home

ndwvnqrbhe

Pika Inc

The file ndwvnqrbhe has been detected as malware by 1 anti-virus scanner.
Publisher:
Pika Inc  (signed and verified)

Version:
0.0.0.0

MD5:
18d2c9f0960973e84c7db23567297770

SHA-1:
23a420968f78a89c93bf2cc44d33f579ae646dcf

SHA-256:
e86800bbde0daf1424ea1915b2c7a63f19b44b5a990cf1d5f0fbed262932e8d4

Scanner detections:
1 / 68

Status:
Malware

Analysis date:
5/14/2024 11:08:35 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Trojan.Pika (M)
17.3.11.7

File size:
131.7 KB (134,878 bytes)

Product version:
0.0.0.0

Original file name:
3rbWNMu13hYuq6IKsYClPG6n96NWSG3Ru7bNyN4MGOxA0IZozI1aT6lir5Zeqs.exe

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\temp\ndwvnqrbhe

Digital Signature
Signed by:
Pika Inc

Authority:
Pika Inc

Valid from:
11/11/2016 8:25:39 AM

Valid to:
11/9/2026 8:25:39 AM

Subject:
E=sales@pika.com, CN=www.pika.com, OU=Sales Pika Inc, O=Pika Inc, L=Hlotse, S=Leribe, C=LS

Issuer:
E=sales@pika.com, CN=www.pika.com, OU=Sales Pika Inc, O=Pika Inc, L=Hlotse, S=Leribe, C=LS

Serial number:
00A7E284E5745819AC

File PE Metadata
Compilation timestamp:
11/22/2016 4:26:53 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

Entry address:
0x1381E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.2647

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
72 KB (73,728 bytes)

Remove ndwvnqrbhe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.