home

nqxqsms4.exe

ATK-Lider

The file nqxqsms4.exe, “SCSI Pass Through Direct setup” has been detected as malware by 1 anti-virus scanner.
Publisher:
Duplex Secure Ltd.  (signed by ATK-Lider)

Description:
SCSI Pass Through Direct setup

Version:
1.81.0.0 built by: WinDDK

MD5:
832620998dcfcf0d266f2af56fc27b23

SHA-1:
dbdbb52ebb31f062bf263081ac8d365d3572e4db

SHA-256:
7caf707a2d5fa22c09f2e125c2e1c75d6138864d5a426f914be966c45ae8eea1

Scanner detections:
1 / 68

Status:
Malware

Analysis date:
6/24/2025 8:48:47 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
16.12.5.20

File size:
698 KB (714,712 bytes)

Common path:
C:\users\{user}\appdata\local\temp\nqxqsms4.exe.part

Digital Signature
Signed by:
ATK-Lider

Authority:
COMODO CA Limited

Valid from:
7/6/2016 6:00:00 AM

Valid to:
7/7/2017 5:59:59 AM

Subject:
CN=ATK-Lider, O=ATK-Lider, STREET="Profsoyuznaya, 69", L=Moscow, S=Moscow, PostalCode=117342, C=RU

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00CF9ACEA8E1F5278572EE3CA375C7E915

File PE Metadata
Compilation timestamp:
7/20/2016 2:55:49 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
12288:2eaTGazMoK4v1TMrAeZXlnTEraswiAMhP4ryWJv8wYPiuw:DaK1oZRM1XlTuCprhv8bw

Entry address:
0x14B0

Entry point:
55, 8B, EC, B8, 28, 8B, 00, 00, E8, A3, FF, FF, FF, 53, 56, 57, C6, 45, F4, 3E, C1, E9, 00, 68, CF, 14, 40, 00, C3, 33, EB, EB, 02, 33, DD, 90, 8B, D2, 8D, 12, EB, 01, 50, EB, 02, 03, C7, EB, 02, 2B, C2, 68, EF, 14, 40, 00, C3, 81, C2, 6E, 9B, 47, 0A, 68, 84, 70, 42, 00, 6A, 00, FF, 15, 8C, D1, 40, 00, 68, E3, 9F, 40, 00, FF, 15, 90, D1, 40, 00, 68, 58, 18, 00, 00, A1, 94, CE, 4A, 00, 50, FF, 15, 94, D1, 40, 00, 85, C0, 74, 07, 33, C0, E9, 3B, 02, 00, 00, 68, 2B, 15, 40, 00, C3, 33, F2, 8D, 12, EB, 06, 81...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
44.5 KB (45,568 bytes)

Remove nqxqsms4.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.