» ninitelauncher.exe
Overview
Analysis
File Details
Behaviors (1)

ninitelauncher.exe

Project1

noOrg

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘NINITE LAUNCHER’.

File name:

ninitelauncher.exe

Publisher:

noOrg

Product:

Project1

Version:

1.00

MD5:

25c26e9e9dc7054ebff128da29b8b7bb

SHA-1:

66696508efc3227ec395057f68bb2542ce61a6c0

SHA-256:

7def58ff22f7d9755f8a10aacb027ea5a7de17593325eda19a80947fb4d641f2

Scanner detections:

1 / 68

Status:

Inconclusive (not enough data for an accurate detection)

Analysis date:

4/1/2025 8:38:04 PM UTC (today)

Scan engine

Detection

Engine version

Dr.Web

Win32.HLLP.Neshta

9.0.1.05190

File size:

2.4 MB (2,567,680 bytes)

Product version:

1.00

Original file name:

Download.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\appdata\roaming\ninitelauncher.exe

File PE Metadata

Compilation timestamp:

10/24/2013 4:36:04 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

Entry address:

0x10E0

Entry point:

8B, 47, 04, A3, 04, A6, 40, 00, B0, 01, 83, C4, 10, 5F, 5E, 5B, C3, 8D, 40, 00, 53, 83, C4, F8, 8B, D8, 8B, D4, 8D, 43, 04, E8, 44, F8, FF, FF, 83, 3C, 24, 00, 74, 0B, 8B, C4, E8, 57, FF, FF, FF, 84, C0, 75, 04, 33, C0, EB, 02, B0, 01, 59, 5A, 5B, C3, 90, 53, 56, 83, C4, F8, 8B, F2, 8B, D8, 8B, CC, 8D, 56, 04, 8B, C3, E8, A3, F8, FF, FF, 83, 3C, 24, 00, 74, 0B, 8B, C4, E8, 26, FF, FF, FF, 84, C0, 75, 04, 33, C0, EB, 02, B0, 01, 59, 5A, 5E, 5B, C3, 8D, 40, 00, 33, D2, 85, C0, 79, 03, 83, C0, 03, C1, F8, 02... 
[+]

Entropy:

7.8616 (probably packed)

Code size:

2.2 MB (2,269,184 bytes)

Startup File (All Users Run)

Registry location:

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:

NINITE LAUNCHER

Command:

C:\users\{user}\appdata\roaming\ninitelauncher.exe

Scan ninitelauncher.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.