Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
09.22 06:09
audiodg.exe
09.22 06:09
psfod.exe
09.22 06:09
73EtsZxIoDetWTu.exe
09.22 06:09
otqp9.exe
09.22 06:09
xx.exe
09.22 06:09
fck.exe
09.22 06:09
LummaC222222.exe
09.22 06:09
seethebestwayforunders...
09.22 06:09
Name.exe
09.22 06:09
needmoney.exe

Latest News
09.22 08:09
Hackfest, A New Event ...
09.22 08:09
엠클라우독, 문서 관리 및 정보보안 분야...
09.22 08:09
엘세븐시큐리티, 개인정보 차단 솔루션 시...
09.22 07:09
Examining Mobile Threa...
09.22 07:09
스패로우, SW 공급망 보안 시장서 리더...
09.22 07:09
스콥정보통신, 네트워크 자원관리 및 접근...
09.22 06:09
Unicorn2 Devblog: mmap...
09.22 06:09
국제 사이버범죄조직들에 맞서 치열한 전투...
09.22 05:09
Staffelstabübergabe de...
09.22 05:09
세일포인트, 금융기관 맞춤형 아이덴티티 ...

Summary | ZeroBOX

svchost.exe

Gen1 Malicious Packer UPX PE32 PE File

Category	Machine	Started	Completed
FILE	s1_win7_x6401	Nov. 16, 2023, 6:34 p.m.	Nov. 16, 2023, 6:34 p.m.

Size	20.5KB
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`54a47f6b5e09a77e61649109c6a08866`
SHA256	`121118a0f5e0e8c933efd28c9901e54e42792619a8a3a6d11e1f0025a7324bc2`
CRC32	`4B0EAF31`
ssdeep	`384:eipYzV8555BUcKaJEEyKxC0exYQ1k3KFUOLg2JfvaW9C5bW9odW:3peIszaqEyKxCtxJk6FbXaw`
PDB Path	svchost.pdb
Yara	IsPE32 - (no description) Malicious_Packer_Zero - Malicious Packer PE_Header_Zero - PE File Signature Win32_Trojan_Gen_1_0904B0_Zero - Win32 Trojan Emotet UPX_Zero - UPX packed file

svchost.exe "C:\Users\test22\AppData\Local\Temp\svchost.exe"
2552

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

This executable has a PDB path (1 event)

pdb_path

svchost.pdb

The file contains an unknown PE resource name possibly indicative of a packer (1 event)

resource name

MUI