f01f5fb0137d71bbaa7e2762e6e92d9b8fdb56d16b60c332b7e0a897c6205f31 | Triage

Analysis

max time kernel
118s
max time network
125s
platform
windows7_x64
resource
win7-en-20211208
submitted
25-01-2022 09:06

Sharing

Report Analysis Logs

General

Target

20220124svchost/svchost.exe
Size

4.3MB
MD5

0f13dd7af36816e7af4cfc1d478313f6
SHA1

c7a80ace11e6ed13c9e7d2362ff0a3a21d11400d
SHA256

a7b3052896fde162f15e38f0df0dd1535bc75a9b98d907ee9b4b8ed32c759df0
SHA512

219ec2cc2fab0456755750eea73d9a1e426925fd89c6da6c185c6dabbce28668506f73cef40733152faffc14f25686cd5042610ad79dd0a15b40bb19973b4231

Score

1^/10

Malware Config

Signatures

Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes:

svchost.exe

pid process

1684 svchost.exe
1684 svchost.exe

C:\Users\Admin\AppData\Local\Temp\20220124svchost\svchost.exe
"C:\Users\Admin\AppData\Local\Temp\20220124svchost\svchost.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
PID:1684

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...