» nbupdater.exe
Overview
Analysis
File Details

nbupdater.exe

NetworkBench

Networkbench Systems Corp.

File name:

nbupdater.exe

Publisher:

Networkbench Systems Corp. (signed and verified)

Product:

NetworkBench

Description:

NetworkBench Auto-updater

Version:

1.5.32.1

MD5:

9208aedd0c12186ceeca0e6cb3e920d5

SHA-1:

0d228b8f14a3f2b1f3bd387a3891ca0db27d4ff5

SHA-256:

19d2ab792ffc6740e8dc0a8e4cd8373c11ed82df5f51a589287062838c38417a

Scanner detections:

3 / 68

Status:

Inconclusive (not enough data for an accurate detection)

Analysis date:

4/25/2024 7:11:39 AM UTC (today)

Scan engine

Detection

Engine version

Dr.Web

Trojan.PWS.Banker1.15998

9.0.1.05190

Sophos

PUA 'NBar' (of type Adware)

5.15

Trend Micro House Call

TROJ_GEN.F47V0706

7.2.158

File size:

1022.8 KB (1,047,352 bytes)

Product version:

5.3.2

NetworkBench Systems Corp.

Trademarks:

NetworkBench

Original file name:

NetworkBench

File type:

Executable application (Win32 EXE)

Common path:

C:\Program Files\networkbench.com\networkbench\nbupdater.exe

Digital Signature

Signed by:

Networkbench Systems Corp.

Authority:

VeriSign, Inc.

Valid from:

4/11/2012 8:00:00 AM

Valid to:

4/12/2015 7:59:59 AM

Subject:

CN=Networkbench Systems Corp., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Networkbench Systems Corp., L=beijing, S=beijing, C=CN

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

32C413866F990D7B1D5C8F9AA5ECB2F6

File PE Metadata

Compilation timestamp:

6/20/1992 6:22:17 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

24576:Pq7Y6D/sK/1KqvKArDW0YjWmQ2o7qVaTbdyoE/ZsFzeoT6/62+t:PqU0Ao7qVaKa1TE6b

Entry address:

0xD5038

Entry point:

55, 8B, EC, 83, C4, F0, 53, 56, 57, B8, D0, 37, 4D, 00, E8, 01, 22, F3, FF, 8B, 3D, F0, D4, 4D, 00, 6A, 03, E8, 50, 26, F3, FF, E8, 47, 73, FE, FF, 8B, D8, 8B, 07, E8, B2, 06, F9, FF, 8B, 07, BA, C8, 50, 4D, 00, E8, 3E, 01, F9, FF, 6A, EC, 8B, 07, 8B, 70, 30, 56, E8, 31, 2C, F3, FF, 25, FF, FF, FB, FF, 0D, 80, 00, 00, 00, 50, 6A, EC, 56, E8, 6E, 2E, F3, FF, 8B, 0D, 60, D3, 4D, 00, 8B, 07, 8B, 15, 0C, FE, 4C, 00, E8, 8B, 06, F9, FF, 8B, 07, E8, 04, 07, F9, FF, 85, DB, 74, 06, 53, E8, 9A, 23, F3, FF, 5F, 5E... 
[+]

Entropy:

6.6347

Developed / compiled with:

Microsoft Visual C++

Code size:

848 KB (868,352 bytes)

Scan nbupdater.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.