home

nito_installer.exe

This is a self-extracting archive and installer. The file has been seen being downloaded from qc2.androidfilehost.com and multiple other hosts.
MD5:
41aeb4ea8a950ea84171ee8a59098ccc

SHA-1:
b2e14df1db9bd61f268a78e59be4c26f29f9b4b2

SHA-256:
d8702725ecc0e7e86d9ba78f8c71f192b06649bb68b425aca135f9f3a8d8f6e8

Scanner detections:
1 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
11/24/2024 12:46:09 PM UTC  (today)

Scan engine
Detection
Engine version

Zillya! Antivirus
Trojan.Inject.Win32.169063
2.0.0.2548

File size:
3.6 MB (3,776,527 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\nito_installer.exe

File PE Metadata
Compilation timestamp:
1/24/2015 2:14:39 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.50

CTPH (ssdeep):
98304:TU1Vsn5DwiD5BoF4H+s/gFdRA5a6Z07YE+x:oE5DwiD5eWHnaRA5aF6

Entry address:
0x1000

Entry point:
68, 18, 02, 00, 00, 68, 00, 00, 00, 00, 68, 10, AE, 46, 00, E8, 10, 91, 00, 00, 83, C4, 0C, 68, 00, 00, 00, 00, E8, 0F, 91, 00, 00, A3, 14, AE, 46, 00, 68, 00, 00, 00, 00, 68, 00, 10, 00, 00, 68, 00, 00, 00, 00, E8, FC, 90, 00, 00, A3, 10, AE, 46, 00, B8, 40, A7, 43, 00, A3, 28, AE, 46, 00, E8, 42, 86, 02, 00, E8, 70, 68, 02, 00, E8, B7, 64, 02, 00, E8, 0E, 63, 02, 00, E8, DB, 61, 02, 00, E8, C2, 58, 02, 00, E8, BB, 4A, 02, 00, E8, F6, 46, 02, 00, E8, D3, 2F, 02, 00, E8, D7, E9, 01, 00, E8, 39, B7, 01, 00...
 
[+]

Entropy:
7.9352

Packer / compiler:
PKLITE32, 0x1.1

Code size:
194.5 KB (199,168 bytes)

The file nito_installer.exe has been seen being distributed by the following 20 URLs.

http://qc2.androidfilehost.com/dl/ebn9nAck8j2xIj1SsdKEvQ/1475252242/.../nito_Installer.exe

http://qc2.androidfilehost.com/dl/crsOhUdee8z-PmODZZ2zHw/1470826483/.../nito_Installer.exe

http://www100.zippyshare.com/d/HytsEQPe/.../nito_installer.exe

https://qc3.androidfilehost.com/dl/ZWqcJRQWQrEAH_-cuwAqjQ/1455047724/.../nito_Installer.exe

http://qc2.androidfilehost.com/dl/Vm1mMolPEt9iZLB3zkV8Eg/1480187351/.../nito_Installer.exe

http://qc2.androidfilehost.com/dl/K7cBfrlnMKJ5a4fP_TwHVw/1481422268/.../nito_Installer.exe

http://tx2.androidfilehost.com/dl/TNawvkOMqL3C_ma_9xeRjw/1461256008/.../nito_Installer.exe

http://qc3.androidfilehost.com/dl/aYfIBhJDU3nrJPCwaCAnjA/1449610324/.../nito_Installer.exe

https://qc3.androidfilehost.com/dl/iB-aMAP8Sl66HZSVsexeZg/1454395136/.../nito_Installer.exe

http://tx2.androidfilehost.com/dl/CQazwx33BjJZi6NXDjePTA/1452699206/.../nito_Installer.exe

https://fl1.androidfilehost.com/dl/t6gwQQpleiovkWbb-RwB6w/1449268023/.../nito_Installer.exe

http://tx2.androidfilehost.com/dl/BJnn7bqzetwLgxvoujz_vQ/1461968462/.../nito_Installer.exe

https://ny1.androidfilehost.com/dl/rClVAVrR1kDCuvnHRjZ6_Q/1461490139/.../nito_Installer.exe

https://fl1.androidfilehost.com/dl/Z0Cd9boumgAoLuPGdDP0Yg/1452668066/.../nito_Installer.exe

https://fl1.androidfilehost.com/dl/aFIf43AVPWZ_6_Mdj9Mf8A/1449091994/.../nito_Installer.exe

https://fl1.androidfilehost.com/dl/ug7t4bk5ea9kHWND9sM9QA/1458767517/.../nito_Installer.exe

https://qc3.androidfilehost.com/dl/5tWPs9dZ_hEJtnBc45_1-A/1457708656/.../nito_Installer.exe

http://tx2.androidfilehost.com/dl/zpdMbhgIs7tQK0-K1r3wGA/1452474641/.../nito_Installer.exe

http://ca1.androidfilehost.com/dl/56yTOFrwiRKuhqY-91bNhQ/1451844231/.../nito_Installer.exe

https://fl1.androidfilehost.com/dl/RCQiU_itdoSUhnj05MciCw/1451230727/.../nito_Installer.exe

Scan nito_installer.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.