home

nszcb2c.exe

MyDailyVideo

BERSHNET LLC

The application nszcb2c.exe by BERSHNET has been detected as adware by 13 anti-malware scanners. The setup program bundles adware offers using the Amonetize, a Pay-Per-Install (PPI) monetization and distribution download manager. The software offerings provided are based on the PC's geo-location at the time of install. It is also typically executed from the user's temporary directory.
Publisher:
My Daily Soft.  (signed by BERSHNET LLC)

Product:
MyDailyVideo

Description:
My Daily Video

Version:
1.0.0.596

MD5:
c04b27a44cd19b9f5e842c078b32be09

SHA-1:
94c336e3d66a1bc7490188b44241f83969001ccb

SHA-256:
18f2890687dd3b0ab38c2560e77e52a4ab3fbd1a6d0a4fc6a0deb97020b60bf8

Scanner detections:
13 / 68

Status:
Adware

Analysis date:
11/23/2024 11:00:07 AM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:Amonetize-JN [PUP]
150414-0

Baidu Antivirus
PUA.Win32.Dlhelper
4.0.3.15519

Bkav FE
W32.HfsAdware
1.3.0.6379

Comodo Security
UnclassifiedMalware
22025

Dr.Web
Trojan.Amonetize.2368
9.0.1.05190

ESET NOD32
Detection.Undefined
7.0.302.0

IKARUS anti.virus
Trojan.Agent
t3scan.1.8.9.0

Malwarebytes
PUP.Optional.Amonetize.A
v2015.05.19.02

McAfee
Artemis!C04B27A44CD1
5600.6761

Quick Heal
PUA.Bershnetll.Gen
5.15.14.00

Reason Heuristics
PUP.Installer.BERSHNET
15.5.19.1

Trend Micro House Call
Suspicious_GEN.F47V0415
7.2.139

VIPRE Antivirus
Threat.4785227
39486

File size:
351.5 KB (359,952 bytes)

Product version:
1.0.0.596

Copyright:
Copyright © My Daily Soft. 2015

Original file name:
setup.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\temp\nszcb2c.exe

Digital Signature
Signed by:
BERSHNET LLC

Authority:
COMODO CA Limited

Valid from:
2/6/2015 12:00:00 AM

Valid to:
2/6/2016 11:59:59 PM

Subject:
CN=BERSHNET LLC, O=BERSHNET LLC, STREET="st. 600-richya b.66, of.10", L=Vinnitsya, S=Vinnitskaya, PostalCode=21027, C=UA

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00EC2CA0DA3303138873D39569A5F3AF0E

File PE Metadata
Compilation timestamp:
4/7/2015 11:17:46 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
6144:owHRuu3G9ms7dyWR9IQ4R5Zlos6Q+ZsOP7ri8SQJ9zI9zpcSZlC/aQxvd5ooAmhr:dHRuuG9dMMCnZIcY7rgppXjCSEvj9t

Entry address:
0x583FE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.9057

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
345.5 KB (353,792 bytes)

Remove nszcb2c.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.