nosemay.exe

Nosemay

Shanghai Yuntong Technology Co., Ltd.

The executable nosemay.exe has been detected as malware by 3 anti-virus scanners.
Publisher:
Shanghai Yuntong Technology Co., Ltd.  (signed and verified)

Product:
Nosemay

Version:
1.0.0.1

MD5:
96b6eee0def9957a702b23c853e18078

SHA-1:
e7055f963fec2745c933f70ee4cd7bb7b1530937

SHA-256:
ff2dca5258e46e39359a4ee7ddd5c5c3909053e62f8308215eb3fd6fe4ae2a35

Scanner detections:
3 / 68

Status:
Malware

Analysis date:
11/15/2024 10:55:31 PM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:Crypt-SKC [Trj]
160518-2

F-Prot
W32/Neshta.A!Generic
4.6.5.141

McAfee
Virus.W32/HLLP.41472
18.0.204.0

File size:
431.4 KB (441,736 bytes)

Product version:
50.27.2661.78

Copyright:
Copyright (C) 2016 Nosemay Authors

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\windows\temp\3582-490\nosemay.exe

Digital Signature
Authority:
thawte, Inc.

Valid from:
5/6/2016 12:00:00 AM

Valid to:
2/24/2017 11:59:59 PM

Subject:
CN="Shanghai Yuntong Technology Co., Ltd.", O="Shanghai Yuntong Technology Co., Ltd.", L=Beijing, S=Beijing, C=CN

Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:
1A3EAC6C38C71B1E4CE1FA41CFA093E5

File PE Metadata
Compilation timestamp:
5/30/2016 5:36:31 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
14.0

CTPH (ssdeep):
6144:/W297tCXid6Ai6iqjQrMEYK/oM0DIXPUcY86NaEbUIWJHhUBHN:DMX+s6i4Qrh9/oMU8fYLZInHhUBHN

Entry address:
0x28EAE

Entry point:
81, 8C, 61, 00, 00, 9C, E9, 97, 99, 98, C6, 50, 31, FA, 22, 00, B2, 38, 9D, 0D, EF, 6A, 00, 00, 00, 00, 3F, 38, 66, 2B, 32, E2, 83, 3A, 68, 87, AA, 39, 02, 98, 0C, 00, 00, 00, 00, EA, 7D, 51, 65, 42, 02, 43, 35, 26, 3F, 3E, EF, 4F, B2, 9D, C8, D5, A7, 22, 00, 46, AC, 39, 99, 12, C5, B2, 2C, 95, 99, 98, C6, 8A, E4, 2C, 92, 03, 9A, 00, 00, 00, 00, 95, FA, 25, 0D, 96, 53, 00, 00, 00, 00, E4, 22, 43, 35, 5E, 0D, 4D, 6A, 34, 6F, 22, E0, 41, ED, 8F, 98, C9, A8, 2C, 00, 54, FC, 25, E0, 0C, 96, 98, 4C, 89, AE, 2C...
 
[+]

Code size:
285.5 KB (292,352 bytes)

Remove nosemay.exe - Powered by Reason Core Security