nvtray.exe

Onur Karagoz

The executable nvtray.exe has been detected as malware by 10 anti-virus scanners.
Publisher:
Onur Karagoz  (signed and verified)

Version:
1.0.0.0

MD5:
91a0ab87db192db2e31542993395b7e3

SHA-1:
13ea06f4161b04f64eec8078fbe14eb0fd1c8360

Scanner detections:
10 / 68

Status:
Malware

Analysis date:
12/25/2024 4:36:39 AM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
TR/ATRAPS.Gen
7.11.196.12

AVG
MSIL5
2016.0.2965

Comodo Security
UnclassifiedMalware
20390

ESET NOD32
MSIL/TrojanClicker.Agent.NIR (variant)
9.10886

Fortinet FortiGate
MSIL/TrojanClicker_Agent.NIR!tr
10/6/2015

IKARUS anti.virus
Trojan.MSIL.TrojanClicker
t3scan.1.8.5.0

K7 AntiVirus
Trojan
13.188.14354

McAfee
RDN/Generic.grp!hs
5600.6621

Qihoo 360 Security
HEUR/QVM03.0.Malware.Gen
1.0.0.1015

VIPRE Antivirus
Trojan.Win32.Clicker
35780

File size:
138.8 KB (142,096 bytes)

Product version:
1.0.0.0

Original file name:
LSM.exe

File type:
Executable application (Win32 EXE)

Language:
Yansiz Dil

Common path:
C:\Documents and Settings\{user}\Application data\nvtray.exe

Digital Signature
Signed by:

Authority:
COMODO CA Limited

Valid from:
11/13/2014 2:00:00 AM

Valid to:
11/14/2015 1:59:59 AM

Subject:
CN=Onur Karagoz, O=Onur Karagoz, STREET=UĞURMUMCU MAH. UĞURMUMCU CAD., STREET=184 ÇATIEVLER SİTESİ, STREET=BLOK:C D:210, L=Ankara, S=Yenimahalle, PostalCode=06370, C=TR

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00CD82F99CAD17F58E443C98C1BD258CBA

File PE Metadata
Compilation timestamp:
12/10/2014 3:46:16 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
3072:mrkZy4dXijXXo+E5l0BaLekv6/iVJl9L5lXxc4QKv6CksKQ1t:muMaiaLekv6qvhRQUM2

Entry address:
0x22AAE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
131 KB (134,144 bytes)

Remove nvtray.exe - Powered by Reason Core Security