BackupPCFiles.exe

Nicetex Ltd

The application BackupPCFiles.exe by Nicetex has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Bright Access  (signed by Nicetex Ltd)

Version:
1.0.0.676

MD5:
42821cdcf64b2f6c879f91bff56938c9

SHA-1:
96231e8363475e68092a9829fd116da6c2362e4b

SHA-256:
1acbae7b8a4c9c388a120656c4fb126e34d1fca699be6ba4b71a6acdff8639ed

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/15/2024 4:22:06 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Win32.Generic.Nicetex.Meta
15.7.22.0

File size:
2.7 MB (2,830,968 bytes)

Product version:
1.0.0.676

Copyright:
Copyright © Bright Access 2010

Original file name:
BackupPCFiles.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\backuppcfiles\backuppcfiles.exe

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
9/30/2013 2:00:00 AM

Valid to:
10/1/2015 1:59:59 AM

Subject:
CN=Nicetex Ltd, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Nicetex Ltd, L=Hong Kong, S=Hong Kong, C=HK

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
2DD8F3D5B9C9F70F512CB8B8D6A2D2D0

File PE Metadata
Compilation timestamp:
6/25/2013 10:41:09 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
24576:wKkcH/XFSnJYEeGAkLvevwJyquyZaIWDBoALuuFsBjuhl16:v/oVefs2Y0YZMBMBE16

Entry address:
0x2AFDCE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 04, 00, 03, 00, 00, 00, 30, 00, 00, 80, 0E, 00, 00, 00, 58, 00, 00, 80, 10, 00, 00, 00, 70, 00, 00, 80, 18, 00, 00, 00, 88, 00, 00, 80, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 03, 00, 02, 00, 00, 00, A0, 00, 00, 80, 03, 00, 00, 00, B8, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
2.7 MB (2,809,344 bytes)

Remove BackupPCFiles.exe - Powered by Reason Core Security