Overview

overview

8

Static

static

3

nmap-7.93-setup.exe

windows10-2004-x64

8

Uninstall.exe

windows10-2004-x64

4

libcrypto-3.dll

windows10-2004-x64

3

libssh2.dll

windows10-2004-x64

3

libssl-3.dll

windows10-2004-x64

1

ncat.exe

windows10-2004-x64

1

ndiff.exe

windows10-2004-x64

1

nmap.exe

windows10-2004-x64

1

nping.exe

windows10-2004-x64

1

nse_main.js

windows10-2004-x64

1

nselib/afp.js

windows10-2004-x64

1

nselib/ajp.js

windows10-2004-x64

1

nselib/amqp.js

windows10-2004-x64

1

nselib/anyconnect.js

windows10-2004-x64

1

nselib/asn1.js

windows10-2004-x64

1

nselib/base32.js

windows10-2004-x64

1

nselib/base64.js

windows10-2004-x64

1

nselib/bitcoin.js

windows10-2004-x64

1

nselib/bittorrent.js

windows10-2004-x64

1

nselib/bjnp.js

windows10-2004-x64

1

nselib/brute.js

windows10-2004-x64

1

nselib/coap.js

windows10-2004-x64

1

nselib/comm.js

windows10-2004-x64

1

nselib/creds.js

windows10-2004-x64

1

nselib/cvs.js

windows10-2004-x64

1

nselib/dat...nts.js

windows10-2004-x64

1

nselib/dat...nts.js

windows10-2004-x64

1

nselib/dat...cis.js

windows10-2004-x64

1

nselib/dat...ers.js

windows10-2004-x64

1

nselib/datafiles.js

windows10-2004-x64

1

zenmap.exe

windows10-2004-x64

3

zlibwapi.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    147s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    28-02-2024 21:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ndiff.exe

  • Size

    30KB

  • MD5

    641c20acd8719456d1480ac90122d5ee

  • SHA1

    95ba489a1c112589ad695b8c96f6569e6665ac08

  • SHA256

    0ba1295afc0e5205541777ff5bd565e46ab40c5b9c4f425bbfceb800d306d8cd

  • SHA512

    7473e0ea9345dce9d93ee4074da1537c8cd39813774a3776c99e796b3c8d90ec1e9c8c26924dee588e08f7fa27e59452add51635e9e68c214df3ac8cca25c7a5

  • SSDEEP

    384:yYn2vPeqUfmEZ+nUn0fJCfMdXWgugoL2R3dwmgo6rEqZmZsHLsL4i/8E9VF0NyX7:yxPeqYmEb0kUX1dwzrV1aeE1

Score
1/10

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\ndiff.exe
    "C:\Users\Admin\AppData\Local\Temp\ndiff.exe"
    1⤵
      PID:5004

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads