Overview

overview

10

Static

static

10

svhost.exe

windows7_x64

10

svhost.exe

windows10_x64

10

Resubmissions

22-06-2022 22:00

220622-1wyswadcf7 10

Analysis

  • max time kernel
    643s
  • max time network
    648s
  • platform
    windows7_x64
  • resource
    win7-20220414-en
  • submitted
    22-06-2022 22:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    svhost.exe

  • Size

    1.7MB

  • MD5

    ca768e05515ee9ceea7c6da4809bed29

  • SHA1

    c61b8b8177c91db2c378c79e2a7f51ed0abd0e4a

  • SHA256

    f185df1fdfe2a01aecbd10a990ccc9073e76cd8b457e4a17dbf01164e117cc61

  • SHA512

    6b3b41b7abc7b6a0146cec431b0ddbbf295d9253425d82b6384b23e6802611118f995e48f681b804cec1d9040848f94decd7a776d1944b395efa375e7421688f

Score
10/10
nerbianrattrojanupx

Malware Config

Signatures

  • Detect Nerbian RAT malware 1 IoCs
  • Nerbian

    Remote access trojan written in the Golang.

    rattrojannerbian
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx

Processes

  • C:\Users\Admin\AppData\Local\Temp\svhost.exe
    "C:\Users\Admin\AppData\Local\Temp\svhost.exe"
    1⤵
      PID:2032

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2032-54-0x0000000000A20000-0x0000000000F3C000-memory.dmp

      Filesize

      5.1MB

      Download