home

nsb406e.tmp

CHAODONG XIAO

The file nsb406e.tmp has been detected as malware by 1 anti-virus scanner.
Publisher:
CHAODONG XIAO  (signed and verified)

MD5:
dad1b50fa1c5f2975e44256d08257d07

SHA-1:
b8ce394f1f099d792d688b64d4a2983579320392

SHA-256:
6c4a1a8e64dedb15fe0b5bdfe531ab70efb176e75f4d26e790eb36c36f7f8477

Scanner detections:
1 / 68

Status:
Malware

Analysis date:
4/12/2025 10:27:00 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
16.9.12.6

File size:
741.8 KB (759,568 bytes)

Common path:
C:\users\{user}\appdata\local\temp\nsb406e.tmp

Digital Signature
Signed by:
CHAODONG XIAO

Authority:
thawte, Inc.

Valid from:
12/23/2015 2:00:00 AM

Valid to:
10/21/2016 2:59:59 AM

Subject:
CN=CHAODONG XIAO, OU=Individual Developer, O=No Organization Affiliation, L=Beijing, S=Beijing, C=CN

Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:
40C4CD4BA113D81E41F98C740465B5C4

File PE Metadata
Compilation timestamp:
12/23/2015 9:40:32 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
12288:SSQ7qIVEXIlyQf8qkgIut3Vf3V95fSxPwA5QeqOmt5xBov2WcQ2Oxv/4GTj+85C:CkOJkylff5fSxn5QeqOkbBUyOp3Tj+8g

Entry address:
0x2CEB6

Entry point:
01, 00, 00, 8B, 85, 5C, FE, FF, FF, 83, A5, 74, FE, FF, FF, 00, 89, 46, 04, 8B, 87, F4, 01, 00, 00, 8B, 8F, F0, 01, 00, 00, 89, 85, 64, FE, FF, FF, 8D, 87, D0, 01, 00, 00, 8B, 56, 04, 3B, 10, 74, 36, 8B, 10, FF, 85, 74, FE, FF, FF, 89, 08, 8B, 8D, 64, FE, FF, FF, 89, 95, 40, FE, FF, FF, 8B, 50, 04, 89, 48, 04, 8B, 8D, 40, FE, FF, FF, 83, C0, 08, 83, BD, 74, FE, FF, FF, 05, 89, 95, 64, FE, FF, FF, 7C, C5, EB, 2D, 8B, 85, 74, FE, FF, FF, 85, C0, 74, 23, 8D, 84, C7, D0, 01, 00, 00, 8B, 10, 89, 97, D0, 01, 00...
 
[+]

Code size:
541 KB (553,984 bytes)

Remove nsb406e.tmp - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.