Category | Machine | Started | Completed |
---|---|---|---|
FILE | s1_win7_x6401 | April 26, 2021, 5:57 p.m. | April 26, 2021, 6:10 p.m. |
-
DFI_0451_587_032.pdf C:\Users\test22\AppData\Local\Temp\DFI_0451_587_032.pdf
2296
Name | Response | Post-Analysis Lookup |
---|---|---|
vtqt.xyz | 45.85.90.14 |
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
section | {u'size_of_data': u'0x00031c00', u'virtual_address': u'0x00002000', u'entropy': 7.974398985054195, u'name': u'.text', u'virtual_size': u'0x00031a44'} | entropy | 7.97439898505 | description | A section with a high entropy has been found | |||||||||
entropy | 0.541496598639 | description | Overall entropy of this PE file is high |
url | https://discord.com/ |
description | Affect private profile | rule | win_files_operation | ||||||
description | (no description) | rule | DebuggerCheck__GlobalFlags | ||||||
description | (no description) | rule | DebuggerCheck__QueryInfo | ||||||
description | (no description) | rule | DebuggerHiding__Thread | ||||||
description | (no description) | rule | DebuggerHiding__Active | ||||||
description | (no description) | rule | ThreadControl__Context | ||||||
description | (no description) | rule | SEH__vectored | ||||||
description | Checks if being debugged | rule | anti_dbg | ||||||
description | Bypass DEP | rule | disable_dep |
dead_host | 45.85.90.14:80 |