home

nardy_online.exe

Installer Application

Skill on Net ltd

The application nardy_online.exe, “Installer MFC Application” by Skill on Net ltd has been detected as a potentially unwanted program by 13 anti-malware scanners. This is a setup and installation application and has been known to bundle potentially unwanted software.
Publisher:
Skill on Net ltd  (signed and verified)

Product:
Installer Application

Description:
Installer MFC Application

Version:
1, 0, 0, 1

MD5:
262f82a9732e63d726e413039c686378

SHA-1:
95792d0f16438d4994931fbdd81463759ec0424b

SHA-256:
33f1c641e1e90d15a224285680fcf0c166f2017b7f838b12a6d5e79705a42b3f

Scanner detections:
13 / 68

Status:
Potentially unwanted

Analysis date:
4/23/2024 2:53:21 PM UTC  (today)

Scan engine
Detection
Engine version

AegisLab AV Signature
Troj.Gen!c
2.1.4+

Dr.Web
Trojan.DownLoader3.50860
9.0.1.0278

F-Prot
W32/InstallFlash.A.gen
v6.4.7.1.166

IKARUS anti.virus
not-a-virus:Downloader.InstallFlash
t3scan.2.1.6.0

K7 AntiVirus
Riskware
13.238.20831

McAfee
Artemis!262F82A9732E
5600.6256

NANO AntiVirus
Trojan.Win32.DownLoader3.dpdrc
1.0.38.8984

Quick Heal
Downloader.InstallFlash.A4
10.16.14.00

Sophos
SkillOnNet Online Games (PUA)
4.98

Vba32 AntiVirus
Downloader.InstallFlash
3.12.26.4

VIPRE Antivirus
Trojan.Win32.Generic
52186

ViRobot
Trojan.Win32.Z.Installflash.311952.C[h]
2014.3.20.0

Zillya! Antivirus
Downloader.InstallFlash.Win32.1
2.0.0.3048

File size:
304.6 KB (311,952 bytes)

Product version:
1, 0, 0, 1

Copyright:
Copyright (C) 2006

Original file name:
Installer.EXE

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\setnrd20\nardy_online.exe

Digital Signature
Signed by:
Skill on Net ltd

Authority:
Thawte Consulting (Pty) Ltd.

Valid from:
2/18/2009 2:00:00 AM

Valid to:
2/19/2011 1:59:59 AM

Subject:
CN=Skill on Net ltd, OU=SECURE APPLICATION DEVELOPMENT, O=Skill on Net ltd, L=Gibraltar, S=Gibraltar, C=GI

Issuer:
CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:
69D0CD252E0EC2288586193F28BF60F3

File PE Metadata
Compilation timestamp:
12/8/2010 5:12:55 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
7.10

CTPH (ssdeep):
3072:ivVGhmhxAxLjgS4jcFWkLuaexJe6mOCpbbxCdx5VnqVb910u+kWzqweV9XoeAHsS:KymheFgRYWxe6opPxMAbIuizCFe5N

Entry address:
0x177DC

Entry point:
6A, 60, 68, 18, 81, 43, 00, E8, B0, DE, FF, FF, BF, 94, 00, 00, 00, 8B, C7, E8, FC, DF, FF, FF, 89, 65, E8, 8B, F4, 89, 3E, 56, FF, 15, F8, 22, 43, 00, 8B, 4E, 10, 89, 0D, CC, D8, 44, 00, 8B, 46, 04, A3, D8, D8, 44, 00, 8B, 56, 08, 89, 15, DC, D8, 44, 00, 8B, 76, 0C, 81, E6, FF, 7F, 00, 00, 89, 35, D0, D8, 44, 00, 83, F9, 02, 74, 0C, 81, CE, 00, 80, 00, 00, 89, 35, D0, D8, 44, 00, C1, E0, 08, 03, C2, A3, D4, D8, 44, 00, 33, F6, 56, 8B, 3D, D0, 21, 43, 00, FF, D7, 66, 81, 38, 4D, 5A, 75, 1F, 8B, 48, 3C, 03...
 
[+]

Developed / compiled with:
Microsoft Visual C++ v7.0

Code size:
196 KB (200,704 bytes)

Remove nardy_online.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.