popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis
Malicious Packer PE64 PE File DLL
  1. Resubmit sample
Category Machine Started Completed
ARCHIVE s1_win7_x6403_us Oct. 14, 2024, 10:54 a.m. Oct. 14, 2024, 10:55 a.m.

Archive mfis/RpcNs4.dll @ v.1.7.2_x64__install__.zip

Summary

Size 10.0KB
Type PE32+ executable (DLL) (console) x86-64, for MS Windows
MD5 fe96bd9f00dd06c0cf7c01034d50a9ae
SHA1 873e56fba4222860000c54da9c06a553f88a605a
SHA256 ada416d1e94295a64f60c9c51a6bd282e7183c93e069fc2121cdbd541ba1dcfb
SHA512
cf201644214aa343b688c63ec731c5a939096f291acbecf78f55cba67d62d0fe49f85ac9157f75f6dfd106a050e48dffb79472e8d739a53cbc182459671956a7
CRC32 CB6A30CA
ssdeep 96:kPF4gDqI76oc6bawkLBbCnJBn42QzaCp869n3+V5yYTL7NymEWhHBWw:kd4gDqI7Rp7kv3+LyYTLYbWhHBW
PDB Path RpcNs4.pdb
Yara
  • PE_Header_Zero - PE File Signature
  • Malicious_Packer_Zero - Malicious Packer
  • IsDLL - (no description)
  • IsPE64 - (no description)

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
164.124.101.2 Active Moloch

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

pdb_path RpcNs4.pdb
resource name MUI