nod1E3056AC.dll.nup.raw file report

MD5 fb9392e70b49f989b7b835ad2f7e7b97
Latest seen 2024-06-02 23:01:38 (2 years ago)
First seen 2024-06-02 23:01:38 (2 years ago)
Size 58 MB
Publisher ESET
Product ESET Security
Signed by ESET, spol. s r.o.

Why it matters

Evidence available for this file

Detection

Latest status is clean for this hash.

Timeline

First seen 2024-06-02 23:01:38 (2 years ago); latest analysis 2024-06-02 23:01:38 (2 years ago).

Publisher context

Company metadata: ESET. Product metadata: ESET Security.

Digital signature

Signed by ESET, spol. s r.o.. ThreatInfo marks this publisher as trusted for this record.

Observed locations

ThreatInfo has seen this file in user or system paths listed below. Unexpected locations increase the need for local verification.

Recommended action

What to do next

  1. Confirm the hash and publisher match the expected software.
  2. Review the observed locations and signature information below.
  3. Rescan if the file was downloaded from an unknown source or appears in an unusual path.

File context

nod1E3056AC.dll.nup.raw is a Windows file recorded in the ThreatInfo database. It is associated with ESET Security. The reported company name is ESET. The current detection status is Clean, based on the latest analysis from 2024-06-02 23:01:38 (2 years ago).

This record is currently marked as clean, but file reputation can depend on the exact path, hash, and source. Compare the MD5 and publisher data below with the file on your system.

File Details

Product Name: ESET Security
Company Name: ESET
MD5: fb9392e70b49f989b7b835ad2f7e7b97
Size: 58 MB
First Published: 2024-06-02 23:01:38 (2 years ago)
Latest Published: 2024-06-02 23:01:38 (2 years ago)
Status: Clean (on last analysis)
Analysis Date: 2024-06-02 23:01:38 (2 years ago)

Overview

Signed By: ESET, spol. s r.o.
Status: Trusted Publisher

ThreatInfo marks this publisher as trusted for this record, but the file hash and source should still match the expected software distribution.

Common Places:

%commonappdata%\eset\eset security\updfiles

ThreatInfo has observed nod1E3056AC.dll.nup.raw in the locations listed above. Files found in temporary folders, user profile folders, startup locations, or unusual application directories should be reviewed more carefully than files installed under a known program directory.

Geography:

100.0%

The strongest geographic signal for this file is The Netherlands with 100.0% of observed hits. Geographic distribution can help identify targeted campaigns, regional software bundles, or where a file is most commonly reported.

OS Version:

Windows 10 100.0%

The most common operating system signal for nod1E3056AC.dll.nup.raw is Windows 10 with 100.0% of observed hits. If your system differs from the common profile, check whether the file was introduced by a specific installer, archive, or removable device.

Analysis

nod1E3056AC.dll.nup.raw is identified as pe for 64 systems. The subsystem is Windows GUI. PE header values are useful for triage, especially when they do not match the expected publisher, product, or release timeline.

Subsystem: Windows GUI
PE Type: pe
OS Bitness: 64
Image Base: 0x0000000180000000
Entry Address: 0x00001070

PE Sections:

Name Size of data MD5
.text 2560 0975004cfe5ffa6c10aa0666ce8b2a98
.rdata 1024 54feaa33f1579d317e9ff795c11c527c
.data 512 14ccaa13d64795dcd2cff9b581ac828d
.pdata 512 71798e2899ebbecc9cf3d245ab05209f
.rsrc 61831168 9bd52aa0915ec27a896cfc8e6c18b828
.reloc 512 9c8a25b2a113fafffa640116cfe6b9b4

PE section names and hashes can reveal packing, injected resources, or unusual build artifacts. Sections with uncommon names, very large raw data, or hashes that differ from a trusted copy deserve additional review.

More information:

Search on Virustotal
copyright for information about nod1E3056AC.dll.nup.raw