sp-4[.]5-EfsRpc[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

sp-4.5-EfsRpc.exe
Size

1010KB
MD5

346fa8350d23f5b50561d68fe952492e
SHA1

00ea771635d5bf0d115daaa60bbd31477021d92a
SHA256

eba7436d7098b44f2c48063a386aa19c77ecaeeb65d0655f36533544a4612e8a
SHA512

c99cbc0eed2e41212fa0902ef740f439755bf4822b30bb085900fa6d0d8292eef04da44217dc1b4121fcee39438fa7ee1bda28ced6f4917b083944063f07d248
SSDEEP

24576:V2modJjKV36KVo64UgcdRbh3N9pGFspeYnqcAm3:V0dJjKl7VP4LcLbh3NKFkJn

Score

1^/10

Malware Config

Signatures

Files

sp-4.5-EfsRpc.exe
.exe windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 1007KB - Virtual size: 1007KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ