home

netstream.exe

BugReport

The executable netstream.exe has been detected as malware by 2 anti-virus scanners.
Product:
BugReport

Version:
1, 5, 0, 1022

MD5:
9bd69c6e81430edb3ad57d0b39817d7e

SHA-1:
23eb55d215ddf516f4e4ac121707ac05b9ccda44

SHA-256:
950c51fd4d7c0a1f35e8a5230433978a627ad63e0fd537a4b2af678d6661960a

Scanner detections:
2 / 68

Status:
Malware

Analysis date:
4/1/2025 8:28:22 PM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
Win32/Kryptik.CPZK trojan
6.3.12010.0

Microsoft Security Essentials
TrojanProxy:Win32/Bunitu.Q!bit
1.237.1169.0

File size:
627 KB (642,048 bytes)

Product version:
1, 5, 0, 1022

Original file name:
BugReport.exe

File type:
Executable application (Win32 EXE)

Language:
Chinese (Simplified, China)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\netstream.exe

File PE Metadata
Compilation timestamp:
3/6/2017 8:39:01 AM

OS version:
3.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

Entry address:
0x5E720

Entry point:
55, 8B, EC, 83, EC, 0C, A1, E8, 40, 49, 00, 03, 05, DC, 40, 49, 00, A3, F8, 40, 49, 00, 68, 5C, 40, 49, 00, FF, 15, 24, 00, 46, 00, 8B, 0D, B4, 40, 49, 00, 51, FF, 15, 94, 03, 46, 00, 8B, 15, B4, 40, 49, 00, 52, FF, 15, B4, 02, 46, 00, 8B, D2, 8B, 55, 08, 8B, D2, 89, 15, BC, 40, 49, 00, 89, 2D, 9C, 40, 49, 00, C7, 45, FC, 00, 00, 00, 00, E8, 76, 03, 00, 00, 68, 0A, 02, 00, 00, 6A, 7B, E8, 8A, 01, 00, 00, 83, C4, 08, C7, 45, F4, 02, 00, 00, 00, 83, 7D, F4, 00, 74, 50, 83, 7D, FC, 12, 76, 07, 33, C0, E9, 5A...
 
[+]

Entropy:
4.4402

Developed / compiled with:
Microsoft Visual C++

Code size:
376.5 KB (385,536 bytes)

Remove netstream.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.