» nb17-truckeraj18.exe
Overview
Analysis
File Details
Network (5)

nb17-truckeraj18.exe

The executable nb17-truckeraj18.exe has been detected as malware by 1 anti-virus scanner.

File name:

MD5:

8844c1417c62f33e38d86fb517d30fa8

SHA-1:

7555add821a4fed88c866e013349ae2ce42642b9

SHA-256:

5aedc79aa0cba676c4aa2080463348c8d0d1555aea7edd289fba27d9edd54418

Scanner detections:

1 / 68

Status:

Malware

Analysis date:

5/10/2024 4:58:53 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

Threat.Win.Reputation.IMP

17.3.8.22

File size:

902.5 KB (924,204 bytes)

File type:

Executable application (Win64 EXE)

Language:

Language Neutral

File PE Metadata

Compilation timestamp:

10/12/2016 6:50:59 PM

OS version:

4.0

OS bitness:

Win64

Subsystem:

Windows GUI

Linker version:

2.50

Entry address:

0x1000

Entry point:

48, 83, EC, 28, 49, C7, C0, 68, 0E, 00, 00, 48, 31, D2, 48, B9, 70, 19, 0D, 40, 01, 00, 00, 00, E8, 19, E7, 01, 00, 48, 31, C9, E8, 1D, E7, 01, 00, 48, 89, 05, 4C, 09, 0D, 00, 4D, 31, C0, 48, C7, C2, 00, 10, 00, 00, 48, 31, C9, E8, 0A, E7, 01, 00, 48, 89, 05, 2B, 09, 0D, 00, 48, B8, 80, C3, 08, 40, 01, 00, 00, 00, 48, 89, 05, C2, 0A, 0D, 00, E8, 75, 3F, 03, 00, E8, 40, 32, 03, 00, E8, 4B, 30, 03, 00, E8, 2E, 1A, 03, 00, E8, 8D, 08, 03, 00, E8, 14, EA, 02, 00, E8, 3F, E7, 02, 00, E8, C6, DC, 02, 00, E8, B1... 
[+]

Entropy:

7.1399

Code size:

479 KB (490,496 bytes)

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP SSL):

Connects to server-54-230-206-15.atl50.r.cloudfront.net (54.230.206.15:443)

TCP (HTTP):

Connects to server-54-182-221-58.ord51.r.cloudfront.net (54.182.221.58:80)

TCP (HTTP SSL):

Connects to server-52-84-132-75.atl52.r.cloudfront.net (52.84.132.75:443)

TCP (HTTP):

Connects to a96-17-170-16.deploy.akamaitechnologies.com (96.17.170.16:80)

TCP (HTTP):

Connects to 94.31.29.54.IPYX-077437-ZYO.above.net (94.31.29.54:80)

Remove nb17-truckeraj18.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.