home

netstream.exe

BugReport

The executable netstream.exe has been detected as malware by 2 anti-virus scanners.
Product:
BugReport

Version:
1, 5, 0, 1022

MD5:
9b8c64986f5205188ab7b07d921157c6

SHA-1:
8d6e2e7909445002bb98c53e559fa96603c88376

SHA-256:
68920c7ece7585742baa4b240df2af7689b48e13b257300b858965e234e4c70b

Scanner detections:
2 / 68

Status:
Malware

Analysis date:
5/6/2024 6:00:36 AM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
Win32/GenKryptik.XCK trojan
6.3.12010.0

Microsoft Security Essentials
TrojanProxy:Win32/Bunitu.Q!bit
1.237.1231.0

File size:
630.5 KB (645,632 bytes)

Product version:
1, 5, 0, 1022

Original file name:
BugReport.exe

File type:
Executable application (Win32 EXE)

Language:
Chinese (Simplified, China)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\netstream.exe

File PE Metadata
Compilation timestamp:
3/7/2017 5:24:24 PM

OS version:
3.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

Entry address:
0x5ED00

Entry point:
55, 8B, EC, 83, EC, 30, 68, 5C, 50, 49, 00, FF, 15, 2C, 04, 46, 00, E8, 9A, FF, FF, FF, 8B, 45, EC, C1, E0, 08, 89, 45, EC, 8B, 55, D4, 8B, 4D, D8, D3, E2, 89, 55, EC, 8B, 45, E4, 2D, 34, ED, 20, 07, 89, 45, D8, FF, 15, E8, 02, 46, 00, 8B, 4D, E0, 03, 4D, D8, 89, 4D, EC, 8B, 15, F4, 50, 49, 00, 52, FF, 15, BC, 03, 46, 00, A1, F4, 50, 49, 00, 50, FF, 15, E4, 02, 46, 00, FF, 15, E8, 02, 46, 00, 8B, 4D, D8, 2B, 4D, E0, 89, 4D, E4, 68, 74, 50, 49, 00, FF, 15, 2C, 04, 46, 00, 8B, 55, EC, 8B, 4D, F0, D3, E2, 89...
 
[+]

Entropy:
4.4474

Developed / compiled with:
Microsoft Visual C++

Code size:
376.5 KB (385,536 bytes)

Remove netstream.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.