popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

svchost.exe

Antivirus UPX PE File OS Processor Check PE32 .NET EXE
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6401 April 8, 2024, 6:29 p.m. April 8, 2024, 6:29 p.m.
Size 66.5KB
Type PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 00135a86ab829fc2d4678179d7a6e70f
SHA256 0b8b21af69d0b465b7b8cd584bdba1f86d062bb0c7c51656f36a66fce8e9bd89
CRC32 75D74933
ssdeep 1536:TjDQ1biZlWCiOmaB6dGXtK8qw2u04+bFoJZ+Pl+aaPOVde0:TQ1alRYQtKw504+bFxPFaPOVdD
Yara
  • PE_Header_Zero - PE File Signature
  • Antivirus - Contains references to security software
  • Is_DotNET_EXE - (no description)
  • IsPE32 - (no description)
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Bkav W32.AIDetectMalware.CS
Lionic Trojan.Win32.XWorm.m!c
CAT-QuickHeal Worm.GenericFC.S32598663
Skyhigh Trojan-FVYT!00135A86AB82
Cylance unsafe
Sangfor Trojan.Win32.Save.a
K7AntiVirus Trojan ( 005aa5f01 )
BitDefender Gen:Heur.MSIL.Krypt.!cdmip!.2
K7GW Trojan ( 005aa5f01 )
Cybereason malicious.6ab829
Arcabit Trojan.MSIL.Krypt.!cdmip!.2
VirIT Trojan.Win32.MSIL_Heur.B
Symantec ML.Attribute.HighConfidence
Elastic malicious (high confidence)
ESET-NOD32 a variant of MSIL/Agent.DWN
APEX Malicious
Avast Win32:RATX-gen [Trj]
ClamAV Win.Packed.njRAT-10002074-1
Kaspersky HEUR:Backdoor.MSIL.XWorm.gen
Alibaba Backdoor:MSIL/XWorm.e49270f5
MicroWorld-eScan Gen:Heur.MSIL.Krypt.!cdmip!.2
Rising Backdoor.njRAT!1.9E49 (CLASSIC)
Emsisoft Gen:Heur.MSIL.Krypt.!cdmip!.2 (B)
F-Secure Trojan.TR/Spy.Gen
DrWeb BackDoor.BladabindiNET.30
BitDefenderTheta Gen:NN.ZemsilF.36802.em0@ayeJQad
TrendMicro TROJ_GEN.R002C0DD624
FireEye Generic.mg.00135a86ab829fc2
Sophos Troj/RAT-FJ
Ikarus Trojan.MSIL.Agent
Google Detected
Avira TR/Spy.Gen
MAX malware (ai score=88)
Antiy-AVL Trojan[Backdoor]/MSIL.XWorm
Kingsoft malware.kb.c.1000
Gridinsoft Ransom.Win32.Bladabindi.sa
Microsoft Trojan:MSIL/XWorm.C!MTB
ZoneAlarm HEUR:Backdoor.MSIL.XWorm.gen
GData MSIL.Backdoor.XWormRAT.A
Varist W32/MSIL_Troj.UP.gen!Eldorado
AhnLab-V3 Backdoor/Win.AsyncRat.C5360693
Acronis suspicious
McAfee Trojan-FVYT!00135A86AB82
DeepInstinct MALICIOUS
VBA32 Backdoor.MSIL.XWorm.gen
Malwarebytes Backdoor.XWorm.Generic
Panda Trj/GdSda.A
TrendMicro-HouseCall TROJ_GEN.R002C0DD624
Tencent Msil.Backdoor.Xworm.Adhl
SentinelOne Static AI - Malicious PE