svchost_possible_payload[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

svchost_possible_payload.exe
Size

28KB
MD5

ada15e8e71c2772035ff12ea9f45020c
SHA1

e037e114b93eaee8e571cdd6e120dbc784541f69
SHA256

d76dc48fb1cd125e67706723c336862b713a5102000547684518e065b4a3c8b9
SHA512

609c472a907a6e760d7f8a5aeccc6f3d9dc8c2e85977e05d1551b59365870e7bcb0282f0c4668aa72cd4dcc278e74a87f96b0651fc0ca8f5cdaf5822d63dbbe6
SSDEEP

384:ptZCBleeqanGvCchgpXTXGbpJjvf6hMjY9IE:DZzeqp6cypXSzruMjWI

Score

N/A

Malware Config

Signatures

Files

svchost_possible_payload.exe
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ