Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
09.22 03:09
config.exe
09.22 03:09
game.exe
09.22 03:09
svchost.exe
09.22 03:09
66eef0d7ec94e_vrewgh12...
09.22 03:09
66eef0cc8034a_sdgdfs.exe
09.22 03:09
qq-1950222243-x%e2%80%...
09.22 03:09
nate.exe
09.22 03:09
66eef0d27af21_vfdsgfd.exe
09.22 03:09
Autoupdate.exe
09.22 03:09
feelniceforgivenmegrea...

Latest News
09.22 03:09
탈레스, 양자 시대 보안위협 대비 사이버...
09.22 02:09
디지서트, 디지털 신뢰 분야 글로벌 선도...
09.22 02:09
넷앤드, 시스템 접근통제 및 계정관리 분...
09.22 02:09
FreeCAD is Near 1.0
09.22 02:09
토큰증권 플랫폼 펀블, ‘현대테라타워DM...
09.22 12:09
[PASCON 2024-리뷰] 굿모닝아이...
09.22 12:09
[PASCON 2024-강연] 박나룡 소...
09.22 12:09
2024-09-19 - File down...
09.22 11:09
The Surprising Effects...
09.22 10:09
두리코스 댕기머리, 중국인 300만 명이...

Summary | ZeroBOX

rundll322.exe

PE32 PE File

Category	Machine	Started	Completed
FILE	s1_win7_x6402	March 26, 2022, 7:14 p.m.	March 26, 2022, 7:18 p.m.

Size	32.0KB
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`a5dd94434c702493d4577e966134b303`
SHA256	`a26f4219815c297c705060b77595ef76e35e9e2bedbeb5afb3357cdc5ba2717f`
CRC32	`925D4409`
ssdeep	`384:ovAw66vILDbNRhbHeJh8+oXBjxJd5IyYQGSbdkDjkoebjDISVjNW8SCW0:ovAOQbSEln5IyYpamDjobj8ShSA`
PDB Path	rundll32.pdb
Yara	PE_Header_Zero - PE File Signature IsPE32 - (no description)

rundll322.exe "C:\Users\test22\AppData\Local\Temp\rundll322.exe"
1860

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
164.124.101.2	Active	Moloch

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

This executable has a PDB path (1 event)

pdb_path

rundll32.pdb

Foreign language identified in PE resource (14 events)

name

RT_ICON

language

LANG_CHINESE

filetype

GLS_BINARY_LSB_FIRST

sublanguage

SUBLANG_CHINESE_SIMPLIFIED

offset

0x00009a28

size

0x00000468

name

RT_ICON

language

LANG_CHINESE

filetype

GLS_BINARY_LSB_FIRST

sublanguage

SUBLANG_CHINESE_SIMPLIFIED

offset

0x00009a28

size

0x00000468

name

RT_ICON

language

LANG_CHINESE

filetype

GLS_BINARY_LSB_FIRST

sublanguage

SUBLANG_CHINESE_SIMPLIFIED

offset

0x00009a28

size

0x00000468

name

RT_ICON

language

LANG_CHINESE

filetype

GLS_BINARY_LSB_FIRST

sublanguage

SUBLANG_CHINESE_SIMPLIFIED

offset

0x00009a28

size

0x00000468

name

RT_ICON

language

LANG_CHINESE

filetype

GLS_BINARY_LSB_FIRST

sublanguage

SUBLANG_CHINESE_SIMPLIFIED

offset

0x00009a28

size

0x00000468

name

RT_ICON

language

LANG_CHINESE

filetype

GLS_BINARY_LSB_FIRST

sublanguage

SUBLANG_CHINESE_SIMPLIFIED

offset

0x00009a28

size

0x00000468

name

RT_ICON

language

LANG_CHINESE

filetype

GLS_BINARY_LSB_FIRST

sublanguage

SUBLANG_CHINESE_SIMPLIFIED

offset

0x00009a28

size

0x00000468

name

RT_ICON

language

LANG_CHINESE

filetype

GLS_BINARY_LSB_FIRST

sublanguage

SUBLANG_CHINESE_SIMPLIFIED

offset

0x00009a28

size

0x00000468

name

RT_STRING

language

LANG_CHINESE

filetype

data

sublanguage

SUBLANG_CHINESE_SIMPLIFIED

offset

0x0000a024

size

0x00000058

name

RT_STRING

language

LANG_CHINESE

filetype

data

sublanguage

SUBLANG_CHINESE_SIMPLIFIED

offset

0x0000a024

size

0x00000058

name

RT_STRING

language

LANG_CHINESE

filetype

data

sublanguage

SUBLANG_CHINESE_SIMPLIFIED

offset

0x0000a024

size

0x00000058

name

RT_STRING

language

LANG_CHINESE

filetype

data

sublanguage

SUBLANG_CHINESE_SIMPLIFIED

offset

0x0000a024

size

0x00000058

name

RT_GROUP_ICON

language

LANG_CHINESE

filetype

data

sublanguage

SUBLANG_CHINESE_SIMPLIFIED

offset

0x0000a07c

size

0x00000076

name

RT_VERSION

language

LANG_CHINESE

filetype

data

sublanguage

SUBLANG_CHINESE_SIMPLIFIED

offset

0x0000a0f4

size

0x00000390