WSR (variant)
8.9511

Fortinet FortiGate
W32/Zbot.ANH!tr.pws
4/24/2014

F-Prot
W32/Zbot.GH.gen
v6.4.7.1.166

F-Secure
Trojan.Generic.KD.731993
11.2014-24-04_5

G Data
Trojan.Generic.KD.731993
14.4.24

IKARUS anti.virus
Trojan-Spy.Win32.Zbot
t3scan.2.2.29

K7 AntiVirus
Trojan
13.176.11367

Kaspersky
HEUR:Trojan.Win32.Generic
14.0.0.3970

Malwarebytes
Trojan.Agent
v2014.04.24.01

McAfee
PWS-Zbot.gen.amk
5600.7151

Microsoft Security Essentials
VirTool:Win32/CeeInject.gen!HL
1.10302

MicroWorld eScan
Trojan.Generic.KD.731993
15.0.0.342

NANO AntiVirus
Trojan.Win32.Zbot.bblyhy
0.28.0.58101

Norman
Cridex.Z
11.20140424

nProtect
Trojan/W32.Agent.332800.ED
14.03.07.01

Panda Antivirus
Trj/Genetic.gen
14.04.24.01

Qihoo 360 Security
Win32/Trojan.3eb
1.0.0.1015

Quick Heal
VirTool.CeeInject.A
4.14.12.00

Reason Heuristics
Threat.Win.Reputation.IMP
15.12.17.0

Rising Antivirus
PE:Malware.XPACK!1.6B46
23.00.65.14422

Sophos
Troj/DwnLdr-KFF
4.98

SUPERAntiSpyware
Trojan.Agent/Gen-Injector
10647

Total Defense
Win32/CInject.N!generic
37.0.10803

Trend Micro House Call
TROJ_SPNR.14J212
7.2.114

Trend Micro
TROJ_SPNR.14J212
10.465.24

Vba32 AntiVirus
BScope.Trojan.Belly.25915
3.12.24.3

VIPRE Antivirus
Lookslike.Win32.Fakerean.p
27160

ViRobot
Trojan.Win32.A.Inject.335872.E
2011.4.7.4223

File size:
325 KB (332,800 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\vmwarednd\e70977ba\dijpn.exe

File PE Metadata
Compilation timestamp:
9/19/2012 1:04:59 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.56

CTPH (ssdeep):
6144:59LMYYoC3oI3XKASU/jIddf1LgRfqLbjm8JlXkK6dCEwUCitW1RUWFM:5SiRAZ/jcdu9qL/m8JlXiHw8

Entry address:
0x1240

Entry point:
55, 89, E5, 83, EC, 08, C7, 04, 24, 02, 00, 00, 00, FF, 15, 14, 22, 45, 00, E8, A8, FE, FF, FF, 90, 8D, B4, 26, 00, 00, 00, 00, 55, 8B, 0D, 2C, 22, 45, 00, 89, E5, 5D, FF, E1, 8D, 74, 26, 00, 55, 8B, 0D, 20, 22, 45, 00, 89, E5, 5D, FF, E1, 90, 90, 90, 90, 55, 89, E5, 5D, E9, 47, 20, 00, 00, 90, 90, 90, 90, 90, 90, 90, 55, 89, E5, 83, EC, 38, 83, 3D, 1C, 11, 45, 00, 00, 74, 69, C7, 44, 24, 2C, 00, 00, 00, 00, C7, 44, 24, 28, 00, 00, 00, 00, C7, 44, 24, 24, 00, 00, 00, 00, C7, 44, 24, 20, 00, 00, 00, 00, C7...
 
[+]

Entropy:
7.9049

Packer / compiler:
MingWin32

Code size:
10.5 KB (10,752 bytes)

Remove dijpn.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.