popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

svchost.exe

PE64 PE File
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6401 April 29, 2023, 9:52 p.m. April 29, 2023, 9:52 p.m.
Size 6.5KB
Type PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows
MD5 e6a2752e80594deabb0362f04ad28cd4
SHA256 19e51295a6454aaca250d7d5c759c061224c81454b475f5876754c289eb32482
CRC32 13B195F9
ssdeep 48:6v92DrkBJJCDGTQAsxspQtIROR5LNfW1wizb7tvv3y4q4:kYDCJJWofwQyLNfcwCb7tvv3y4q
Yara
  • IsPE64 - (no description)
  • PE_Header_Zero - PE File Signature

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Time & API Arguments Status Return Repeated

__exception__

 stacktrace: 

        
      
      
      

    
  
    
      
        exception.symbol:
        
        

      
        exception.exception_code:
        0xc0000005
        

      
        exception.address:
        0x0
        

      
    
  
    
      
        registers.r14:
        0
        

      
        registers.r15:
        0
        

      
        registers.rcx:
        2293456
        

      
        registers.rsi:
        10
        

      
        registers.r10:
        0
        

      
        registers.rbx:
        0
        

      
        registers.rsp:
        2293416
        

      
        registers.r11:
        0
        

      
        registers.r8:
        8796092850176
        

      
        registers.r9:
        4199456
        

      
        registers.rdx:
        4199456
        

      
        registers.r12:
        0
        

      
        registers.rbp:
        0
        

      
        registers.rdi:
        0
        

      
        registers.rax:
        1992451360
        

      
        registers.r13:
        0
        

      
    
  


    
        1
    

0

    
        0
    


                                


                            

                        

                    


                    

                

            
            
        
            


                

                
                

                    

                    

                        
                        

                            

                                

                                    CrowdStrike
                                    win/malicious_confidence_70% (W)
                                    
                                


                            

                        

                            

                                

                                    Symantec
                                    ML.Attribute.HighConfidence
                                    
                                


                            

                        

                            

                                

                                    Cynet
                                    Malicious (score: 100)
                                    
                                


                            

                        

                            

                                

                                    APEX
                                    Malicious