× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 472232ca821b5c2ef562ab07f53638bc2cc82eae84cea13fbe674d6022b6481c
File name: nssm.exe
Detection ratio: 0 / 55
Analysis date: 2017-01-20 11:38:57 UTC ( 16 minutes ago )
Probably harmless! There are strong indicators suggesting that this file is safe to use.
Antivirus Result Update
ALYac 20170120
AVG 20170119
AVware 20170120
Ad-Aware 20170120
AegisLab 20170120
AhnLab-V3 20170120
Alibaba 20170120
Antiy-AVL 20170120
Arcabit 20170120
Avast 20170120
Avira (no cloud) 20170120
Baidu 20170120
BitDefender 20170120
CAT-QuickHeal 20170120
CMC 20170120
ClamAV 20170120
Comodo 20170119
CrowdStrike Falcon (ML) 20161024
Cyren 20170120
DrWeb 20170120
ESET-NOD32 20170120
Emsisoft 20170120
F-Prot 20170120
F-Secure 20170120
Fortinet 20170120
GData 20170120
Ikarus 20170120
Invincea 20170111
Jiangmin 20170120
K7AntiVirus 20170120
K7GW 20170120
Kaspersky 20170120
Kingsoft 20170120
Malwarebytes 20170120
McAfee 20170120
McAfee-GW-Edition 20170120
eScan 20170120
Microsoft 20170120
NANO-Antivirus 20170120
Panda 20170119
Qihoo-360 20170120
Rising 20170120
SUPERAntiSpyware 20170120
Sophos 20170120
Symantec 20170119
Tencent 20170120
TheHacker 20170117
TrendMicro 20170120
TrendMicro-HouseCall 20170120
Trustlook 20170120
VBA32 20170120
VIPRE 20170120
ViRobot 20170120
WhiteArmor 20170119
Yandex 20170119
Zillya 20170120
Zoner 20170120
nProtect 20170120
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows command line subsystem.
FileVersionInfo properties
Copyright
Public Domain; Author Iain Patterson 2003-2014

Product NSSM 32-bit
File version 2.24
Description The non-sucking service manager
Comments http://nssm.cc/
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2014-08-31 15:34:44
Entry Point 0x00013E53
Number of sections 4
PE sections
PE imports
GetServiceKeyNameW
RegCreateKeyExW
RegCloseKey
LsaNtStatusToWinError
OpenServiceW
QueryServiceConfigW
ControlService
RegDeleteKeyW
DeleteService
RegQueryValueExW
LsaOpenPolicy
CloseServiceHandle
ChangeServiceConfig2W
RegisterEventSourceW
DeregisterEventSource
QueryServiceStatus
RegOpenKeyExW
EnumServicesStatusW
QueryServiceConfig2W
LsaEnumerateAccountRights
CreateServiceW
LsaLookupNames
SetServiceStatus
IsValidSid
GetSidIdentifierAuthority
LsaFreeMemory
LsaAddAccountRights
GetSidSubAuthority
GetSidSubAuthorityCount
IsTextUnicode
InitializeSid
GetServiceDisplayNameW
LsaLookupSids
RegDeleteValueW
StartServiceW
RegSetValueExW
FreeSid
GetSidLengthRequired
OpenSCManagerW
ReportEventW
AllocateAndInitializeSid
CheckTokenMembership
RegisterServiceCtrlHandlerExW
LsaClose
StartServiceCtrlDispatcherW
ChangeServiceConfigW
GetOpenFileNameW
GetStdHandle
GetConsoleOutputCP
FileTimeToSystemTime
WaitForSingleObject
CreatePipe
GetCurrentProcess
CompareFileTime
GetConsoleMode
GetLocaleInfoA
LocalAlloc
ExitProcess
GetFileInformationByHandle
SetStdHandle
WideCharToMultiByte
GetStringTypeA
WriteFile
GetSystemTimeAsFileTime
Thread32First
HeapReAlloc
GetStringTypeW
FreeLibrary
LocalFree
FormatMessageW
ResumeThread
InitializeCriticalSection
LoadResource
AllocConsole
TlsGetValue
MoveFileW
SetLastError
GetSystemTime
GetUserDefaultLangID
GetModuleFileNameW
IsDebuggerPresent
HeapAlloc
GetModuleFileNameA
FillConsoleOutputCharacterW
SetConsoleCtrlHandler
UnhandledExceptionFilter
InterlockedDecrement
MultiByteToWideChar
SetProcessAffinityMask
RegisterWaitForSingleObject
CreateThread
SetEnvironmentVariableW
DeleteCriticalSection
SetUnhandledExceptionFilter
SetHandleInformation
TerminateProcess
WriteConsoleA
SetCurrentDirectoryW
SetEndOfFile
SetWaitableTimer
InterlockedIncrement
WriteConsoleW
CreateToolhelp32Snapshot
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
SetHandleCount
LoadLibraryW
GetComputerNameW
GetExitCodeProcess
QueryPerformanceCounter
GetTickCount
TlsAlloc
FlushFileBuffers
LoadLibraryA
RtlUnwind
GetStartupInfoA
GetWindowsDirectoryW
OpenProcess
GenerateConsoleCtrlEvent
GetProcAddress
FillConsoleOutputAttribute
GetProcessHeap
CreateWaitableTimerW
FreeEnvironmentStringsW
FreeConsole
Thread32Next
DuplicateHandle
GetProcessAffinityMask
CreateFileW
GetConsoleWindow
GetFileType
TlsSetValue
CreateFileA
GetCurrentThreadId
LeaveCriticalSection
GetLastError
IsValidCodePage
SystemTimeToFileTime
LCMapStringW
GetConsoleCP
LCMapStringA
GetProcessTimes
GetEnvironmentStringsW
Process32NextW
VirtualFree
UnregisterWait
GetCurrentProcessId
GetCommandLineW
GetCPInfo
HeapSize
Process32FirstW
SetConsoleTitleW
ExpandEnvironmentStringsW
TlsFree
SetFilePointer
ReadFile
CloseHandle
GetACP
GetModuleHandleW
GetCurrentDirectoryW
HeapCreate
FindResourceExW
CreateProcessW
Sleep
VirtualAlloc
GetOEMCP
ShellExecuteExW
PathFindExtensionW
PathUnquoteSpacesW
SetFocus
CreateDialogIndirectParamW
PostQuitMessage
EnumWindows
CheckRadioButton
GetMessageW
ShowWindow
SetWindowPos
GetWindowThreadProcessId
GetDesktopWindow
GetSystemMetrics
SetWindowLongW
MessageBoxW
GetWindowRect
EnableWindow
MoveWindow
TranslateMessage
GetDlgItemTextW
PostMessageW
GetDlgItemInt
SetDlgItemTextW
DispatchMessageW
SendMessageW
SendDlgItemMessageW
GetDlgItem
EnableMenuItem
MessageBoxIndirectW
LoadImageW
PostThreadMessageW
SetDlgItemInt
IsDialogMessageW
GetSystemMenu
GetWindowLongW
DestroyWindow
Number of PE resources by type
RT_DIALOG 42
RT_ICON 4
RT_MESSAGETABLE 3
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 17
FRENCH 15
ITALIAN 15
NEUTRAL 5
PE resources
ExifTool file metadata
SubsystemVersion
5.0

Comments
http://nssm.cc/

InitializedDataSize
179712

ImageVersion
0.0

ProductName
NSSM 32-bit

FileVersionNumber
2.24.0.74

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x0003

CharacterSet
Unicode

LinkerVersion
9.0

FileTypeExtension
exe

MIMEType
application/octet-stream

Subsystem
Windows command line

FileVersion
2.24

TimeStamp
2014:08:31 16:34:44+01:00

FileType
Win32 EXE

PEType
PE32

ProductVersion
2.24

FileDescription
The non-sucking service manager

OSVersion
5.0

FileOS
Win32

LegalCopyright
Public Domain; Author Iain Patterson 2003-2014

MachineType
Intel 386 or later, and compatibles

CodeSize
114176

FileSubtype
0

ProductVersionNumber
2.24.0.74

EntryPoint
0x13e53

ObjectFileType
Executable application

CarbonBlack CarbonBlack acts as a surveillance camera for computers
Execution parents
PE resource-wise parents
Overlay parents
Compressed bundles
File identification
MD5 d9ec6f3a3b2ac7cd5eef07bd86e3efbc
SHA1 e1908caab6f938404af85a7df0f80f877a4d9ee6
SHA256 472232ca821b5c2ef562ab07f53638bc2cc82eae84cea13fbe674d6022b6481c
ssdeep
6144:4BULviqYnI3QA7JTXRnZSHL2GZbkG/TZgLgst2rDkXNBD:wqBlG/TZgUsxXNBD

authentihash 616f51d36a3b0e0fc3c97369368cff0a8db04b01d1934922e64323233ff2fc60
imphash 18e3eac3e047c2416ca9a716d742272f
File size 288.0 KB ( 294912 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (console) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (42.2%)
Win64 Executable (generic) (37.3%)
Win32 Dynamic Link Library (generic) (8.8%)
Win32 Executable (generic) (6.0%)
Generic Win/DOS Executable (2.7%)
Tags
peexe

VirusTotal metadata
First submission 2014-09-03 07:47:53 UTC ( 2 years, 4 months ago )
Last submission 2017-01-20 11:38:57 UTC ( 16 minutes ago )
File names nssm_.exe
хуйня.exe
nssm.exe.3980_2.617964.partial
ыеыткв.exe
nssm.exe.9316_5.290242.partial
nssm.exe---
nssm.exe.2228_11.186438.partial
-nssm.exe
nssm.exe
nssm.exe.1852_6.71660.partial
nssm.exe.6944_9.614542.partial
NSSM.DEL
vst918t6.er0
nssm.exe.2040_6.468014.partial
nssm.exe.1956_8.194620.partial
nssm.vir
nssm__.exe
nssm.exe.2252_4.15459.partial
nssm.exe
nssm.exe
nssm.exe.7828_10.478577.partial
nssmx86.exe
nssm.exe.10880_4.120069.partial
nssm.exe
nssm.exe.4832_10.287757.partial
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Runtime DLLs
UDP communications