ScreenShot
| Created | 2023.04.29 21:52 | Machine | s1_win7_x6401 |
| Filename | svchost.exe | ||
| Type | PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | 4 detected (malicious, confidence, Attribute, HighConfidence, score) | ||
| md5 | e6a2752e80594deabb0362f04ad28cd4 | ||
| sha256 | 19e51295a6454aaca250d7d5c759c061224c81454b475f5876754c289eb32482 | ||
| ssdeep | 48:6v92DrkBJJCDGTQAsxspQtIROR5LNfW1wizb7tvv3y4q4:kYDCJJWofwQyLNfcwCb7tvv3y4q | ||
| imphash | |||
| impfuzzy | 3:: | ||
Network IP location
Signature (2cnts)
| Level | Description |
|---|---|
| notice | File has been identified by 4 AntiVirus engines on VirusTotal as malicious |
| info | One or more processes crashed |
Rules (2cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| info | IsPE64 | (no description) | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|