Svchost Spyware / Suspicious Activity - Virus, Trojan, Spyware, and Malware Removal Help
Tags
| country: | Ireland |
| attack-pattern: | Ip Addresses - T1590.005 Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 Software - T1592.002 Connection Proxy - T1090 |
Common Information
| Type | Value |
|---|---|
| UUID | b4e2e0b5-ae2b-4716-8594-2e68df8d9025 |
| Fingerprint | 6750285076cee0d7 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Nov. 24, 2022, 6:55 p.m. |
| Added to db | Nov. 25, 2022, 4:48 a.m. |
| Last updated | Nov. 17, 2024, 6:55 p.m. |
| Headline | Svchost Spyware / Suspicious Activity |
| Title | Svchost Spyware / Suspicious Activity - Virus, Trojan, Spyware, and Malware Removal Help |
| Detected Hints/Tags/Attributes | 31/2/44 |
Source URLs
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 163 | ✔ | — | https://media.cert.europa.eu/rss?type=category&id=Malware&language=en&duplicates=false | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 1 | microsoft.windows.services |
|
| Details | Domain | 397 | www.microsoft.com |
|
| Details | Domain | 7 | crl.microsoft.com |
|
| Details | File | 1122 | svchost.exe |
|
| Details | File | 92 | c:\windows\system32\svchost.exe |
|
| Details | File | 1 | api-ms-win-core-com-l1-1-1.dll |
|
| Details | File | 1 | api-ms-win-core-crt-l1-1-0.dll |
|
| Details | File | 1 | api-ms-win-core-delayload-l1-1-1.dll |
|
| Details | File | 533 | ntdll.dll |
|
| Details | File | 1 | api-ms-win-core-threadpool-private-l1-1-0.dll |
|
| Details | File | 1 | api-ms-win-core-sidebyside-l1-1-0.dll |
|
| Details | File | 1 | api-ms-win-core-heap-obsolete-l1-1-0.dll |
|
| Details | File | 1 | api-ms-win-core-string-obsolete-l1-1-0.dll |
|
| Details | File | 1 | api-ms-win-core-handle-l1-1-0.dll |
|
| Details | File | 1 | api-ms-win-security-base-l1-2-0.dll |
|
| Details | File | 1 | api-ms-win-core-localization-l1-2-1.dll |
|
| Details | File | 1 | api-ms-win-core-heap-l1-2-0.dll |
|
| Details | File | 41 | rpcrt4.dll |
|
| Details | File | 1 | api-ms-win-core-string-l1-1-0.dll |
|
| Details | File | 1 | api-ms-win-core-processenvironment-l1-2-0.dll |
|
| Details | File | 1 | api-ms-win-core-registry-l1-1-0.dll |
|
| Details | File | 3 | api-ms-win-core-synch-l1-2-0.dll |
|
| Details | File | 1 | api-ms-win-core-libraryloader-l1-2-0.dll |
|
| Details | File | 2 | api-ms-win-service-core-l1-1-1.dll |
|
| Details | File | 1 | api-ms-win-service-winsvc-l1-2-0.dll |
|
| Details | File | 1 | api-ms-win-core-errorhandling-l1-1-1.dll |
|
| Details | File | 1 | api-ms-win-core-rtlsupport-l1-2-0.dll |
|
| Details | File | 1 | api-ms-win-core-sysinfo-l1-2-1.dll |
|
| Details | File | 1 | api-ms-win-core-processthreads-l1-1-2.dll |
|
| Details | File | 1 | api-ms-win-core-profile-l1-1-0.dll |
|
| Details | File | 1 | api-ms-win-core-crt-l2-1-0.dll |
|
| Details | File | 1 | micwinpropca2011_2011-10-19.crt |
|
| Details | File | 1 | microoceraut_2010-06-23.crt |
|
| Details | File | 1 | repository.htm |
|
| Details | IPv4 | 6 | 5.1.0.0 |
|
| Details | Pdb | 2 | svchost.pdb |
|
| Details | Url | 1 | http://www.microsoft.com/pkiops/crl/micwinpropca2011_2011-10-19.crl0a |
|
| Details | Url | 1 | http://www.microsoft.com/pkiops/certs/micwinpropca2011_2011-10-19.crt0 |
|
| Details | Url | 1 | http://crl.microsoft.com/pki/crl/products/microoceraut_2010-06-23.crl0z |
|
| Details | Url | 1 | http://www.microsoft.com/pki/certs/microoceraut_2010-06-23.crt0 |
|
| Details | Url | 1 | http://www.microsoft.com/windows0 |
|
| Details | Url | 1 | http://www.microsoft.com/pkiops/crl/microsoft |
|
| Details | Url | 1 | http://www.microsoft.com/pkiops/certs/microsoft |
|
| Details | Url | 1 | http://www.microsoft.com/pkiops/docs/repository.htm0 |