svchost.exe

Onur Karagoz

It runs as a separate (within the context of its own process) windows Service named “svchost”.
Publisher:
Onur Karagoz  (signed and verified)

Version:
1.0.0.0

MD5:
8eda9cbb87d3c54cf60ac0f7140003a2

SHA-1:
8c201ad7c0c0ea0d351bf468bff21d2a1a916710

SHA-256:
9044551411aa0a05537324b4697e4c240e28ab6960ab10e495d163c7ead53b1d

Scanner detections:
1 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
12/25/2024 4:41:16 AM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
MSIL/TrojanDownloader.Agent.OB trojan
6.3.12010.0

File size:
87.8 KB (89,872 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © 2014

Original file name:
SV.exe

File type:
Executable application (Win32 EXE)

Language:
Turkish (Turkey)

Common path:
C:\ProgramData\svchost.exe

Digital Signature
Signed by:

Authority:
COMODO CA Limited

Valid from:
11/13/2014 2:00:00 AM

Valid to:
11/14/2015 1:59:59 AM

Subject:
CN=Onur Karagoz, O=Onur Karagoz, STREET=UĞURMUMCU MAH. UĞURMUMCU CAD., STREET=184 ÇATIEVLER SİTESİ, STREET=BLOK:C D:210, L=Ankara, S=Yenimahalle, PostalCode=06370, C=TR

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00CD82F99CAD17F58E443C98C1BD258CBA

File PE Metadata
Compilation timestamp:
11/19/2014 6:42:25 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

.NET CLR dependent:
Yes

Entry address:
0x15F0E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
80 KB (81,920 bytes)

Service
Display name:
svchost

Type:
Win32OwnProcess


Scan svchost.exe - Powered by Reason Core Security