home

nxsc.exe

NetZone Info-Tech Co., Ltd., Shanghai

The application nxsc.exe by NetZone Info-Tech Co.,, Shanghai has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
NetZone Info-Tech Co., Ltd., Shanghai  (signed and verified)

MD5:
d1758f8d65ed0005bccd38a9e724d7da

SHA-1:
0671a39ce226d51f9548cd7c88dc15dc5a8f5c54

SHA-256:
8978290cfa3c5aa5974d7172359bc1d27bc9e61667922371f4c1aca07f35eafe

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/27/2024 6:33:09 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Optional.NetZoneI
17.3.6.6

File size:
3.1 MB (3,296,256 bytes)

File type:
Executable application (Win64 EXE)

Common path:
C:\Program Files\nxscli\nxsc.exe

Digital Signature
Signed by:
NetZone Info-Tech Co., Ltd., Shanghai

Authority:
VeriSign, Inc.

Valid from:
10/19/2015 8:00:00 AM

Valid to:
11/18/2016 7:59:59 AM

Subject:
CN="NetZone Info-Tech Co., Ltd., Shanghai", OU=研发部, O="NetZone Info-Tech Co., Ltd., Shanghai", L=Shanghai, S=Shanghai, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
53E901A1F94C2C43445BF53135DE579A

File PE Metadata
OS version:
4.0

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
3.0

Entry address:
0x16C20

Entry point:
48, 8D, 64, 24, D8, C6, 05, F4, 4B, 1B, 00, 00, 48, 8D, 05, DD, 43, 2A, 00, 48, 8D, 05, C6, 43, 2A, 00, 48, 8D, 05, 8F, 57, 1B, 00, E8, 8A, F6, FF, FF, 90, 48, 8D, 64, 24, 28, C3, 00, 00, 00, 53, 48, 8D, 64, 24, E0, 48, B9, 00, 00, 00, 00, 00, 00, 00, 00, E8, 5B, A4, FE, FF, 48, 89, C3, 48, B9, 00, 00, 00, 00, 00, 00, 00, 00, E8, 49, A4, FE, FF, 48, 63, 40, 3C, 48, 8D, 04, 03, 48, 8B, 40, 60, 90, 48, 8D, 64, 24, 20, 5B, C3, 00, 00, 00, 00, 00, 53, 48, 8D, 64, 24, E0, B8, 00, 00, 00, 00, 48, B9, 00, 00, 00...
 
[+]

Entropy:
5.8640

Code size:
1.8 MB (1,874,528 bytes)

Windows Firewall Allowed Program
Name:
nxsc


Remove nxsc.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.