Windows Analysis Report SvchostInjector_x64 with SC.dll

Overview

General Information

Sample Name: SvchostInjector_x64 with SC.dll
Analysis ID: 458971
MD5: 4c0bbe1f536e0bf780b740ed6824941f
SHA1: 19b91d0188eb051f12ceb848b0f6d7b20db4813a
SHA256: c57a35df292b4e1aabee65c4d645dad018d93965c276b563311f7833a2a5ef96
Infos:

Most interesting Screenshot:
Errors
  • Nothing to analyse, Joe Sandbox has not found any analysis process or sample

Detection

Score: 48
Range: 0 - 100
Whitelisted: false
Confidence: 100%

Signatures

Multi AV Scanner detection for submitted file
Yara signature match

Classification

AV Detection:

barindex
Multi AV Scanner detection for submitted file
Source: SvchostInjector_x64 with SC.dll Virustotal: Detection: 15% Perma Link

System Summary:

barindex
Yara signature match
Source: SvchostInjector_x64 with SC.dll, type: SAMPLE Matched rule: HKTL_Meterpreter_inMemory date = 2020-06-29, author = netbiosX, Florian Roth, description = Detects Meterpreter in-memory, reference = https://www.reddit.com/r/purpleteamsec/comments/hjux11/meterpreter_memory_indicators_detection_tooling/, score =
Source: classification engine Classification label: mal48.winDLL@0/0@0/0
Source: SvchostInjector_x64 with SC.dll Virustotal: Detection: 15%
windows-stand
Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 signatures2 2 Behavior Graph ID: 458971 Sample: SvchostInjector_x64 with SC.dll Startdate: 03/08/2021 Architecture: WINDOWS Score: 48 5 Multi AV Scanner detection for submitted file 2->5
No contacted IP infos