svchost_Slayed[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

svchost_Slayed.exe
Size

331KB
MD5

2e0cf1882ee710884b1fe25d774d0c5b
SHA1

e610ff9549d09188d335b2acc1583c960c91c6b5
SHA256

8beb9a20c385898f9764fd7d2b830c6525284b560eb6aea36d18782407ff92c0
SHA512

a98eb7a15cbd22db53d3db2456a28cc6ae779315162307c4f8a34a158566c42298e7b84b0ba8b8b72f60d49718d1c146245f21b005746f7bd98db916cc7ccb90
SSDEEP

6144:5yUNUEQLaZ41zAMo7Gp7H8lmK/TWVX9jYvUA6MOO/2ImZiST/PbOQr:5yaJQjAH7G9oZyV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
svchost_Slayed.exe

Files

svchost_Slayed.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 329KB - Virtual size: 328KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ