| Category | Machine | Started | Completed |
|---|---|---|---|
| ARCHIVE | s1_win7_x6403_us | June 7, 2024, 5:48 p.m. | June 7, 2024, 5:48 p.m. |
Archive npptools.dll @ sandbox.zip
Summary
| Size | 47.0KB |
|---|---|
| Type | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows |
| MD5 | e8415cb60c91c988dfae2d4b6c5ee1ca |
| SHA1 | 13d4989d925b59460db332d3c27d8725388280a3 |
| SHA256 | 366b77df76729d08687051c1ec4b718ba1d650bca5b16eb15ec5c11570d6ff16 |
| SHA512 |
ffb12508305ab3c2003c6aa703e879baafd54d6061f6a9782aa1f5876cc54b605b6c838676c86cb02a64e47e5d60c5f8cd29f8e9787628abcf9efb3e7ed4eeda
|
| CRC32 | B6CFDAA1 |
| ssdeep | 768:b1Us+ZA67UcQItYJRorS6s7yPxC4+NyStoerKr25nxDmwA/x411Skban:JcZr79tYJ72O7tRFK/x411Sea |
| Yara |
|
| Name | Response | Post-Analysis Lookup |
|---|---|---|
| No hosts contacted. | ||
| IP Address | Status | Action |
|---|---|---|
| 164.124.101.2 | Active | Moloch |
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
| section | FINDSHAR |
| name | RT_DIALOG | language | LANG_CHINESE | filetype | data | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x0000d190 | size | 0x00000134 | ||||||||||||||||||
| name | RT_STRING | language | LANG_CHINESE | filetype | data | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x0000d3a8 | size | 0x000000a8 | ||||||||||||||||||
| name | RT_STRING | language | LANG_CHINESE | filetype | data | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x0000d3a8 | size | 0x000000a8 | ||||||||||||||||||
| name | RT_STRING | language | LANG_CHINESE | filetype | data | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x0000d3a8 | size | 0x000000a8 | ||||||||||||||||||
| name | RT_MESSAGETABLE | language | LANG_CHINESE | filetype | data | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x0000d450 | size | 0x000000ac | ||||||||||||||||||
| name | RT_VERSION | language | LANG_CHINESE | filetype | data | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x0000d4fc | size | 0x000003a0 | ||||||||||||||||||