Gridinsoft Logo

The nc64.exe File Analysis

Updated 1 month ago
Checked by Malware Check
nc64.exe

Technical Analysis

File Name nc64.exe
File Type
Win32 EXE
Magic Bytes PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
SSDEEP Hash
768:gaGHu/aKUAvRCXA/e6PfVVCJrxg/KKjMozd6jSemG0nf2Fcc5C+qLaVp:CuSzAvRCxmNVCgi+IjNmDO15C+qLaVp
Scanner Version 1.0.229.174
Database Version 2025-11-28 20:00:31 UTC

Suspicious File Detected

Detected by 28 security engines - requires caution

This file requires additional checking for potential threats. Based on suspicious indicators, we will soon add it to our virus database.
39%
Detection Rate
45,272
File Size (bytes)
28/71
Engines Detected
2025-11-28
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
523613a7b9dfa398cbd5ebd2dd0f4f38
SHA1
3e92f697d642d68bb766cc93e3130b36b2da2bab
SHA256
3e59379f585ebf0becb6b4e06d0fbbf806de28a4bb256e837b4555f1b4245571
SHA512
2ca42e21ebc26233c3822851d9fc82f950186820e10d3601c92b648415eb720f0e1a3a6d9d296497a3393a939a9424c47b1e5eaedfd864f96e3ab8986f6b35b5
ImpHash
567531f08180ab3963b70889578118a3

Security Engines with Detections (28 of 71)

Bkav
W32.Common.2180BEFE Malicious
Elastic
malicious (high confidence) Malicious
Cynet
Malicious (score: 100) Malicious
CAT-QuickHeal
HackTool.Netcat.E1 Malicious
ALYac
Misc.HackTool.NetCat Malicious
Cylance
unsafe Malicious
Symantec
Trojan Horse Malicious
ESET-NOD32
a variant of Win64/RemoteAdmin.NetCat.A potentially unsafe Malicious
Kaspersky
not-a-virus:RemoteAdmin.Win32.NetCat.bnr Malicious
TrendMicro
HackTool.Win64.NETCAT.A Malicious
Sophos
NetCat (PUA) Malicious
Webroot
W32.Hacktool.Netcat Malicious
Varist
W64/NetCat.A.gen!Eldorado Malicious
Antiy-AVL
RiskWare[RemoteAdmin]/Win32.NetCat Malicious
Kingsoft
Win32.Troj.Generic.v Malicious
ViRobot
HackTool.Agent.45272 Malicious
ZoneAlarm
not-a-virus:RemoteAdmin.Win32.NetCat.bnr Malicious
Google
Detected Malicious
AhnLab-V3
HackTool/Win.Netcat.C5283500 Malicious
Malwarebytes
RiskWare.NetCat Malicious
Panda
Hacktool/Netcat Malicious
TrendMicro-HouseCall
HackTool.Win64.NETCAT.A Malicious
Tencent
Malware.Win32.Gencirc.10be95be Malicious
Yandex
Riskware.RemoteAdmin!dALKdVU+LqQ Malicious
Ikarus
PUA.Netcat Malicious
MaxSecure
Trojan.Malware.73885908.susgen Malicious
Fortinet
Riskware/NetCat Malicious
DeepInstinct
MALICIOUS Malicious
43 engines reported no threats - Only engines with detections are shown above for clarity

PE Analysis

Basic Information

Image Base 0x00400000
Entry Point 0x00401710
Compilation Time 2011-09-16 22:46:10
Checksum 0x0000ef39 (Actual: 0x0000ef39)
OS Version 4.0
PEiD Signatures PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
Digital Signature OK
Imports 3 libraries
KERNEL32, msvcrt, WSOCK32
Exports 0 functions
Resources 0 Resources
Sections 7 Sections

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00001000 26,112 bytes 26,112 bytes 5.90 (Normal) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ|IMAGE_SCN_ALIGN_16BYTES E2B1CD470AC63D157E4C65E232C07ADF
.data 0x00008000 240 bytes 512 bytes 1.62 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE|IMAGE_SCN_ALIGN_16BYTES C5407141C3FDBDFF8172A329E9384D18
.rdata 0x00009000 4,624 bytes 5,120 bytes 5.01 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_ALIGN_16BYTES 57E82D7C7851E8632411901E03BA61BE
.bss 0x0000b000 3,072 bytes 0 bytes 0.00 (Normal) IMAGE_SCN_CNT_UNINITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE|IMAGE_SCN_ALIGN_32BYTES D41D8CD98F00B204E9800998ECF8427E
.idata 0x0000c000 4,400 bytes 4,608 bytes 3.91 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE|IMAGE_SCN_ALIGN_4BYTES D2A0F7D3008F5D537376C1A482DCB11E
.CRT 0x0000e000 104 bytes 512 bytes 0.26 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE|IMAGE_SCN_ALIGN_8BYTES 58729826ACCB6B45D872788E51AD82C7
.tls 0x0000f000 72 bytes 512 bytes 0.22 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE|IMAGE_SCN_ALIGN_32BYTES 87BD9ED859278120552D9CD12F0AB113

Certificate Chain Analysis

Certificate Information
Signing Date 10:52 PM 09/16/2011 (5228 days ago)
Verification Status Signed
Signers Jernej Simoncic; GlobalSign ObjectSign CA; GlobalSign Primary Object Publishing CA; GlobalSign Root CA - R1
Counter Signers GlobalSign Time Stamping Authority; GlobalSign Timestamping CA; GlobalSign Root CA - R1
Certificate Chain Summary
GlobalSign Primary Object Publishing CA #1 Primary
Validity Period: 1999-01-28 13:00:00 → 2017-01-27 12:00:00
Signature Algorithm: sha1RSA
Serial Number: 04 00 00 00 00 01 23 9E 0F AC B3
GlobalSign Timestamping CA #2 Chain
Validity Period: 2009-03-18 11:00:00 → 2028-01-28 12:00:00
Signature Algorithm: sha1RSA
Serial Number: 04 00 00 00 00 01 20 19 C1 90 66
GlobalSign Time Stamping Authority #3 Chain
Validity Period: 2009-12-21 09:32:56 → 2020-12-22 09:32:56
Signature Algorithm: sha1RSA
Serial Number: 01 00 00 00 00 01 25 B0 B4 CC 01
Jernej Simoncic #4 Chain
Validity Period: 2011-06-10 14:37:33 → 2012-06-10 13:56:30
Signature Algorithm: sha1RSA
Serial Number: 01 00 00 00 00 01 30 7A 27 87 2D
GlobalSign ObjectSign CA #5 Chain
Validity Period: 2004-01-22 10:00:00 → 2017-01-27 10:00:00
Signature Algorithm: sha1RSA
Serial Number: 04 00 00 00 00 01 23 9E 0F AF 24

✓ This file has been digitally signed and the certificate chain has been verified

  • The signature ensures file integrity and authenticity from the publisher
  • Timestamping proves when the signature was applied
Certificate Verification Status

OK

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

  1. Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
  2. Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
  3. Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
  4. Email Security: Be cautious with email attachments and links, even from known contacts.
Proactive Protection
28 antivirus engines detected potential threats. This could be a false positive, especially for system tools or packed software. Verify the file source and check if it's digitally signed by a trusted publisher.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.

Your Score for
/

Gridinsoft Anti-Malware

Stay Malware-Free: Keep Your PC Protected with Gridinsoft Anti-Malware

Gridinsoft Anti-Malware offers just that—peace of mind with a robust, user-friendly solution that’s constantly updated to combat the latest threats. Designed by cybersecurity experts, it provides real-time protection and effortless malware removal. It’s not just about detecting threats; it's about enhancing your digital life with uninterrupted security. Give it a try and experience what it feels like to browse worry-free!

Gridinsoft Anti-Malware Download Now
Gridinsoft Anti-Malware