GridinSoft Threat Intelligence

nse9516.tmp threat report

Detected as PUP.Gen File reputation report

» File
File Details
Overview
Analysis

Status PUP.Gen

Identity d1ffe66908934ed3aee0797abdd75114

Source GridinSoft ThreatInfo

MD5 d1ffe66908934ed3aee0797abdd75114

Latest seen 2021-01-02 13:42:15 (5 years ago)

First seen 2017-05-21 06:06:22 (9 years ago)

Size 50 KB

Publisher Oppoos.com

Product Genie Wifi

Signed by LeCheng(beijing) Technology Development Co.Ltd.

Analyst brief

What this report says

GridinSoft Anti-Malware detects nse9516.tmp as PUP.Gen. The sample was last observed on 2021-01-02 13:42:15 (5 years ago) and reports publisher metadata associated with Oppoos.com / Genie Wifi. This detection belongs to the PUP report group, where related files are organized by family-level behavior and prevalence.

This page combines the detection verdict with file identity, publisher metadata, alternate names, observed paths, geography, OS signals, and PE details so the report reads as a triage record rather than a standalone download page.

GridinSoft Anti-Malware detection

Detected by GridinSoft before you download

The current ThreatInfo record shows this exact file hash detected as PUP.Gen. Download GridinSoft Anti-Malware to scan the device, confirm whether this file is present, and remove the detected object if it is found.

Detection name: PUP.Gen
Recommended action: Scan and remove
Last analysis: 2021-01-02 13:42:15 (5 years ago)
File hash: d1ffe66908934ed3aee0797abdd75114

Download Anti-Malware

Why it matters

Why GridinSoft flags this file

Detection

GridinSoft identifies the sample as PUP.Gen, part of the PUP threat category.

Category context

Potentially unwanted programs, bundlers, installers, and utilities with intrusive behavior. Related PUP reports help compare this file with nearby detections, publishers, and hashes.

Timeline

First seen 2017-05-21 06:06:22 (9 years ago); latest analysis 2021-01-02 13:42:15 (5 years ago).

Publisher context

Company metadata: Oppoos.com. Product metadata: Genie Wifi.

Digital signature

Signed by LeCheng(beijing) Technology Development Co.Ltd.. The signature is reported as valid, but signed files can still be bundled or abused.

Aliases

This hash has appeared under multiple file names, which can happen with repackaging, bundling, or deliberate renaming.

Observed locations

ThreatInfo has seen this file in user or system paths listed below. Unexpected locations increase the need for local verification.

Recommended action

What to do next

Compare the MD5 above with the file found on the device.
Check whether the file appears in the observed locations or under one of the alternate names.
Run GridinSoft Anti-Malware to confirm the detection and remove the file if it is present. Review the PUP category for related samples and common context.

File context

nse9516.tmp is a Windows file recorded in the ThreatInfo database. It is associated with Genie Wifi. The reported company name is Oppoos.com. The current detection status is PUP.Gen, based on the latest analysis from 2021-01-02 13:42:15 (5 years ago). ThreatInfo groups this verdict with PUP reports for broader family-level investigation.

If nse9516.tmp appears on your computer unexpectedly, treat it as suspicious. Check its location, digital signature, and recent system changes before allowing it to run. A full anti-malware scan is recommended when this file is detected as PUP.Gen.

File Details

Main Info:

Product Name:	Genie Wifi
Company Name:	Oppoos.com
MD5:	d1ffe66908934ed3aee0797abdd75114
Size:	50 KB
First Published:	2017-05-21 06:06:22 (9 years ago)
Latest Published:	2021-01-02 13:42:15 (5 years ago)

Analysis:

Status:	PUP.Gen (on last analysis)
Analysis Date:	2021-01-02 13:42:15 (5 years ago)

Detection screenshot

The screenshot is a visual record of a GridinSoft Anti-Malware detection for this sample. Use the hash and metadata above as the primary identifiers when comparing the file on your system.

Overview

Digital Signature

Signed By:	LeCheng(beijing) Technology Development Co.Ltd.
Status:	Valid

The signature on nse9516.tmp is reported as valid. A valid signature helps confirm publisher identity, but it does not automatically make the file safe if the installer was bundled, abused, or downloaded from an untrusted source.

Common Places:

%programfiles%\genie soft\genie wifi

%programfiles%\genie soft

%sysdrive%\windows.old\program files\genie soft

ThreatInfo has observed nse9516.tmp in the locations listed above. Files found in temporary folders, user profile folders, startup locations, or unusual application directories should be reviewed more carefully than files installed under a known program directory.

File Names:

108 observed names

nsm5544.tmp nsy762A.tmp GenieWifiService.exe nsc4D2E.tmp nsbC14F.tmp nsf7037.tmp nsq42FE.tmp nsf9871.tmp nsy61C6.tmp nsq9CFE.tmp nsk4E80.tmp nsk1778.tmp nsmFD46.tmp nsk3670.tmp nsv80C9.tmp nskFDCA.tmp nsb1171.tmp nsw5812.tmp nsc657A.tmp nsz630D.tmp nslD01.tmp nsxE34D.tmp nsy826C.tmp nsm1DEF.tmp nss51B2.tmp nspA22D.tmp nswB24C.tmp nssBCE0.tmp nsyD1E2.tmp nss7000.tmp nsk28BC.tmp nsdEDFB.tmp nsq797A.tmp nsg86C4.tmp nsv358B.tmp nsyFBA4.tmp nsm7D22.tmp nsv80B7.tmp nsv233F.tmp nsqED40.tmp nsb707B.tmp nss5EE.tmp nsu6EF4.tmp nse1DCE.tmp nsm16AE.tmp nsc5D24.tmp nspB41.tmp nsl833F.tmp nsiF174.tmp nse9908.tmp nsc6B52.tmp nsoEB78.tmp nsm7ED6.tmp nseDA0E.tmp nsm1CC8.tmp nsp22A7.tmp nszBFC3.tmp nsk2564.tmp nsuAC6C.tmp nsiA0FA.tmp nsg45BA.tmp nsqAAB4.tmp nsf23F3.tmp nsn1661.tmp nsh9BC5.tmp nsb8365.tmp nsy3A90.tmp nso774.tmp nsb90E1.tmp nszE40D.tmp nsrEBF5.tmp nse4858.tmp nsy6B40.tmp nsu2058.tmp nsn3EE7.tmp nsj7083.tmp nsxCB0F.tmp nsaE5E0.tmp nsv839B.tmp nsf93B9.tmp nsr7BE7.tmp nss2D40.tmp nsf5035.tmp nsi357C.tmp nsn75C7.tmp nslA0DD.tmp nslB187.tmp nsv53CB.tmp nsdC101.tmp nsg8FB6.tmp nsz300D.tmp nsa57EC.tmp nst5BCB.tmp nsgCCD4.tmp nsx73D1.tmp nsiA068.tmp nsu3170.tmp nsl61BB.tmp nscAC0.tmp nsnA03.tmp nsn6933.tmp nsa71AA.tmp nsy3F18.tmp nsjDCBD.tmp nsyF396.tmp nsb5657.tmp nse1946.tmp nse9516.tmp

This hash has been seen with multiple file names. Alternate names can appear when software is updated, copied between folders, packed by an installer, or deliberately renamed to avoid recognition. Compare the exact MD5 above before assuming two names refer to the same file.

Geographic signal

Observed country distribution

ThreatInfo has seen nse9516.tmp across 58 countries. Use this signal to compare local evidence with where the sample is most often reported.

Top country Taiwan

Share 18.6%

Low High activity

Top observed countries

18.6%

9.9%

6.8%

5.9%

5.3%

The strongest geographic signal for this file is Taiwan with 18.6% of observed hits. Geographic distribution can help identify targeted campaigns, regional software bundles, or where a file is most commonly reported.

OS Version:

Windows 7 47.4%

Windows 10 36.9%

Windows 8.1 6.9%

Windows XP 5.1%

Windows 8 3.3%

Windows Vista 0.3%

The most common operating system signal for nse9516.tmp is Windows 7 with 47.4% of observed hits. If your system differs from the common profile, check whether the file was introduced by a specific installer, archive, or removable device.

Analysis

PE Info:

nse9516.tmp is identified as pe for 32-bit systems. The subsystem is Windows GUI. PE header values are useful for triage, especially when they do not match the expected publisher, product, or release timeline.

Format pe

Architecture 32-bit

Subsystem Windows GUI

Entry point 0x000072cb

Image base 0x00400000

PE Sections:

Sections 5

Raw data 46592

Section layout highlights raw-size concentration, repeated names, packer markers, and hashes that can be compared across related samples.

.text 28672 bytes · 61.5% of section data

MD5 d22860c5f7e81f62ec8aaeb1a25d5930

.rdata 10752 bytes · 23.1% of section data

MD5 45ea546bdaf41d8508f4765279352fc9

.data 512 bytes · 1.1% of section data

MD5 2f4bacc2eb3c46db758084e2d1242fe3

.rsrc 3072 bytes · 6.6% of section data

MD5 b8977723e9131be717ff934095b966a9

.reloc 3584 bytes · 7.7% of section data

MD5 991699442cb4fbbe193730f73feb7de5

PE section names and hashes can reveal packing, injected resources, or unusual build artifacts. Sections with uncommon names, very large raw data, or hashes that differ from a trusted copy deserve additional review.

Report conclusion

GridinSoft detects this file as PUP.Gen

This report identifies nse9516.tmp by MD5 d1ffe66908934ed3aee0797abdd75114. It is part of the PUP report group. If the same file is present on your device, scan the system and remove the detected object after confirming the hash and location.

Download GridinSoft Anti-Malware Scan the device and confirm whether this exact hash is present. Check this hash on VirusTotal

Recommended next steps

Compare the local file MD5 with d1ffe66908934ed3aee0797abdd75114.
Check the file path, publisher, and signature against the details in this report.
Run a GridinSoft scan and remove the object if the same hash is found. Use the PUP category to compare similar reports.