» 0e2351665155dc2cc6773842640f385f_0.npb
Overview
Analysis
File Details

0e2351665155dc2cc6773842640f385f_0.npb

The file 0e2351665155dc2cc6773842640f385f_0.npb has been detected as malware by 39 anti-virus scanners.

File name:

MD5:

0e2351665155dc2cc6773842640f385f

SHA-1:

ac78d915a62bc8d502d4e719ea8196fb2bf3ef4e

SHA-256:

c15df6c8e730c0aa2f71356470da3592fd7af0d5db3e897dd2faf0e1b5bc159e

Scanner detections:

39 / 68

Status:

Malware

Analysis date:

4/25/2024 5:39:13 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Win32.Worm.Brontok.BI

6434017

Agnitum Outpost

Packed/PECompact

7.1.1

AhnLab V3 Security

HEUR/Fakon.mwf

2015.01.25

Avira AntiVirus

Worm/VB.CZ.14.A

7.11.204.248

avast!

Win32:Sality

150102-1

AVG

Worm/Generic3.EHY

2014.0.4257

Bitdefender

Win32.Worm.Brontok.BI

1.0.20.125

Bkav FE

W32.HfsAutoA

1.3.0.6379

Clam AntiVirus

Worm.VB-89

0.98/21511

Comodo Security

Worm.Win32.VB.CZ_14_A0

20835

Dr.Web

Trojan.MulDrop.59624

9.0.1.05190

Emsisoft Anti-Malware

Win32.Worm.Brontok.BI

9.0.0.4799

ESET NOD32

Win32/NoonLight.B worm

7.0.302.0

Fortinet FortiGate

W32/Virut.CE

1/25/2015

F-Prot

W32/Worm.AJ

4.6.5.141

F-Secure

Win32.Worm.Brontok.BI

5.13.68

G Data

Win32.Worm.Brontok.BI

15.1.24

IKARUS anti.virus

Trojan.Win32.Agent2

t3scan.1.8.6.0

K7 AntiVirus

EmailWorm

13.192.14746

Kaspersky

HEUR:Trojan.Win32.Generic

14.0.0.2590

Malwarebytes

Worm.AutoRun

v2015.01.25.01

McAfee

W32/MoonLight.worm

5600.6875

Microsoft Security Essentials

Threat.Undefined

1.191.3191.0

MicroWorld eScan

Win32.Worm.Brontok.BI

16.0.0.75

NANO AntiVirus

Trojan.Win32.VB.crsvto

0.30.0.64812

Norman

Win32.Worm.Brontok.BI

03.12.2014 13:20:04

nProtect

Win32.Worm.Brontok.BI

15.01.23.01

Qihoo 360 Security

Worm.Win32.Brontok.D

1.0.0.1015

Quick Heal

Worm.Lightmoon.H2

1.15.14.00

Rising Antivirus

PE:Malware.FakeFolder@CV!1.6AA9

23.00.65.15123

Sophos

Virus 'W32/Lightmoon-A'

5.09

SUPERAntiSpyware

Trojan.Agent/Gen-Pakon

10095

Total Defense

Win32/Brontok.GE

37.0.11402

Trend Micro House Call

WORM_OTORUN.SM8

7.2.25

Trend Micro

WORM_OTORUN.SM8

10.465.25

Vba32 AntiVirus

Worm.VB

3.12.26.3

VIPRE Antivirus

Threat.180517

36666

ViRobot

Worm.Win32.VB.32768[h]

2014.3.20.0

Zillya! Antivirus

Worm.VB.Win32.2

2.0.0.2044

File size:

224 KB (229,376 bytes)

Common path:

C:\ProgramData\application data\net protector\npbkpn\0e2351665155dc2cc6773842640f385f_0.npb

File PE Metadata

Compilation timestamp:

5/9/1996 7:14:25 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

768:rpUt1E/8mS+amkLFRccny45nHguULEpItT8OGp3IjD23PDxxfyHcr5sMAfQElesf:rpO1Ek93yAgf+It47MombaEleB

Entry address:

0x1189

Entry point:

B1, 07, 5E, B8, 5C, B1, 41, 00, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, 82, 3C, 25, 81, A6, 49, 2A, 33, 9D, D6, EC, B8, 06, 94, 03, 10, 9A, BB, 92, B3, 43, 38, 52, 66, 4F, 0A, 0D, 85, A5, D1, A5, 52, 6D, 94, 93, 1C, 51, 4A, 9D, 63, D5, C0, 41, 3A, F7, D6, 69, 7F, E0, 8A, 68, 57, 35, F7, 31, 22, C0, BB, 17, D8, 98, 6A, 63, C8, C6, 57, 85, B4, C1, 48, AF, 7A, AC, B9, 8C, 3E, 36, E8, DC, 4B, C1, 8F, 3B, E0, 10, A8, F5, 26, 7D, 05... 
[+]

Entropy:

2.9914

Code size:

72 KB (73,728 bytes)

Remove 0e2351665155dc2cc6773842640f385f_0.npb - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.