Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6403_us	April 30, 2024, 7:32 a.m.	April 30, 2024, 7:34 a.m.

Size	60.0KB
Type	PE32 executable (console) Intel 80386, for MS Windows
MD5	`a5a74d73fbf4a6f0b75f074de316277e`
SHA256	`4f46ef9f5543cd4ca10f4908886e78dccf77b66e5ede7de8e6ec59148309b88b`
CRC32	`B12512D7`
ssdeep	`1536:fN73r1u2oMdLz3e/wqBXG50ekkAQXRZl:fB3r8y3e4qBXUjZl`
PDB Path	c:\netcat\Release\netcat.pdb
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature NMap - NMAP IsPE32 - (no description)

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

No Suricata Alerts

No Suricata TLS

Time & API	Arguments	Status	Return	Repeated
WriteConsoleA April 30, 2024, 7:32 a.m.	buffer: Cmd line: console_handle: 0x0000000b	1	1	0

pdb_path

c:\netcat\Release\netcat.pdb

Bkav	W32.AIDetectMalware
Lionic	Riskware.Win32.NetCat.1!c
CAT-QuickHeal	Trojan.GenericPMF.S519521
Skyhigh	Tool-NetCat.g
Cylance	unsafe
Sangfor	Suspicious.Win32.Save.ins
K7GW	Unwanted-Program ( 004a8e8a1 )
K7AntiVirus	Unwanted-Program ( 004a8e8a1 )
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ESET-NOD32	a variant of Win32/RemoteAdmin.NetCat.AB potentially unsafe
McAfee	Tool-NetCat.g
Avast	FileRepMalware [PUP]
Kaspersky	not-a-virus:HEUR:NetTool.Win32.NetCat.gen
NANO-Antivirus	Riskware.Win32.NetCat.bdjcw
Rising	HackTool.NetCat!1.BBDD (CLASSIC)
DrWeb	Tool.Netcat
Zillya	Backdoor.Swrort.Win32.409
TrendMicro	HackTool.Win32.Netcat.SM
FireEye	Generic.mg.a5a74d73fbf4a6f0
Sophos	NetCat (PUA)
Jiangmin	RemoteAdmin.NetCat.av
Webroot	W32.HackTool.Gen
Google	Detected
Antiy-AVL	Trojan[RemoteAdmin]/Win32.NetCat
Kingsoft	malware.kb.a.992
Xcitium	Malware@#2dvdauwhvkdjy
Microsoft	HackTool:Win32/NetCatTool!MTB
ZoneAlarm	not-a-virus:HEUR:NetTool.Win32.NetCat.gen
Varist	W32/Tool.ACIZ-5446
AhnLab-V3	Win-AppCare/Xema.61440.M
DeepInstinct	MALICIOUS
VBA32	Backdoor.Swrort
Malwarebytes	Generic.Malware.AI.DDS
Panda	HackTool/NetCat.A
Yandex	Trojan.GenAsa!A4aPacTnkXA
Fortinet	Riskware/NetCat
AVG	FileRepMalware [PUP]
alibabacloud	Hacktool:Win/RemoteAdmin.NylLqj

nc.exe