Multi-License Discount Quote

Change Region

English
Threat Database Hacktool PUP.NSSM.A

PUP.NSSM.A

By CagedTech in Hacktool, Potentially Unwanted Programs

Analysis Report

General information

Family Name: PUP.NSSM.A
Signature status: No Signature

Known Samples

MD5: 7463e7853c0e1ab17dbb7873077ca7a9
SHA1: d99ebd29a5839cc0beb6b1a9477b4d504edda2ca
SHA256: E6D16CA7AC106034344D6EE0C8BD221A42257C4B65E7D52E8829462A38149772
File Size: 431.10 KB, 431104 bytes
MD5: 065baa7410f8aeba5261a495e7214b58
SHA1: 20bfe878a1bedcccc8031e09d1a41614b5535d26
SHA256: 792613D5D5413C26C49914FC3DD32895E99F39FFD22BE283D8D5248504EACE09
File Size: 294.92 KB, 294919 bytes
MD5: 99fded377934d41c3d677d74e935ba27
SHA1: 40527d1ac4edbb6cf592c504595bbeac14a34f42
SHA256: D679640FA255E557A4646B1971C55747963E87E6D2F77FF0580064146D72DFDB
File Size: 898.05 KB, 898048 bytes

Windows Portable Executable Attributes

  • File doesn't have "Rich" header
  • File doesn't have debug information
  • File doesn't have exports table
  • File doesn't have relocations information
  • File doesn't have security information
  • File is 32-bit executable
  • File is console application (IMAGE_SUBSYSTEM_WINDOWS_CUI)
  • File is either console or GUI application
  • File is Native application (NOT .NET application)
  • File is not packed
Show More
  • IMAGE_FILE_DLL is not set inside PE header (Executable)
  • IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

File Icons

Windows PE Version Information

Name Value
Comments http://nssm.cc/
File Description
  • Colibri Service Manager
  • The non-sucking service manager
File Version
  • 2.25
  • 2.24
Legal Copyright Public Domain; Author Iain Patterson 2003-2014
Product Name NSSM 32-bit
Product Version
  • 2.25
  • 2.24

File Traits

  • GetConsoleWindow
  • HighEntropy
  • x86

Block Information

Total Blocks: 368
Potentially Malicious Blocks: 91
Whitelisted Blocks: 276
Unknown Blocks: 1

Visual Map

x x x x x 0 0 x x x x x x x x x x x x x 0 0 x x x x x x x 0 x x x x x x x x x x x x 0 x x 0 x ? 0 x x x x x 0 x x x x x x x x 0 0 0 x x x x x x 0 x x x 0 0 x 0 x x x x x x x x x 0 x x 0 0 x x x x x 0 0 x x x x x x x x x x x x 0 0 0 0 0 0 0 1 1 0 0 0 2 2 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 1 0 0 1 0 0 0 0 1 1 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 1 0 0 0 1 1 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 2 3 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 1 0 0 0 0 2 2 0 0 0 0 0 1 0 0 0 1 1 1 0 1 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 1 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 1 1 0 0 1 1 0 0 1 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 1 0 1 0 0 0 0 1
0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block

Registry Modifications

Key::Value Data API Name
HKLM\system\controlset001\services\eventlog\application\nssm::eventmessagefile c:\users\user\downloads\d99ebd29a5839cc0beb6b1a9477b4d504edda2ca_0000431104 RegNtPreCreateKey
HKLM\system\controlset001\services\eventlog\application\nssm::typessupported  RegNtPreCreateKey
HKLM\system\controlset001\services\eventlog\application\nssm::eventmessagefile c:\users\user\downloads\20bfe878a1bedcccc8031e09d1a41614b5535d26_0000294919 RegNtPreCreateKey

Trending

Most Viewed

Loading...