home

rznemqiy.exe

SmartFTP Client

Publisher:
The Enigma Protector  (signed by SmartFTP Client)

Product:
The Enigma Protector

Version:
4.0.0

MD5:
34d3c4dacd17f116f485bb071ba7c39b

SHA-1:
746f72efbb5df3fa274be6223fc80dbf7ec10bad

SHA-256:
aafa0d26b9e56b40e093420552489837dd6ef5747c8faa9485897e1d83b0027d

Scanner detections:
2 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
5/3/2024 2:21:39 AM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
MSIL/Injector.ESI trojan
6.3.12010.0

Microsoft Security Essentials
Trojan:MSIL/Toauta
1.235.1566.0

File size:
483.4 KB (494,984 bytes)

Product version:
4.0.0

Copyright:
(C) 2014 Vladimir Sukhov

Trademarks:
(R) 2014 Vladimir Sukhov

Original file name:
LastServerProtect.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\rznemqiy.exe

Digital Signature
Signed by:
SmartFTP Client

Authority:
SmartFTP Client

Valid from:
1/2/2014 1:56:32 PM

Valid to:
1/2/2114 1:56:32 PM

Subject:
CN=SmartFTP Client

Issuer:
CN=SmartFTP Client

Serial number:
6C7C1723381A15A44161851A894BF545

File PE Metadata
Compilation timestamp:
5/4/2016 12:19:26 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

Entry address:
0x605DE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 04, 00, 03, 00, 00, 00, 30, 00, 00, 80, 0E, 00, 00, 00, 68, 00, 00, 80, 10, 00, 00, 00, 80, 00, 00, 80, 18, 00, 00, 00, 98, 00, 00, 80, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 05, 00, 02, 00, 00, 00, B0, 00, 00, 80, 03, 00, 00, 00, C8, 00, 00, 80, 04, 00, 00, 00, E0, 00, 00, 80, 05, 00, 00, 00, F8, 00...
 
[+]

Entropy:
7.7600

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
377.5 KB (386,560 bytes)

Scan rznemqiy.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.