Investigation Needed for svchost.exe Querying .onion Domains
malwaretornetwork-trafficsvchost.execybersecuritythreat-analysiswindowsanomaly-detection
The author reports that a host is making requests to .onion domains. The responsible process is svchost.exe, with the following command line: svchost.exe -k netsvcs -p -s SharedAccess. They are seeking assistance to further investigate this behavior.