home

njirrb.exe

The application njirrb.exe has been detected as a potentially unwanted program by 9 anti-malware scanners. According to AVG, this software downloads additional adware offers during setup.
MD5:
e53920b1ce46f8e09e705856d2512c5d

SHA-1:
cb33cc1ea4e6e93e954986743254edbb1c18bb47

SHA-256:
7d1be57f1f63e000282b55589f32522a14543cbce49aec9b8400d0125cd0445a

Scanner detections:
9 / 68

Status:
Potentially unwanted

Analysis date:
4/25/2024 11:22:04 AM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
ADWARE/Adware.Gen7
7.11.205.90

AVG
Potentially harmful program Downloader
2016.0.3080

Bkav FE
W32.HfsAdware
1.3.0.6379

Comodo Security
ApplicUnwnt
20856

Dr.Web
Adware.Yontoo.55
9.0.1.0163

ESET NOD32
MSIL/Adware.PullUpdate.G.gen application
9.7.0.302.0

herdProtect (fuzzy)
variant of fsedux.exe (Adware)
2015.6.12.17

Malwarebytes
PUP.Optional.HealthAlert.A
v2015.06.12.06

Qihoo 360 Security
HEUR/QVM03.0.Malware.Gen
1.0.0.1015

File size:
2.6 MB (2,734,912 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\ProgramData\dqbzktuand\njirrb.exe

File PE Metadata
Compilation timestamp:
1/26/2015 6:55:48 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
49152:nOG+VNHL9NcMOAn/zf3rQilfQ58kIxy/lV5hGiiSWWt7S5URLxrUzQrBcxhOsR+2:nOG+vSA/z/rnQ58kH5hGiiaExQrBDsRV

Entry address:
0x29B59E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 02, 00, 10, 00, 00, 00, 20, 00, 00, 80, 18, 00, 00, 00, 38, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
2.6 MB (2,725,376 bytes)

Remove njirrb.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.