csrss.exe

Is DLL Packer Anti Debug Anti VM Signed XOR AntiVirus 47/67 Related 2165
File details Download PDF Report
File type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
File size: 233.00 KB (238592 bytes)
Compile time: 1982-07-30 22:24:38
MD5: a5eefe4b6362f6772eff4d4e9eb762f7
SHA1: 775eb50b972d73102d68545c3a0e89aafd930bbf
SHA256: 0849673ca7da0338af236a680c6e271fd5510429f85efc1f26ca37d4c179f7f5
Import hash: f34d5f2d4577ed6d9ceec516c1f5a744
Sections 5 02y8\T1 .text .rsrc .reloc
Directories 3 import resource relocation
First submission: 2019-04-15 12:48:03
Last submission: 2019-04-15 12:48:03
Filename detected: - csrss.exe (1)
URL file hosting
hXXp://aurorahurricane.net.au/file/upload/images/csrss.exeVirusTotal
Antivirus Report
Report Date Detection Ratio Permalink Update
2019-04-10 13:08:38 [47/67] VirusTotal
PE Sections 3 suspicious
Name VAddress VSize Size MD5 SHA1
02y8\T1 0x2000 0x32e04 208896 7ad7651773710d827d6052865ae829fa dcebbe022055e45ac973302f8c20204008028cef
.text 0x36000 0x63e0 25600 5d71eccf693de445c4d8bc3ffbf9a08c 01faa11cae808b716aa3c39d0c410eef0587d795
.rsrc 0x3e000 0x618 2048 6d3a61cfc73ebfd9b06ae73645001915 5a55a25a3b1c1c274fcff508e22aea81d37416ff
.reloc 0x40000 0xc 512 1b7daa91007c3b092e7bc824ff1dd2a0 90e48be3fd66d07adad6a1f234c1d974b6710a43
0x42000 0x10 512 a2fe910d80abf62e238941cf26c8af4f e8d335a102a02c35e9c254da15d3a857ad020175
Meta Info
No Meta found in this file
XOR
No XOR informations found in this file.
Signature
This file isn't digitally signed
Packer(s)
Microsoft Visual C# / Basic .NET
File found
FIle type: XML
System.Xml
FIle type: Library
KERNEL32.dll
mscoree.dll
IP Found
4.6.9.11
URL(s)
No URL found

#infosec #automation

TheSystem Itself @ 2019-04-15 12:48:04