home

nc.exe

Jernej Simoncic

Publisher:
Jernej Simoncic  (signed and verified)

MD5:
5dcf26e3fbce71902b0cd7c72c60545b

SHA-1:
970bbe298c8ec673fe2257ad6363d29942171fd1

SHA-256:
e8fbec25db4f9d95b5e8f41cca51a4b32be8674a4dea7a45b6f7aeb22dbc38db

Scanner detections:
3 / 68

Status:
Clean  (3 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
4/19/2024 4:07:39 AM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
Win32/RemoteAdmin.NetCat.AD (variant)
8.9289

Trend Micro House Call
HKTL_NETCAT
7.2.15

Trend Micro
HKTL_NETCAT
10.465.15

File size:
37.7 KB (38,616 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Windows\System32\nc.exe

Digital Signature
Signed by:
Jernej Simoncic

Authority:
GlobalSign nv-sa

Valid from:
6/10/2011 4:37:33 PM

Valid to:
6/10/2012 3:56:30 PM

Subject:
CN=Jernej Simoncic, C=SI

Issuer:
CN=GlobalSign ObjectSign CA, OU=ObjectSign CA, O=GlobalSign nv-sa, C=BE

Serial number:
010000000001307A27872D

File PE Metadata
Compilation timestamp:
9/17/2011 12:46:18 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
2.21

CTPH (ssdeep):
768:mucfgSLKkEXRYxLKlVMGmmkn2TocrC+q4rPBn:vcfpKkEqKlGGmjwTrC+q4rPBn

Entry address:
0x1290

Entry point:
55, 89, E5, 83, EC, 18, C7, 04, 24, 01, 00, 00, 00, FF, 15, DC, B2, 40, 00, E8, 58, FD, FF, FF, 90, 8D, B4, 26, 00, 00, 00, 00, 55, 89, E5, 83, EC, 18, C7, 04, 24, 02, 00, 00, 00, FF, 15, DC, B2, 40, 00, E8, 38, FD, FF, FF, 90, 8D, B4, 26, 00, 00, 00, 00, 55, 89, E5, 83, EC, 08, A1, 08, B3, 40, 00, C9, FF, E0, 66, 90, 55, 89, E5, 83, EC, 08, A1, F0, B2, 40, 00, C9, FF, E0, 90, 90, 55, 89, E5, 83, EC, 18, A1, 58, 70, 40, 00, 85, C0, 74, 3A, C7, 04, 24, 00, 80, 40, 00, E8, 61, 43, 00, 00, 89, C2, 83, EC, 04...
 
[+]

Entropy:
6.2775

Code size:
21 KB (21,504 bytes)

Scan nc.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.