General
-
Target
svhost.exe
-
Size
5.2MB
-
MD5
8aa2bcc963f412a81961e70ca973d25c
-
SHA1
791e2d2f9fc5bbf9f149aaace2cbf1b3ea263eb8
-
SHA256
d8ccea5c925de65f4604ec7b632aaf3d6bab3a9930e4708530f17f9891f8ba84
-
SHA512
da47fd38845006bb884230996e499a6d42f5a78a2cd6fcc7be8e1b2cd3cc3623d0b579ab8eab67ee11eee294feb21729a9f23d5f51180525ad0e425b9283c7bb
-
SSDEEP
98304:qNN/N91h2eDZQjL7sU8I5DKBWoClkRGJewd8Y3evBQ9LtYVrEx3/o6ETgKbWyu:w9GeDVI5DKBWZlkgJedYs6LtYdEhqTgY
Score
7/10
Malware Config
Signatures
-
Obfuscated with Agile.Net obfuscator 1 IoCs
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
svhost.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections