node.exe

Node.js

Joyent Inc

The executable node.exe, “Evented I/O for V8 JavaScript” has been detected as malware by 3 anti-virus scanners.
Publisher:
Joyent, Inc  (signed by Joyent Inc)

Product:
Node.js

Description:
Evented I/O for V8 JavaScript

Version:
0.10.29

MD5:
5fece0289e48086740b5753c9b2b62ef

SHA-1:
6400a032096bff63c863c997fd91cf4eb7259ddf

SHA-256:
0fc09ff4755d59a02edf2982c15117d04a1223a09c25d10342ab1b44b4e59442

Scanner detections:
3 / 68

Status:
Malware

Analysis date:
11/27/2024 5:06:29 AM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
Win32/Floxif.H virus
6.3.12010.0

F-Prot
W32/Floxif.B
4.6.5.141

F-Secure
Win32.Floxif.A
5.16.24

File size:
5.6 MB (5,868,711 bytes)

Product version:
0.10.29

Copyright:
Copyright Joyent, Inc. and other Node contributors. MIT license.

Original file name:
node.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\popcorn time\chromecast\node.exe

Digital Signature
Signed by:

Authority:
GlobalSign nv-sa

Valid from:
8/4/2011 6:55:33 AM

Valid to:
10/31/2014 2:35:25 AM

Subject:
CN=Joyent Inc, O=Joyent Inc, L=San Francisco, S=California, C=US

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121D00C5638BF8CEED2348CEA517065BFB2

File PE Metadata
Compilation timestamp:
6/9/2014 11:22:22 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
10.0

Entry address:
0x30FF9A

Entry point:
E9, A5, A1, F7, FF, E9, 95, FE, FF, FF, 8B, FF, 55, 8B, EC, 51, 51, 8D, 45, F8, 50, FF, 15, D4, D1, 73, 00, 8B, 45, F8, 8B, 4D, FC, 6A, 00, 05, 00, 80, C1, 2A, 68, 80, 96, 98, 00, 81, D1, 21, 4E, 62, FE, 51, 50, E8, FC, CD, 00, 00, 83, FA, 07, 7C, 0E, 7F, 07, 3D, FF, 6F, 40, 93, 76, 05, 83, C8, FF, 8B, D0, 8B, 4D, 08, 85, C9, 74, 05, 89, 01, 89, 51, 04, C9, C3, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 8B, FF, 55, 8B, EC, 51, 8B, 55, 08, 57, 8B, F8, 3B, FA, 76, 6C, 8B, 4D, 0C, 8D, 04, 0A, 53, 89, 45, FC...
 
[+]

Entropy:
6.9022

Packer / compiler:
Xtreme-Protector v1.05

Code size:
3.2 MB (3,389,440 bytes)

Windows Firewall Allowed Program
Name:
node.exe


Remove node.exe - Powered by Reason Core Security