home

nr_proto_3295747681507101.tmp

BIFIT

Publisher:
BIFIT  (signed and verified)

MD5:
975152e2f72eded814ac8a72d7fbff55

SHA-1:
911852443e74703d286feab86efc6fdf24a9fcd8

SHA-256:
6782fab35ea5a6815bfd7d4b6bd4274ce2206444f07b28e3c8c0ff8915ff8648

Scanner detections:
1 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
11/15/2024 1:39:53 AM UTC  (today)

Scan engine
Detection
Engine version

F-Secure
Win32.Ramnit
5.13.68

File size:
286 KB (292,864 bytes)

Common path:
C:\users\{user}\appdata\local\temp\nr_proto_3295747681507101.tmp

Digital Signature
Signed by:
BIFIT

Authority:
VeriSign, Inc.

Valid from:
6/1/2012 4:00:00 AM

Valid to:
6/23/2015 3:59:59 AM

Subject:
CN=BIFIT, OU=Development Department, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=BIFIT, L=Moscow, S=Moscow, C=RU

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
48CA98B4326E8BAF7A830E1BBB2CDF10

File PE Metadata
Compilation timestamp:
10/13/2014 6:31:26 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
6144:pcJX6MCMk2SHCikmEPAmZD9QIqrbEn71WAavw5ZkCuO37P/gfNL7WUhC:Wik1omZ5nxao4NO3D/glU

Entry address:
0x7A7D4

Entry point:
9C, 88, 24, 24, 60, C7, 44, 24, 20, FD, FB, ED, F5, E9, 48, CB, 00, 00, E9, 8D, 68, 00, 00, 66, F7, D0, 68, 15, 64, C2, 9E, 66, 0F, C8, C6, 47, FF, 00, 8D, 83, 1B, EB, 76, 49, 0F, C8, 0F, 92, C4, 89, 1C, 24, 98, 0F, C8, E9, 93, D2, 00, 00, 04, DD, 21, 55, 94, DD, 1F, 28, DC, 87, F5, A0, 80, 1A, E1, B4, F7, 61, 29, 88, 4B, 0A, 51, A9, 6B, FC, BD, 8B, 4C, 03, C3, A9, F1, 76, 33, 1D, 61, B8, FC, 5B, 9A, A2, CF, 8D, 96, 54, 7E, BA, C0, 37, 29, EC, BA, FB, 04, 49, 57, 73, 6D, 1B, 88, CC, D4, E3, 63, 73, 32, E4...
 
[+]

Code size:
54 KB (55,296 bytes)

Scan nr_proto_3295747681507101.tmp - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.