nbot1.2.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from www35.zippyshare.com and multiple other hosts.
Version:
0, 0, 0, 0

MD5:
f829222c5c1d6857798fc6a53d2428e6

SHA-1:
689e1a144ea5c5ff38e6facd65e9c4475adc5602

SHA-256:
0312bd1c64a158279258f86990af0f6ee61cf9c0a78fb135335d606a7ad46622

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
11/27/2024 7:49:44 AM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Trojan.Zusy
7.1.1

File size:
888.2 KB (909,499 bytes)

Product version:
0, 0, 0, 0

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\nbot1.2.exe

File PE Metadata
Compilation timestamp:
6/16/2010 6:09:23 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
12288:HDGpINoV/Ez72ce7HFJxTiMDwOzhZzmf0+:jieoVnHDxTQOzhZz80+

Entry address:
0x51311

Entry point:
E8, D9, 7F, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 8B, 45, 08, 33, C9, 3B, 04, CD, 98, 86, 47, 00, 74, 13, 41, 83, F9, 2D, 72, F1, 8D, 48, ED, 83, F9, 11, 77, 0E, 6A, 0D, 58, 5D, C3, 8B, 04, CD, 9C, 86, 47, 00, 5D, C3, 05, 44, FF, FF, FF, 6A, 0E, 59, 3B, C8, 1B, C0, 23, C1, 83, C0, 08, 5D, C3, E8, E5, 0E, 00, 00, 85, C0, 75, 06, B8, 00, 88, 47, 00, C3, 83, C0, 08, C3, E8, D2, 0E, 00, 00, 85, C0, 75, 06, B8, 04, 88, 47, 00, C3, 83, C0, 0C, C3, 8B, FF, 55, 8B, EC, 56, E8, E2, FF, FF, FF, 8B, 4D, 08...
 
[+]

Code size:
372.5 KB (381,440 bytes)

The file nbot1.2.exe has been seen being distributed by the following 3 URLs.

Scan nbot1.2.exe - Powered by Reason Core Security