Gridinsoft Logo

The NisSrv.exe (Microsoft Network Realtime Inspection Service) File Analysis

Updated 2 months ago
Checked by Malaware Check
NisSrv.exe

Technical Analysis

File Name NisSrv.exe
File Type
PE32+ executable (console) x86-64, for MS Windows
Scanner Version 1.0.210.174
Database Version 2025-03-12 22:00:46 UTC

Clean File

No threats detected by our scanner

0%
Detection Rate
4,352,456
File Size (bytes)
2025-03-12
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
41ed1ed976e561d037bb1cd8fda35d1c
SHA1
609c6c2a2c5ffb1b9dc7355302f22883428145f3
SHA256
5f3608975cf4c1891237a13c79e0dd5204e110b9417a343680da2c052d219095
SHA512
e0c4e037b0ebe153873ae16d169a96a4b0a8f826f1be2f5f33417abdebe7ec814c3e5f718b4016617d087c4f27203d53d191babc2b0c2bffe89a8968916f2eb4
ImpHash
b539d4c40b6cc0831db39b8e23788631

PE Analysis

Basic Information

Image Base 0x140000000
Entry Point 0x140270a90
Compilation Time 2089-10-28 00:25:31
Checksum 0x00429475 (Actual: 0x00429475)
OS Version 10.0
PEiD Signatures PE32+ executable (console) x86-64, for MS Windows
PDB Path NisSrv.pdb
Digital Signature OK
Imports 6 libraries
MpClient, ntdll, KERNEL32, ADVAPI32, USER32, DNSAPI
Exports 0 functions
Resources 2 Resources
Sections 7 Sections

Version Information

CompanyName Microsoft Corporation
FileDescription Microsoft Network Realtime Inspection Service
InternalName NisSrv.exe
LegalCopyright © Microsoft Corporation. All rights reserved.
OriginalFilename NisSrv.exe
ProductName Microsoft® Windows® Operating System
FileVersion 4.18.25010.11 (ec83cf58421ec327ad0aa75c31d55d275c486140)
ProductVersion 4.18.25010.11
PrivateBuild GitEnlistment(ContainerAdministrator)
Translation 0x0409 0x04b0

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00001000 2,826,396 bytes 2,830,336 bytes 6.35 (Normal) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 60D12E34813C9F8B5DCFA24CC180DC2A
.rdata 0x002b4000 685,698 bytes 688,128 bytes 4.94 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 4AB4C76D54D1DD287ABC5A03A94D0B95
.data 0x0035c000 724,892 bytes 638,976 bytes 5.01 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 23F5658F3CB7223F77B321AD58CDF8B7
.pdata 0x0040d000 102,552 bytes 106,496 bytes 6.11 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 6C1A66F9DCFEE7A7A50104987D9108AB
.didat 0x00427000 496 bytes 4,096 bytes 0.60 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 77E74FC6288D81C284A9CAB522BA03E4
.rsrc 0x00428000 2,216 bytes 4,096 bytes 3.02 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 03DF7E211B698D47CE38B0D293614D1F
.reloc 0x00429000 26,640 bytes 28,672 bytes 5.31 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ 2AC980A6EE910D8FE7D8C4A306DED2D5

Resource Analysis

Total Resources: 2 (2,056 bytes)
Resource Type Count Total Size Percentage
RT_VERSION 1 1,104 bytes
53.7%
RT_MANIFEST 1 952 bytes
46.3%

Certificate Chain Analysis

Certificate Information
Product Microsoft® Windows® Operating System
Description Microsoft Network Realtime Inspection Service
File Version 4.18.25010.11 (ec83cf58421ec327ad0aa75c31d55d275c486140)
Original Name NisSrv.exe
Signing Date 09:19 PM 02/28/2025 (98 days ago)
Verification Status Signed
Signers Microsoft Windows Publisher; Microsoft Windows Production PCA 2011; Microsoft Root Certificate Authority 2010
Counter Signers Microsoft Time-Stamp Service; Microsoft Time-Stamp PCA 2010; Microsoft Root Certificate Authority 2010
Internal Name NisSrv.exe
Copyright © Microsoft Corporation. All rights reserved.
Certificate Chain Summary
Microsoft Windows Publisher #1 Primary
Validity Period: 2024-11-14 23:56:46 → 2025-11-12 23:56:46
Signature Algorithm: sha256RSA
Serial Number: 33 00 00 04 C8 51 7D 2E 95 BD D5 88 BE 00 00 00 00 04 C8
Microsoft Windows Production PCA 2011 #2 Chain
Validity Period: 2011-10-19 18:41:42 → 2026-10-19 18:51:42
Signature Algorithm: sha256RSA
Serial Number: 61 07 76 56 00 00 00 00 00 08
Microsoft Time-Stamp Service #3 Chain
Validity Period: 2025-01-30 19:42:53 → 2026-04-22 19:42:53
Signature Algorithm: sha256RSA
Serial Number: 33 00 00 02 08 78 9D 58 5D 92 C7 D9 52 00 01 00 00 02 08
Microsoft Time-Stamp PCA 2010 #4 Chain
Validity Period: 2021-09-30 18:22:25 → 2030-09-30 18:32:25
Signature Algorithm: sha256RSA
Serial Number: 33 00 00 00 15 C5 E7 6B 9E 02 9B 49 99 00 00 00 00 00 15

✓ This file has been digitally signed and the certificate chain has been verified

  • The signature ensures file integrity and authenticity from the publisher
  • Timestamping proves when the signature was applied
Certificate Verification Status

OK

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

  1. Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
  2. Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
  3. Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
  4. Email Security: Be cautious with email attachments and links, even from known contacts.
Proactive Protection
This file passed all security checks, but stay vigilant. New malware variants appear daily that can evade detection. Always verify files come from official sources and check digital signatures when available.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.
Your Score for

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Anti-Malware Download Now
Gridinsoft Anti-Malware