× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 588d7d0aab882e4d0728105f56a19a2ecd501fe3da67833005930c47a863f7f8
File name: nsrmf4032.exe
Detection ratio: 0 / 56
Analysis date: 2015-09-09 18:55:18 UTC ( 3 years, 3 months ago ) View latest
Antivirus Result Update
Ad-Aware 20150909
AegisLab 20150909
Yandex 20150909
AhnLab-V3 20150909
Alibaba 20150902
ALYac 20150909
Antiy-AVL 20150909
Arcabit 20150909
Avast 20150909
AVG 20150909
Avira (no cloud) 20150909
AVware 20150901
Baidu-International 20150909
BitDefender 20150909
Bkav 20150909
ByteHero 20150909
CAT-QuickHeal 20150909
ClamAV 20150909
CMC 20150908
Comodo 20150909
Cyren 20150909
DrWeb 20150909
Emsisoft 20150909
ESET-NOD32 20150909
F-Prot 20150909
F-Secure 20150909
Fortinet 20150909
GData 20150909
Ikarus 20150909
Jiangmin 20150907
K7AntiVirus 20150909
K7GW 20150909
Kaspersky 20150909
Kingsoft 20150909
Malwarebytes 20150909
McAfee 20150909
McAfee-GW-Edition 20150909
Microsoft 20150909
eScan 20150909
NANO-Antivirus 20150909
nProtect 20150909
Panda 20150909
Qihoo-360 20150909
Rising 20150908
Sophos AV 20150909
SUPERAntiSpyware 20150909
Symantec 20150909
Tencent 20150909
TheHacker 20150907
TrendMicro 20150909
TrendMicro-HouseCall 20150909
VBA32 20150909
VIPRE 20150909
ViRobot 20150909
Zillya 20150909
Zoner 20150909
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
JeffArts, NsR MultiFunction © 2015

Product NsR MF
Original name nsrmf4032.exe
Internal name NsR MultiFunction
File version 4.0.3.2
Description NsR MultiFunction Tools
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2014-02-14 02:35:58
Entry Point 0x0008474A
Number of sections 4
PE sections
PE imports
RegDeleteKeyA
CloseServiceHandle
LookupPrivilegeValueA
RegEnumKeyExA
GetUserNameA
RegDeleteValueA
OpenProcessToken
AdjustTokenPrivileges
RegQueryValueExA
LockServiceDatabase
RegSetValueExA
RegEnumValueA
RegCreateKeyExA
RegOpenKeyExA
RegCloseKey
OpenSCManagerA
UnlockServiceDatabase
RegQueryInfoKeyA
RegConnectRegistryA
ImageList_Destroy
ImageList_AddMasked
ImageList_GetIconSize
Ord(6)
ImageList_Create
Ord(17)
ImageList_ReplaceIcon
GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError
CreatePolygonRgn
GetSystemPaletteEntries
GetTextMetricsA
GetClipBox
GetPixel
GetObjectA
ExcludeClipRect
EnumFontFamiliesExA
DeleteDC
SetBkMode
BitBlt
CreateDIBSection
SetTextColor
GetDeviceCaps
FillRgn
CreateEllipticRgn
CreateDCA
CreateFontA
GetStockObject
GetDIBits
GdiFlush
CreateRoundRectRgn
CreateCompatibleDC
GetTextFaceA
CreateRectRgn
SelectObject
CreateSolidBrush
GetClipRgn
SetBkColor
DeleteObject
CreateCompatibleBitmap
GetPrivateProfileSectionNamesA
GetStdHandle
FileTimeToSystemTime
GetFileAttributesA
GetDriveTypeA
GetLocalTime
DeleteCriticalSection
GetCurrentProcess
GetCurrentDirectoryA
GetConsoleMode
SetErrorMode
FreeEnvironmentStringsW
SetFileAttributesA
GetTempPathA
WideCharToMultiByte
LoadLibraryW
WriteFile
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
GetFullPathNameA
GetOEMCP
QueryDosDeviceA
MoveFileA
GetEnvironmentVariableA
LoadResource
FindClose
InterlockedDecrement
FormatMessageA
OutputDebugStringA
SetLastError
GetSystemTime
DeviceIoControl
InitializeCriticalSection
WriteProcessMemory
GetModuleFileNameW
Beep
CopyFileA
ExitProcess
FlushFileBuffers
RemoveDirectoryA
HeapSetInformation
GetVolumeInformationA
LoadLibraryExA
GetPrivateProfileStringA
SetThreadPriority
UnhandledExceptionFilter
TlsGetValue
MultiByteToWideChar
SetFilePointerEx
WritePrivateProfileSectionA
CreateMutexA
SetFilePointer
CreateThread
GetPrivateProfileSectionA
GetExitCodeThread
SetUnhandledExceptionFilter
MulDiv
IsProcessorFeaturePresent
SetEnvironmentVariableA
SetPriorityClass
TerminateProcess
GlobalAlloc
LocalFileTimeToFileTime
SetEndOfFile
GetCurrentThreadId
LeaveCriticalSection
SetCurrentDirectoryA
WriteConsoleW
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
SetHandleCount
lstrcmpiA
GetExitCodeProcess
QueryPerformanceCounter
GetTickCount
TlsAlloc
VirtualProtect
GetVersionExA
LoadLibraryA
RtlUnwind
FreeLibrary
GlobalSize
GetDateFormatA
GetFileSize
OpenProcess
CreateDirectoryA
DeleteFileA
GetWindowsDirectoryA
GetStartupInfoW
ReadProcessMemory
GlobalLock
GetProcessHeap
GetFileSizeEx
FindFirstFileA
GetDiskFreeSpaceA
EnumResourceNamesA
CompareStringA
GetComputerNameA
FindNextFileA
GetProcAddress
CreateFileW
IsDebuggerPresent
GetFileType
SetVolumeLabelA
TlsSetValue
CreateFileA
HeapAlloc
InterlockedIncrement
GetLastError
SystemTimeToFileTime
LCMapStringW
VirtualAllocEx
GlobalFree
GetConsoleCP
GetEnvironmentStringsW
GlobalUnlock
VirtualQuery
GetModuleFileNameA
GetShortPathNameA
FileTimeToLocalFileTime
SizeofResource
VirtualFreeEx
GetCurrentProcessId
LockResource
SetFileTime
HeapQueryInformation
GetCPInfo
HeapSize
GetCommandLineA
RaiseException
TlsFree
GetModuleHandleA
ReadFile
CloseHandle
GetACP
GetModuleHandleW
SetStdHandle
CreateProcessA
IsValidCodePage
HeapCreate
Sleep
WritePrivateProfileStringA
FindResourceA
GetTimeFormatA
SafeArrayDestroy
VariantChangeType
SafeArrayAccessData
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayPtrOfIndex
SafeArrayCreate
SafeArrayUnaccessData
VariantClear
SysAllocString
GetActiveObject
SafeArrayUnlock
VariantCopy
SysFreeString
SafeArrayLock
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCopy
OleLoadPicture
SysStringLen
GetModuleBaseNameA
GetModuleFileNameExA
ExtractIconA
ShellExecuteExA
DragFinish
SHGetFolderPathA
DragQueryPoint
SHBrowseForFolderA
SHGetDesktopFolder
DragQueryFileA
SHGetPathFromIDListA
Shell_NotifyIconA
SHGetMalloc
SHFileOperationA
RedrawWindow
GetMessagePos
SetWindowRgn
UnregisterHotKey
DestroyMenu
PostQuitMessage
GetForegroundWindow
SetWindowPos
IsWindow
DispatchMessageA
ScreenToClient
SetMenuItemInfoA
WindowFromPoint
SetActiveWindow
GetDC
IsCharAlphaA
GetAsyncKeyState
ReleaseDC
GetDlgCtrlID
GetKeyState
GetMenu
CreateWindowExA
mouse_event
IsClipboardFormatAvailable
SendMessageA
GetClientRect
SetMenuDefaultItem
CallNextHookEx
LoadAcceleratorsA
GetWindowTextLengthA
CountClipboardFormats
GetTopWindow
RegisterHotKey
EnumClipboardFormats
LoadImageA
GetMenuItemCount
GetWindowTextA
CopyImage
DestroyWindow
GetMessageA
GetParent
UpdateWindow
RegisterWindowMessageA
EnumWindows
CheckRadioButton
GetClassInfoExA
ShowWindow
SetMenuInfo
GetDesktopWindow
GetClipboardFormatNameA
EnableWindow
PeekMessageA
GetClipboardData
TranslateMessage
IsWindowEnabled
GetWindow
CharUpperA
SystemParametersInfoA
GetIconInfo
SetParent
SetClipboardData
IsCharLowerA
CharLowerA
IsZoomed
EnableMenuItem
TrackPopupMenuEx
GetSubMenu
CreateMenu
GetKeyboardLayout
FlashWindow
GetSysColorBrush
CreateAcceleratorTableA
IsDialogMessageA
MapWindowPoints
MapVirtualKeyA
EmptyClipboard
SetFocus
keybd_event
KillTimer
VkKeyScanExA
DefWindowProcA
ToAsciiEx
SetClipboardViewer
GetClassNameA
SendDlgItemMessageA
GetSystemMetrics
IsIconic
GetWindowRect
PostMessageA
EnumChildWindows
SetWindowLongA
SetKeyboardState
CreatePopupMenu
CheckMenuItem
GetWindowLongA
PtInRect
DrawIconEx
SetTimer
GetDlgItem
BringWindowToTop
SendInput
ClientToScreen
PostMessageW
GetClassLongA
LoadCursorA
GetKeyboardState
SetWindowsHookExA
GetMenuStringA
AttachThreadInput
DestroyAcceleratorTable
CreateIconFromResourceEx
GetMenuItemID
FillRect
SetForegroundWindow
ExitWindowsEx
PostThreadMessageA
OpenClipboard
GetCursorPos
DrawTextA
IntersectRect
EndDialog
CreateIconIndirect
FindWindowA
SetWindowTextA
MessageBeep
GetCaretPos
RemoveMenu
GetWindowThreadProcessId
GetQueueStatus
AppendMenuA
UnhookWindowsHookEx
SetDlgItemTextA
MoveWindow
MessageBoxA
GetCursor
ChangeClipboardChain
AdjustWindowRectEx
LookupIconIdFromDirectoryEx
DialogBoxParamA
GetSysColor
RegisterClassExA
IsCharAlphaNumericA
DestroyIcon
IsWindowVisible
SetRect
InvalidateRect
SendMessageTimeoutA
IsCharUpperA
TranslateAcceleratorA
DefDlgProcA
CallWindowProcA
IsMenu
GetFocus
CloseClipboard
SetMenu
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
waveOutSetVolume
mixerGetDevCapsA
joyGetDevCapsA
mixerOpen
mixerGetLineInfoA
mixerSetControlDetails
mixerClose
mixerGetControlDetailsA
waveOutGetVolume
mixerGetLineControlsA
mciSendStringA
joyGetPosEx
WSAStartup
gethostbyname
gethostname
inet_addr
WSACleanup
CreateStreamOnHGlobal
OleUninitialize
CoUninitialize
CoInitialize
OleInitialize
CoCreateInstance
CoGetObject
CLSIDFromString
StringFromGUID2
Number of PE resources by type
RT_ICON 10
RT_RCDATA 10
RT_GROUP_ICON 6
RT_DIALOG 1
RT_MANIFEST 1
RT_MENU 1
RT_ACCELERATOR 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 31
PE resources
ExifTool file metadata
Copyright
Copyright 2012-2015

FileDescription
NsR MultiFunction Tools

InitializedDataSize
1328640

ImageVersion
0.0

ProductName
NsR MF

FileVersionNumber
4.0.3.0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

LinkerVersion
10.0

FileTypeExtension
exe

OriginalFileName
nsrmf4032.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
4.0.3.2

TimeStamp
2014:02:14 03:35:58+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
NsR MultiFunction

SubsystemVersion
5.0

ProductVersion
4.0.3.2

UninitializedDataSize
0

OSVersion
5.0

FileOS
Win32

LegalCopyright
JeffArts, NsR MultiFunction 2015

MachineType
Intel 386 or later, and compatibles

CompanyName
JeffArts

CodeSize
593920

FileSubtype
0

ProductVersionNumber
4.0.0.5

EntryPoint
0x8474a

ObjectFileType
Executable application

Compressed bundles
File identification
MD5 d42f1e13eb0ee47561be5d4d0dd5fd22
SHA1 39202d4a97040a7a3dd41c5e823bbc038d05ed02
SHA256 588d7d0aab882e4d0728105f56a19a2ecd501fe3da67833005930c47a863f7f8
ssdeep
49152:33LyTTXfwaDjjDqSCqqV8J/TTQQgQwYYQQkunnnnvf//4v37jFFq/////fvv33H3:33u/fwaDjjDqSCqqV8J/TTQQgQwYYQQK

authentihash 284cb1dd5fb2519362784dd7d36a59e551a2925ef208ec8d71ed07794c77ea45
imphash b3f61f3b5988c9b3549cceea4d79028c
File size 1.8 MB ( 1923584 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (35.0%)
Win64 Executable (generic) (31.0%)
Windows screen saver (14.7%)
Win32 Dynamic Link Library (generic) (7.3%)
Win32 Executable (generic) (5.0%)
Tags
peexe

VirusTotal metadata
First submission 2015-09-09 18:55:18 UTC ( 3 years, 3 months ago )
Last submission 2017-08-04 16:06:24 UTC ( 1 year, 4 months ago )
File names nsrmf4032.exe
nsrmf4032.exe
NsR MultiFunction
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Searched windows
Runtime DLLs