4fd2c1eae57bd4a78c3b34b93652b1ef54307a8ca58a751e2ab50eb3199b764a

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

nekonoelle...an.zip

windows7-x64

nekonoelle...an.zip

windows10-2004-x64

NekoNoelle...le.ini

windows7-x64

NekoNoelle...le.ini

windows10-2004-x64

NekoNoelle...nd.buf

windows7-x64

NekoNoelle...nd.buf

windows10-2004-x64

NekoNoelle...ody.ib

windows7-x64

NekoNoelle...ody.ib

windows10-2004-x64

NekoNoelle...se.dds

windows7-x64

NekoNoelle...se.dds

windows10-2004-x64

NekoNoelle...ap.dds

windows7-x64

NekoNoelle...ap.dds

windows10-2004-x64

NekoNoelle...ess.ib

windows7-x64

NekoNoelle...ess.ib

windows10-2004-x64

NekoNoelle...se.dds

windows7-x64

NekoNoelle...se.dds

windows10-2004-x64

NekoNoelle...ap.dds

windows7-x64

NekoNoelle...ap.dds

windows10-2004-x64

NekoNoelle...se.dds

windows7-x64

NekoNoelle...se.dds

windows10-2004-x64

NekoNoelle...ead.ib

windows7-x64

NekoNoelle...ead.ib

windows10-2004-x64

NekoNoelle...se.dds

windows7-x64

NekoNoelle...se.dds

windows10-2004-x64

NekoNoelle...ap.dds

windows7-x64

NekoNoelle...ap.dds

windows10-2004-x64

NekoNoelle...on.buf

windows7-x64

NekoNoelle...on.buf

windows10-2004-x64

NekoNoelle...rd.buf

windows7-x64

NekoNoelle...rd.buf

windows10-2004-x64

NekoNoelle...le.ini

windows7-x64

NekoNoelle...le.ini

windows10-2004-x64

Analysis

max time kernel
135s
max time network
153s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
24/05/2023, 20:02

Sharing

Copy URL

Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

nekonoelle_103_by_nerujikan.zip

Resource

win7-20230220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

nekonoelle_103_by_nerujikan.zip

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral3

Sample

NekoNoelle[1.0.3] by Nerujikan/NekoNoelle/DISABLEDNoelle.ini

Resource

win7-20230220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

NekoNoelle[1.0.3] by Nerujikan/NekoNoelle/DISABLEDNoelle.ini

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral5

Sample

NekoNoelle[1.0.3] by Nerujikan/NekoNoelle/NoelleBlend.buf

Resource

win7-20230220-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral6

Sample

NekoNoelle[1.0.3] by Nerujikan/NekoNoelle/NoelleBlend.buf

Resource

win10v2004-20230221-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral7

Sample

NekoNoelle[1.0.3] by Nerujikan/NekoNoelle/NoelleBody.ib

Resource

win7-20230220-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral8

Sample

NekoNoelle[1.0.3] by Nerujikan/NekoNoelle/NoelleBody.ib

Resource

win10v2004-20230220-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral9

Sample

NekoNoelle[1.0.3] by Nerujikan/NekoNoelle/NoelleBodyDiffuse.dds

Resource

win7-20230220-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral10

Sample

NekoNoelle[1.0.3] by Nerujikan/NekoNoelle/NoelleBodyDiffuse.dds

Resource

win10v2004-20230220-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral11

Sample

NekoNoelle[1.0.3] by Nerujikan/NekoNoelle/NoelleBodyLightMap.dds

Resource

win7-20230220-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral12

Sample

NekoNoelle[1.0.3] by Nerujikan/NekoNoelle/NoelleBodyLightMap.dds

Resource

win10v2004-20230221-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral13

Sample

NekoNoelle[1.0.3] by Nerujikan/NekoNoelle/NoelleDress.ib

Resource

win7-20230220-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral14

Sample

NekoNoelle[1.0.3] by Nerujikan/NekoNoelle/NoelleDress.ib

Resource

win10v2004-20230220-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral15

Sample

NekoNoelle[1.0.3] by Nerujikan/NekoNoelle/NoelleDressDiffuse.dds

Resource

win7-20230220-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral16

Sample

NekoNoelle[1.0.3] by Nerujikan/NekoNoelle/NoelleDressDiffuse.dds

Resource

win10v2004-20230220-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral17

Sample

NekoNoelle[1.0.3] by Nerujikan/NekoNoelle/NoelleDressLightMap.dds

Resource

win7-20230220-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral18

Sample

NekoNoelle[1.0.3] by Nerujikan/NekoNoelle/NoelleDressLightMap.dds

Resource

win10v2004-20230220-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral19

Sample

NekoNoelle[1.0.3] by Nerujikan/NekoNoelle/NoelleFaceHeadDiffuse.dds

Resource

win7-20230220-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral20

Sample

NekoNoelle[1.0.3] by Nerujikan/NekoNoelle/NoelleFaceHeadDiffuse.dds

Resource

win10v2004-20230220-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral21

Sample

NekoNoelle[1.0.3] by Nerujikan/NekoNoelle/NoelleHead.ib

Resource

win7-20230220-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral22

Sample

NekoNoelle[1.0.3] by Nerujikan/NekoNoelle/NoelleHead.ib

Resource

win10v2004-20230221-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral23

Sample

NekoNoelle[1.0.3] by Nerujikan/NekoNoelle/NoelleHeadDiffuse.dds

Resource

win7-20230220-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral24

Sample

NekoNoelle[1.0.3] by Nerujikan/NekoNoelle/NoelleHeadDiffuse.dds

Resource

win10v2004-20230220-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral25

Sample

NekoNoelle[1.0.3] by Nerujikan/NekoNoelle/NoelleHeadLightMap.dds

Resource

win7-20230220-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral26

Sample

NekoNoelle[1.0.3] by Nerujikan/NekoNoelle/NoelleHeadLightMap.dds

Resource

win10v2004-20230220-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral27

Sample

NekoNoelle[1.0.3] by Nerujikan/NekoNoelle/NoellePosition.buf

Resource

win7-20230220-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral28

Sample

NekoNoelle[1.0.3] by Nerujikan/NekoNoelle/NoellePosition.buf

Resource

win10v2004-20230220-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral29

Sample

NekoNoelle[1.0.3] by Nerujikan/NekoNoelle/NoelleTexcoord.buf

Resource

win7-20230220-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral30

Sample

NekoNoelle[1.0.3] by Nerujikan/NekoNoelle/NoelleTexcoord.buf

Resource

win10v2004-20230220-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral31

Sample

NekoNoelle[1.0.3] by Nerujikan/NekoNoelle2/DISABLEDNoelle.ini

Resource

win7-20230220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral32

Sample

NekoNoelle[1.0.3] by Nerujikan/NekoNoelle2/DISABLEDNoelle.ini

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

150 seconds

Report Analysis Logs

General

Target

NekoNoelle[1.0.3] by Nerujikan/NekoNoelle/NoelleHeadDiffuse.dds
Size

1.0MB
MD5

817cc0e250ef57d043e377a4fc5a3247
SHA1

880efabccf133b9c76eeb4f5c71b9b99477c0850
SHA256

4df09d18e3310e8236c6dc5edc4d2622b1f4ba080504e0b857b4f8796ced0db8
SHA512

47eb426ef97a6aa907b7dacd05651387efc1685e6083b72ac195caf066879c96f32e0c2b12521b8beeda651245f5762b032f274a448226440d61d128cb5d437c
SSDEEP

12288:0sRlM12YMgVj9pqze5oTDDypXM/NjiW7Gven3kPAXKif36I5PDXFwyOoJ3lPbGtj:0MzHDbUlivD1fO03XDzlQpvTNKHDCFT

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Processes

C:\Windows\system32\cmd.exe
cmd /c "C:\Users\Admin\AppData\Local\Temp\NekoNoelle[1.0.3] by Nerujikan\NekoNoelle\NoelleHeadDiffuse.dds"
1⤵
PID:5088

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads