home

netcut.exe

Arcai.com's NetCut

Arcai.com

Publisher:
Arcai.com

Product:
Arcai.com's NetCut

Description:
NetCut Arp Spoof Application

Version:
2.0.9

MD5:
95812f70cf51d8c13d5f85c402af4118

SHA-1:
b50edbc1d7ec3b15a7c327d3c612d1eb40f5cf13

SHA-256:
e6da243d629032459b6c64056b150ebeb8363e256f674569f958f8f717311e82

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/20/2024 3:21:14 PM UTC  (today)

Scan engine
Detection
Engine version

Fortinet FortiGate
HackerTool/Netcut
12/24/2013

File size:
812 KB (831,488 bytes)

Product version:
2.0.9

Copyright:
(C) <Arcai.com> All right reserved

Original file name:
netcut.exe

File type:
Executable application (Win32 EXE)

Language:
Chinese (Simplified, PRC)

Common path:
C:\Program Files\netcut\netcut.exe

File PE Metadata
Compilation timestamp:
5/14/2011 4:53:29 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
6144:kFooqSVNNf1kb5io15FTXT6Sf8LPloawsSnd0CzL/qVwCP7oa72mL/IyzL/uTe:B2f1EFTjEP2XsSnicqOQo2AyzL/9

Entry address:
0x4568E

Entry point:
E8, F5, B1, 00, 00, E9, 16, FE, FF, FF, FF, 35, F4, 8B, 47, 00, E8, 83, 49, 00, 00, 85, C0, 59, 74, 02, FF, D0, 6A, 19, E8, 9E, 8C, 00, 00, 6A, 01, 6A, 00, E8, 55, B3, 00, 00, 83, C4, 0C, E9, 5A, B2, 00, 00, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B, 64, 24, 0C, 53, 56, 57, 89, 28, 8B, E8, A1, D4, 4C, 47, 00, 33, C5, 50, FF, 75, FC, C7, 45, FC, FF, FF, FF, FF, 8D, 45, F4, 64, A3, 00, 00, 00, 00, C3, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B, 64, 24, 0C, 53, 56, 57, 89, 28, 8B, E8, A1, D4...
 
[+]

Entropy:
6.0627

Code size:
372 KB (380,928 bytes)

The executing file has been seen to make the following network communication in live environments.

TCP (HTTP):
Connects to li682-165.members.linode.com  (23.239.9.165:80)

Scan netcut.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.