home

na nebi.exe

LLC IT Management

The application na nebi.exe by LLC IT Management has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
LLC IT Management  (signed and verified)

MD5:
8dcc2c5c8d8ff382707a06c221fa9386

SHA-1:
a6c2b665e0309962724c8434f7b6448e817031ea

SHA-256:
61afe4f891e81a7bb1e99edf399390eb0e9a5f483430839abc41101e307b26cf

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
4/25/2024 5:38:38 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.ITManagement (M)
16.2.13.9

File size:
436.9 KB (447,368 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\na nebi.exe

Digital Signature
Signed by:
LLC IT Management

Authority:
COMODO CA Limited

Valid from:
6/2/2014 3:00:00 AM

Valid to:
6/3/2015 2:59:59 AM

Subject:
CN=LLC IT Management, O=LLC IT Management, STREET=Bagritskogo 51/2, L=Moscow, S=Moscovskaya oblast, PostalCode=121471, C=RU

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
2E9D66F88B13880A37872C17A2E17029

File PE Metadata
Compilation timestamp:
6/5/2014 12:16:38 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
15.29

CTPH (ssdeep):
6144:VcC3BdTolLyYSqlzjgAEXIxpeRx2GV7iBQj/ImKiWTqPAtX7Om:l3BGSqFjCXSomo7S2jPyX

Entry address:
0x3456

Entry point:
C1, C8, 0F, 0B, 74, 24, 10, FC, FC, 31, F9, 8B, 4C, 24, 14, 46, C1, E5, 0A, C1, C3, 1D, BD, 87, 90, 46, 6A, FC, 81, EF, 23, B6, CB, 83, C1, C2, 0A, C1, D2, 1C, 8B, 74, 24, F0, C1, C1, 05, C1, E0, 0B, C1, D1, 00, C1, E5, 11, 39, 54, 24, 10, 42, F7, 05, D4, 09, 43, 00, 3E, 7C, 65, 11, C1, E6, 05, 4F, 42, C1, D8, 0B, 87, CE, C1, E1, 15, FD, 33, 4C, 24, 08, C1, E2, 1A, FD, C1, C7, 09, 23, 4C, 24, 08, C1, E7, 1A, C1, CF, 0A, 81, E5, D0, 02, F7, D2, C1, C8, 0F, 29, FA, 39, 2D, 22, C5, 44, 00, FD, FC, 87, D1, BA...
 
[+]

Code size:
358 KB (366,592 bytes)

Remove na nebi.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.