home

tnodup-portable.exe

TNod User & Password Finder

Tukero[X]Team

The application tnodup-portable.exe has been detected as a potentially unwanted program by 3 anti-malware scanners. This file is typically installed with the program TNod User & Password Finder by Tukero[X]Team which is a potentially unwanted software program. While running, it connects to the Internet address um05.eset.com on port 80 using the HTTP protocol.
Publisher:
Tukero[X]Team

Product:
TNod User & Password Finder

Version:
1, 6, 0, 0

MD5:
f8daaaa06758d3f746aa1958952a3268

SHA-1:
a92915cdc09ecafb1857c25e79a965a1aa34473d

SHA-256:
4e52127cffa6f43a6b7a1f4c3317afa80325239b9731ffc4cf69703877816692

Scanner detections:
3 / 68

Status:
Potentially unwanted

Analysis date:
11/16/2024 5:41:15 PM UTC  (today)

Scan engine
Detection
Engine version

Baidu Antivirus
PUA.Win32.Generik
4.0.3.151021

ESET NOD32
Win32/RiskWare.HackAV.DM
9.12442

Malwarebytes
Trojan.Agent.CK
v2015.10.21.04

File size:
2 MB (2,112,512 bytes)

Product version:
1, 6, 0, 0

Copyright:
Copyleft 2007-2015

File type:
Executable application (Win32 EXE)

Language:
Spanish (Ecuador)

File PE Metadata
Compilation timestamp:
10/16/2015 8:42:57 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
14.0

CTPH (ssdeep):
49152:ATrYO6Ug3gLVKVQXiPUIPjjUiVILA/MmcOU7m6V++j:AT96E5E3YhgMVOU7A+j

Entry address:
0x1000

Entry point:
68, 01, 50, 98, 00, E8, 01, 00, 00, 00, C3, C3, EA, F2, F8, 78, 1D, D1, C6, 36, 1D, A7, BE, D7, 9F, A6, 9D, CF, F1, 13, BE, 73, 39, AD, 3B, DD, 76, D4, 5F, 4E, B0, 7D, FB, F5, F0, 88, D1, C9, 2C, 0B, 8B, 13, 13, 39, AC, AF, F0, C0, 1C, F7, D2, 41, 1E, 8D, E6, 2F, 44, 13, 16, 42, EA, 6F, 41, 66, 06, 69, FE, 42, B8, B6, D5, 7B, 6B, AE, 4D, 37, EF, 4F, 27, 45, E6, FE, 31, B8, 4A, 1E, 5A, 50, 50, CB, 17, 7B, E3, 99, 92, B4, B6, 51, B1, 39, 54, 13, 76, 6B, DD, 2C, 0F, 31, 53, C5, 8B, C2, CF, E0, AF, 99, 72, B5...
 
[+]

Entropy:
7.9151

Packer / compiler:
ASProtect v1.2x (New Strain)

Code size:
3.9 MB (4,115,968 bytes)

The file tnodup-portable.exe has been discovered within the following programs.

TNod User & Password Finder  by Tukero[X]Team
Publisher's description - “TNod User & Password Finder is software that is used to search the internet for activation keys for any version of NOD32 programs. In particular, it provides the username and password for ESET NOD32 Smart Security and ESET NOD32 Antivirus.”
tukero.blogspot.com
67% remove it
 
Powered by Should I Remove It?

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):
Connects to um05.eset.com  (91.228.167.132:80)

TCP (HTTP):
Connects to 91-228-165-81.ptr.eset.com  (91.228.165.81:80)

TCP (HTTP):
Connects to 91-228-167-125.ptr.eset.com  (91.228.167.125:80)

TCP (HTTP):
Connects to 30-166-212-190.enitel.net.ni  (190.212.166.30:80)

Remove tnodup-portable.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.