Examples of nbiz include:
Example 1
File Information
- Size
- 324K
- SHA-1
- 0069cc31d0b6ad7ab52021bd9eca6ba53b378ca3
- MD5
- 4af9454fbd4af1ed944e0d2a3f956057
- CRC-32
- 63893fc3
- File type
- Windows executable
- First seen
- 2011-02-25
Runtime Analysis
Registry Keys Created
- HKCU\Software\InfoTab
- version
- 1.0.1.3
- HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
- InfoTab
- C:\Program Files\InfoTab\InfoTab.exe
Processes Created
- c:\program files\infotab\infotab.exe
- c:\windows\system32\regsvr32.exe
HTTP Requests
- http://infotab.co.kr/install.asp
- http://infotab.co.kr/update/IF82/PlusTab.ini
DNS Requests
Example 2
File Information
- Size
- 99K
- SHA-1
- 009314876879ac9114a26369fe8eb2b51eb0d3ef
- MD5
- 3d949e322c7420cbabaa3a0749f65e00
- CRC-32
- b5121b89
- File type
- application/x-ms-dos-executable
- First seen
- 2011-11-09
Runtime Analysis
Processes Created
- c:\windows\system32\cmd.exe
HTTP Requests
- http://postip.sidetab.co.kr/update//PostTip.ini
DNS Requests
Example 3
File Information
- Size
- 362K
- SHA-1
- 042f99582fb532f06f00bd4a4c887dde2adea876
- MD5
- b317dd53270f2d10949a660b0312d6c2
- CRC-32
- 3074c54b
- File type
- application/x-ms-dos-executable
- First seen
- 2011-03-23
Runtime Analysis
Dropped Files
- C:\Program Files\PlusTab\PlusTab.exe
- Size
- 305K
- SHA-1
- 3f24cf5ca271042917017aa27345b91b010a913b
- MD5
- 140783af9a783b2e3ff02997fdefeb1e
- CRC-32
- d907c645
- File type
- Windows executable
- First seen
- 2010-12-30
- C:\Program Files\PlusTab\uninstall.exe
- Size
- 299K
- SHA-1
- 6772750034436e9b3149c4bbb3ebac01f8fd2ab8
- MD5
- 015dd763415444a6ad222c048c5ab8c4
- CRC-32
- 1910e96e
- File type
- Windows executable
- First seen
- 2010-12-31
- C:\Program Files\PlusTab\adc.dll
- Size
- 29K
- SHA-1
- 43fc8d495094efcbccf276e6df0474485515f382
- MD5
- e3f6ee7d4bff934b35d0e1c612446f7d
- CRC-32
- f062eb3f
- File type
- Windows executable
- First seen
- 2010-12-30
- C:\Program Files\PlusTab\PlusTab.dll
- Size
- 215K
- SHA-1
- d31942add5a3e198f73006570dd969cda6d26b21
- MD5
- fa514fe55d82b4a23794c09ebc0f781e
- CRC-32
- 86b4b8b7
- File type
- Windows executable
- First seen
- 2010-12-30
Registry Keys Created
- HKCR\TypeLib\{6B68F6D2-4BA9-4E20-85FD-8CABE815C751}\1.0\HELPDIR
- (Default)
- C:\Program Files\PlusTab
- HKCR\TypeLib\{6B68F6D2-4BA9-4E20-85FD-8CABE815C751}\1.0\FLAGS
- (Default)
- HKCR\CLSID\{4D367733-AFF9-4943-9757-D37DAD8F33EB}
- AppID
- {F31C050C-48AF-4026-8DC7-57E72044DA2E}
- HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
- PlusTab
- C:\Program Files\PlusTab\PlusTab.exe
- HKCR\PlusTab.PlusTabCtl.1
- (Default)
- PlusTabCtl Class
- HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PlusTab
- DisplayName
- PlusTab
- HKCR\PlusTab.PlusTabCtl
- (Default)
- PlusTabCtl Class
- HKCR\Interface\{61D82F4D-F0D5-4B2E-BAAA-D338EF90C8E7}\ProxyStubClsid32
- (Default)
- {00020424-0000-0000-C000-000000000046}
- HKCU\Software\PlusTab
- version
- 1.0.0.3
- HKCR\TypeLib\{6B68F6D2-4BA9-4E20-85FD-8CABE815C751}\1.0
- (Default)
- PlusTab 1.0 □□□ □□□□□□□
- HKCR\CLSID\{4D367733-AFF9-4943-9757-D37DAD8F33EB}\VersionIndependentProgID
- (Default)
- PlusTab.PlusTabCtl
- HKCR\Interface\{61D82F4D-F0D5-4B2E-BAAA-D338EF90C8E7}\TypeLib
- Version
- 1.0
- HKCR\Interface\{61D82F4D-F0D5-4B2E-BAAA-D338EF90C8E7}\ProxyStubClsid
- (Default)
- {00020424-0000-0000-C000-000000000046}
- HKCR\AppID\{F31C050C-48AF-4026-8DC7-57E72044DA2E}
- (Default)
- PlusTab
- HKCR\PlusTab.PlusTabCtl.1\CLSID
- (Default)
- {4D367733-AFF9-4943-9757-D37DAD8F33EB}
Processes Created
- c:\program files\plustab\plustab.exe
- c:\windows\system32\cmd.exe
- c:\windows\system32\regsvr32.exe
HTTP Requests
- http://plustab.co.kr/install.asp
- http://plustab.co.kr/update/PT54/PlusTab.ini
DNS Requests