lsass[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

lsass.exe
Size

44KB
MD5

17709c3ba48092e9eb90824b5fad9137
SHA1

e73257c819b56cf7d337e9305a6596c9a9ac5a6a
SHA256

1d2a6c68578a031fa44c14fb04e4a8c3b06f7632d60b61850c6bd9290dbb00ca
SHA512

775e37b41383e147db7debc48ddf6d1d7a288683f0b085473fec759d41d4059f429203dff316705caa1882d326a3164af09fd586830cb90f7030c56685829ee3
SSDEEP

768:epy8Y5hWXoosd4aIc/H4Ydb+QHM1zJE0x5n//Gjxm5SxS67HzScb:epy8YLWmd4dcf4g+QsdE0xU1oSh7HzS

Score

1^/10

Malware Config

Signatures

Files

lsass.exe
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.data
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.code
Size: 42KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE