home

NitroPC.exe

Intelliclick Informatica

The executable NitroPC.exe has been detected as malware by 33 anti-virus scanners. This trojon will perform a number of actions that will compromise a PC including changing protected system registry values, hiding in protected operating system locations and downloading and installing additional malware. While running, it connects to the Internet address 24.3d.559e.ip4.static.sl-reverse.com on port 80 using the HTTP protocol.
Publisher:
Intelliclick Informatica

Version:
1.8.0.0

MD5:
307b7ff43d7e1b117c5fa4861563191d

SHA-1:
66a8cf1071f88f3a4a877df1c3b77b0afaaa2894

SHA-256:
d3095fa13355cf73b7028c07e8b6e43ced58992f52dcd9d3b122726f1ad35688

Scanner detections:
33 / 68

Status:
Malware

Analysis date:
7/12/2025 4:22:42 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.Generic.3182922
456

Agnitum Outpost
Trojan.Genome
7.1.1

AhnLab V3 Security
Win-Trojan/Genome.3506176
2015.09.06

Arcabit
Trojan.Generic.D30914A
1.0.0.425

AVG
Generic_c
2016.0.2934

Baidu Antivirus
Hacktool.Win32.Crack
4.0.3.15115

Bitdefender
Trojan.Generic.3182922
1.0.20.1545

Bkav FE
HW32.Packed
1.3.0.7133

Clam AntiVirus
Win.Trojan.Genome-7596
0.98/21511

Comodo Security
UnclassifiedMalware
23181

Dr.Web
Trojan.Click.34046
9.0.1.0309

Emsisoft Anti-Malware
Trojan.Generic.3182922
8.15.11.05.08

ESET NOD32
Win32/HackTool.Crack.BK potentially unsafe
9.12208

F-Prot
W32/MalwareF.VSU
v6.4.7.1.166

F-Secure
Trojan.Generic.3182922
11.2015-05-11_5

G Data
Trojan.Generic.3182922
15.11.25

IKARUS anti.virus
Trojan.Win32.Genome
t3scan.1.9.5.0

Kaspersky
Trojan.Win32.Genome
14.0.0.1166

McAfee
Artemis!307B7FF43D7E
5600.6590

Microsoft Security Essentials
Trojan:Win32/Malagent!gmb
1.1.12002.0

MicroWorld eScan
Trojan.Generic.3182922
16.0.0.927

NANO AntiVirus
Trojan.Win32.Genome.tnntv
0.30.24.3283

nProtect
Trojan/W32.Genome.3506176
15.09.04.01

Panda Antivirus
Trj/Hmir.F
15.11.05.08

Qihoo 360 Security
Win32/Trojan.116
1.0.0.1015

Rising Antivirus
PE:Malware.Generic/QRS!1.9E2D[F1]
23.00.65.151103

Sophos
Mal/Generic-S
4.98

Trend Micro House Call
TROJ_GENOME.AX
7.2.309

Trend Micro
TROJ_GENOME.AX
10.465.05

Vba32 AntiVirus
Trojan.Genome.ag
3.12.26.4

VIPRE Antivirus
Trojan.Win32.Generic
43482

ViRobot
Trojan.Win32.S.Agent.3506176.A[h]
2014.3.20.0

Zillya! Antivirus
Trojan.Genome.Win32.196350
2.0.0.2388

File size:
3.3 MB (3,506,176 bytes)

Product version:
1.8.0.0

Copyright:
Intelliclick Informatica

Original file name:
NitroPC.exe

File type:
Executable application (Win32 EXE)

Language:
Brazilian Portuguese

Common path:
C:\Program Files\nitropc\nitropc.exe

File PE Metadata
Compilation timestamp:
6/19/1992 7:22:17 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
83.82

CTPH (ssdeep):
98304:T247kYDjcKJeGO9fyyHMtTCrIo5anJC9:T4rKJel6yHMN/Z

Entry address:
0x4D7DD2

Entry point:
E8, 93, 3E, 00, 00, E9, 16, FE, FF, FF, 6A, 0C, 68, 90, 60, 90, 00, E8, B4, 1F, 00, 00, 8B, 4D, 08, 33, FF, 3B, CF, 76, 2E, 6A, E0, 58, 33, D2, F7, F1, 3B, 45, 0C, 1B, C0, 40, 75, 1F, E8, AF, 1D, 00, 00, C7, 00, 0C, 00, 00, 00, 57, 57, 57, 57, 57, E8, 40, 1D, 00, 00, 83, C4, 14, 33, C0, E9, D5, 00, 00, 00, 0F, AF, 4D, 0C, 8B, F1, 89, 75, 08, 3B, F7, 75, 03, 33, F6, 46, 33, DB, 89, 5D, E4, 83, FE, E0, 77, 69, 83, 3D, 20, 91, 90, 00, 03, 75, 4B, 83, C6, 0F, 83, E6, F0, 89, 75, 0C, 8B, 45, 08, 3B, 05, 10, 91...
 
[+]

Code size:
316 KB (323,584 bytes)

The executing file has been seen to make the following network communication in live environments.

TCP (HTTP):
Connects to 24.3d.559e.ip4.static.sl-reverse.com  (158.85.61.36:80)

Remove NitroPC.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.