» nsk49.tmp
Overview
Analysis
File Details

nsk49.tmp

5133_cmi_istartpageing

Minidigital Technology Co., Limited

The file nsk49.tmp, “7777777777777777777777777777777777777777777777777777777777777777777777777777777777777777” by Minidigital Technology Co., Limited has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.

File name:

nsk49.tmp

Publisher:

777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777 (signed by Minidigital Technology Co., Limited)

Product:

5133_cmi_istartpageing

Description:

7777777777777777777777777777777777777777777777777777777777777777777777777777777777777777

Version:

7,0,0,2888

MD5:

58fb97185479e0638a513cd711123f77

SHA-1:

7a283b931cf360eb60c77fdd9d09c6f795ecd1ac

Scanner detections:

1 / 68

Status:

Adware

Note:

Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:

5/7/2025 5:00:49 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.ELEX.Minidigi (M)

16.6.22.0

File size:

211.2 KB (216,240 bytes)

Product version:

7,0,0,2888

7777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777

Original file name:

777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777

Language:

English

Common path:

C:\Documents and Settings\{user}\Local settings\temp\nsk49.tmp

Digital Signature

Signed by:

Minidigital Technology Co., Limited

Authority:

GlobalSign nv-sa

Valid from:

11/27/2015 6:26:49 AM

Valid to:

6/21/2016 11:55:40 AM

Subject:

CN="Minidigital Technology Co., Limited", O="Minidigital Technology Co., Limited", L=Hong Kong, S=Hong Kong, C=HK

Issuer:

CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:

1121F0718A61B100CA2A7C36CDE54B975C98

File PE Metadata

Compilation timestamp:

11/16/2015 7:09:43 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

3072:8ktmGfeg/UhW5dbDTrEk5pEyQ+rgWKByxFJ62w:7tmGWg8hWfvQk5psGle

Entry address:

0x144E4

Entry point:

FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, 7F, FF, FF, FF, FF, FF, FF, FE, 7F, FF, FF, FF, FF, FF, FF, FE, 3F, FF, FF, FF, FF, FF, FF, FC, CD, 9A, A9, DC, 68, 00, 00, 00, 00, 00, 00, 00, AC, 03, 00, 00, 08, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 03, 00, 00, 00, 30, 00, 00, 00... 
[+]

Code size:

144 KB (147,456 bytes)

Remove nsk49.tmp - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.