home

nznotify.dll

nznotify

NetZone Info-Tech Co., Ltd., Shanghai

The module nznotify.dll by NetZone Info-Tech Co.,, Shanghai has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
NETZONE Corp.  (signed by NetZone Info-Tech Co., Ltd., Shanghai)

Product:
nznotify

Version:
6.2.0.2894

MD5:
3c457cef3ac1148c06727a2e28a95558

SHA-1:
e489eb6ae7b07d30ffdebe1938adf41bd288b0b3

SHA-256:
a31704c7db2470361a2950bab6f3c4bf89d815b6434e9b0980ea60b6ea375144

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
4/30/2024 3:55:08 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Optional.NetZoneI
17.3.2.17

File size:
752.1 KB (770,136 bytes)

Product version:
6.2.0.2894

Copyright:
Copyright (C) NETZONE Corp. 2008-2009

Original file name:
nznotify

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\windows\syswow64\nznotify.dll

Digital Signature
Signed by:
NetZone Info-Tech Co., Ltd., Shanghai

Authority:
VeriSign, Inc.

Valid from:
7/25/2014 8:00:00 AM

Valid to:
10/25/2015 7:59:59 AM

Subject:
CN="NetZone Info-Tech Co., Ltd., Shanghai", OU=IT, O="NetZone Info-Tech Co., Ltd., Shanghai", L=Shanghai, S=Shanghai, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
2BB3BEA0B887375E383FD6239CB02BDF

File PE Metadata
Compilation timestamp:
6/20/1992 6:22:17 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

Entry address:
0xE819C

Entry point:
60, 88, 4C, 24, 08, E8, 5F, 1E, 08, 00, 83, F9, 0A, 0F, 9B, C4, 9C, E8, 9A, AE, 00, 00, 52, 81, A7, DA, 2F, B3, 7B, B3, 1F, E1, D1, EC, C8, 10, C0, F9, C7, 17, A7, 1C, 99, 1F, B7, FF, A9, 27, 60, 6E, 53, 69, 4E, 92, 26, 91, A9, 95, 8D, 71, 93, A9, 4C, 6B, BB, 21, 9A, 62, F9, 9F, 32, CD, 56, 2E, 96, DC, AC, 05, E5, B3, DD, DF, 20, 78, 16, E2, 4D, 6F, CD, EA, AF, D9, 98, 7B, C2, 82, 38, 82, AC, 12, 03, 61, 61, 57, 67, 1D, 66, AB, 6A, 01, A9, 7A, 9B, F5, 85, 17, 70, 95, 87, F4, 8F, F2, 92, C7, E2, B4, CB, 4B...
 
[+]

Entropy:
7.9630  (probably packed)

Code size:
364.5 KB (373,248 bytes)

Remove nznotify.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.