Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

nekonoelle...an.zip

windows7-x64

1

nekonoelle...an.zip

windows10-2004-x64

1

NekoNoelle...le.ini

windows7-x64

1

NekoNoelle...le.ini

windows10-2004-x64

1

NekoNoelle...nd.buf

windows7-x64

3

NekoNoelle...nd.buf

windows10-2004-x64

3

NekoNoelle...ody.ib

windows7-x64

3

NekoNoelle...ody.ib

windows10-2004-x64

3

NekoNoelle...se.dds

windows7-x64

3

NekoNoelle...se.dds

windows10-2004-x64

3

NekoNoelle...ap.dds

windows7-x64

3

NekoNoelle...ap.dds

windows10-2004-x64

3

NekoNoelle...ess.ib

windows7-x64

3

NekoNoelle...ess.ib

windows10-2004-x64

3

NekoNoelle...se.dds

windows7-x64

3

NekoNoelle...se.dds

windows10-2004-x64

3

NekoNoelle...ap.dds

windows7-x64

3

NekoNoelle...ap.dds

windows10-2004-x64

3

NekoNoelle...se.dds

windows7-x64

3

NekoNoelle...se.dds

windows10-2004-x64

3

NekoNoelle...ead.ib

windows7-x64

3

NekoNoelle...ead.ib

windows10-2004-x64

3

NekoNoelle...se.dds

windows7-x64

3

NekoNoelle...se.dds

windows10-2004-x64

3

NekoNoelle...ap.dds

windows7-x64

3

NekoNoelle...ap.dds

windows10-2004-x64

3

NekoNoelle...on.buf

windows7-x64

3

NekoNoelle...on.buf

windows10-2004-x64

3

NekoNoelle...rd.buf

windows7-x64

3

NekoNoelle...rd.buf

windows10-2004-x64

3

NekoNoelle...le.ini

windows7-x64

1

NekoNoelle...le.ini

windows10-2004-x64

1

Analysis

  • max time kernel
    106s
  • max time network
    109s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    24/05/2023, 20:02 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NekoNoelle[1.0.3] by Nerujikan/NekoNoelle/NoelleBodyDiffuse.dds

  • Size

    1.0MB

  • MD5

    57bb79473f6eb0675c4f87708b2c2fe3

  • SHA1

    5a10b25b1c12bdc6a9857f02dd223fe06259336d

  • SHA256

    7d569fab888751b87f7ab6c195556d7aab263c82e6af84f31a006d65ff55cad5

  • SHA512

    dc8ed24adc8fad95dc3f671ea68456c6076deb2fa3c936ec7fc625a7cbb48cd37daf550815fc65c9ed9bfe4c9901fd06f995595f99a2a707015cea8828110068

  • SSDEEP

    12288:oZp5BNDPvBsVIGCtDLFAgdO3ucBn6r7D0M7po0l1:oVDnBvxRbO3uKnW7u0l1

Score
3/10

Malware Config

Signatures

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c "C:\Users\Admin\AppData\Local\Temp\NekoNoelle[1.0.3] by Nerujikan\NekoNoelle\NoelleBodyDiffuse.dds"
    1⤵
      PID:4476

    Network

    • flag-us
      DNS
      50.23.12.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      50.23.12.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      196.249.167.52.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      196.249.167.52.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      171.39.242.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      171.39.242.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      126.138.241.8.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      126.138.241.8.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      95.221.229.192.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      95.221.229.192.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      97.17.167.52.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      97.17.167.52.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      233.141.123.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      233.141.123.20.in-addr.arpa
      IN PTR
      Response
    • 20.189.173.7:443
      322 B
       7
    • 93.184.221.240:80
      322 B
       7
    • 93.184.221.240:80
      322 B
       7
    • 173.223.113.164:443
      322 B
       7
    • 204.79.197.203:80
      322 B
       7
    • 8.8.8.8:53
      171.39.242.20.in-addr.arpa
      dns
      72 B
       158 B
       1
      1

      DNS Request

      171.39.242.20.in-addr.arpa

    • 8.8.8.8:53
      50.23.12.20.in-addr.arpa
      dns
      70 B
       156 B
       1
      1

      DNS Request

      50.23.12.20.in-addr.arpa

    • 8.8.8.8:53
      196.249.167.52.in-addr.arpa
      dns
      73 B
       147 B
       1
      1

      DNS Request

      196.249.167.52.in-addr.arpa

    • 8.8.8.8:53
      126.138.241.8.in-addr.arpa
      dns
      72 B
       126 B
       1
      1

      DNS Request

      126.138.241.8.in-addr.arpa

    • 8.8.8.8:53
      95.221.229.192.in-addr.arpa
      dns
      73 B
       144 B
       1
      1

      DNS Request

      95.221.229.192.in-addr.arpa

    • 8.8.8.8:53
      97.17.167.52.in-addr.arpa
      dns
      71 B
       145 B
       1
      1

      DNS Request

      97.17.167.52.in-addr.arpa

    • 8.8.8.8:53
      233.141.123.20.in-addr.arpa
      dns
      73 B
       159 B
       1
      1

      DNS Request

      233.141.123.20.in-addr.arpa

    MITRE ATT&CK Enterprise v6

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.