| Category | Machine | Started | Completed |
|---|---|---|---|
| ARCHIVE | s1_win7_x6402 | Oct. 13, 2023, 1:01 a.m. | Oct. 13, 2023, 1:02 a.m. |
Archive LBB_Rundll32_pass.dll @ LBB_AEV-iledefrance.fr_05A8F2993F873622_12.08.23_aev_iledefrance.zip
Summary
| Size | 154.0KB |
|---|---|
| Type | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows |
| MD5 | 7a19d7814274b8d46f79369bdbf21626 |
| SHA1 | e491f09b796cfb786953b035dabf427699bb67e1 |
| SHA256 | b7f3e66d721f42af5ec1bb9e5c6f7e5a553e2a23cc2829fdfc544c93f75240a5 |
| SHA512 |
43f6155073660303c8bfa32459bc3e4649e4efe42d5194b52e1d7fc643dfda29c8b4ad07ee4813e7deb6b23b591c5de35794da47a743c2f3f9baefabdee9a1bb
|
| CRC32 | 74EE18A2 |
| ssdeep | 3072:s/PwuVtSZ7I77S97NBOfKJt+u6u/IXWPQwHhRpRCsoeBnA1uWmcDaCyu+FP:s/P67Iv0afKJH66IXGQ/socA1IPuc |
| Yara |
|
| Name | Response | Post-Analysis Lookup |
|---|---|---|
| No hosts contacted. | ||
| IP Address | Status | Action |
|---|---|---|
| No hosts contacted. | ||
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
| section | .itext |
| section | {u'size_of_data': u'0x00017600', u'virtual_address': u'0x00001000', u'entropy': 7.997791842534422, u'name': u'.text', u'virtual_size': u'0x00017564'} | entropy | 7.99779184253 | description | A section with a high entropy has been found | |||||||||
| section | {u'size_of_data': u'0x0000a000', u'virtual_address': u'0x0001b000', u'entropy': 7.995571390595756, u'name': u'.data', u'virtual_size': u'0x0000ad34'} | entropy | 7.9955713906 | description | A section with a high entropy has been found | |||||||||
| section | {u'size_of_data': u'0x00004000', u'virtual_address': u'0x00026000', u'entropy': 7.98967204419482, u'name': u'.pdata', u'virtual_size': u'0x00003e2b'} | entropy | 7.98967204419 | description | A section with a high entropy has been found | |||||||||
| entropy | 0.977124183007 | description | Overall entropy of this PE file is high | |||||||||||