home

nsissetup.exe

This is a self-extracting archive and installer. The file has been seen being downloaded from teabag.blob.core.windows.net.
MD5:
ae32d2f480912dd1426e095db3a071e4

SHA-1:
1b68abe489f558890595237f9cd154ac357d3e1d

SHA-256:
c957a43a2bfa517a3280ab20582e0ae14ea41123e108fb0d97c8f995ca6c020d

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
2/24/2025 11:27:02 PM UTC  (a few moments ago)

File size:
522.5 KB (535,064 bytes)

File type:
Executable application (Win64 EXE)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\nsissetup.exe

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
12288:W5l+jlOiDIk2NVjbmwVDNHtvYGLaFkw3Kf6lz7NvB6su:W2Mif6bms1tfLaf3865ssu

Entry point:
17, CA, 90, 03, 03, 00, 00, 04, 04, 00, 00, FF, 00, FF, 00, B8, B8, 00, 00, 00, 00, 00, 00, 40, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, F0, F0, 00, 00, 0E, 11, A5, B4, 0E, B4, BD, C4, EC, 99, B9, 4D, 81, EC, 75, 3C, 01, 1A, 53, 50, 02, 1D, 08, 15, 13, 0C, 4D, 43, 02, 0F, 00, 01, 1B, 54, 42, 07, 45, 52, 07, 1B, 4E, 49, 07, 4E, 64, 0B, 1C, 73, 4D, 02, 0B, 01, 4B, 23, 00, 07, 2E, 24, 00, 00, 00, 00, 00, 00, F6...
 
[+]

Entropy:
7.4679

The file nsissetup.exe has been seen being distributed by the following URL.

http://teabag.blob.core.windows.net/public-source/.../nsissetup.exe

Scan nsissetup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.