svchost.exe

Is DLL Packer Anti Debug Anti VM Signed XOR AntiVirus 41/69 Related 2714
File details Download PDF Report
File type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
File size: 169.00 KB (173056 bytes)
Compile time: 2019-10-22 22:57:40
MD5: 619237673ab863fbaef40892c84bc109
SHA1: ac7616e1d6e5728a6d57ae59e97f1470ffa9fd91
SHA256: 98a9f94115cde689a0a588d5026d9ea7a15da17ff5ebbef101e0aa0a9c1fab74
Import hash: f34d5f2d4577ed6d9ceec516c1f5a744
Sections 3 .text .rsrc .reloc
Directories 3 import resource relocation
First submission: 2019-10-30 22:57:04
Last submission: 2019-10-30 22:57:04
Filename detected: - svchost.exe (1)
URL file hosting
hXXp://attack.s2lol.com/svchost.exeVirusTotal
Antivirus Report
Report Date Detection Ratio Permalink Update
2019-10-30 16:02:09 [41/69] VirusTotal
PE Sections 1 suspicious
Name VAddress VSize Size MD5 SHA1
.text 0x2000 0x28c04 167424 ad800d4f8e6231d3a33000280502a1a0 483e26237a66e15bed9281f757f20c38c171e568
.rsrc 0x2c000 0x1180 4608 ebdd877532fb3a25bd02405a09c8c832 9b8f135af2506871000a58cae55c8fc49e59258d
.reloc 0x2e000 0xc 512 8fc351aaa0b8fe68252e82b60d34cc84 a292ced0e0cb06edddd6d17864414bf39ceda4e0
Meta Info
No Meta found in this file
XOR
No XOR informations found in this file.
Signature
This file isn't digitally signed
Packer(s)
Microsoft Visual C# / Basic .NET
Microsoft Visual Studio .NET
.NET executable
Microsoft Visual C# v7.0 / Basic .NET
File found
FIle type: Library
mscoree.dll
IP Found
No IP detected
URL(s)
http://schemas.microsoft.com/SMI/2005/WindowsSettings

#infosec #automation

TheSystem Itself @ 2019-10-30 22:57:04