Overview

overview

10

Static

static

svchost.exe

windows7-x64

10

svchost.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    140s
  • max time network
    166s
  • platform
    windows7_x64
  • resource
    win7-20221111-en
  • resource tags

    arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
  • submitted
    07-12-2022 07:26

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    svchost.exe

  • Size

    5.4MB

  • MD5

    b64caff2a80efe84e68f102ced8a50db

  • SHA1

    8755ec0e6256682c9288d021ce8904778f1b4ac0

  • SHA256

    7903e4ed5449a8ef689e3aa4456a4df20750fee09b3cf71f065b210cbd124051

  • SHA512

    46b718c01dbc2aa8972bbf69c9092c1016aac1ba60f26889dbc8b17c1ba21096a95dd7892fd7d5d471991c36a835e1c4c8c2bfd7c1d648b7cc56edcfa7796f49

  • SSDEEP

    49152:ih6m+U3grb/TyvO90dL3BmAFd4A64nsfJ3pcp0QXD0izFsniKnMwWv0b2WE8fMko:ih6O0pI0QXOhnMFOavQKGb7HLmt2El

Score
10/10
cobaltstrikebackdoortrojan

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\svchost.exe
    "C:\Users\Admin\AppData\Local\Temp\svchost.exe"
    1⤵
      PID:1276

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1276-54-0x000000002AFD0000-0x000000002B011000-memory.dmp
      Filesize

      260KB

      Download
    • memory/1276-55-0x000000002B420000-0x000000002B46F000-memory.dmp
      Filesize

      316KB

      Download