Category | Machine | Started | Completed |
---|---|---|---|
FILE | s1_win7_x6401 | June 11, 2024, 2:40 p.m. | June 11, 2024, 2:42 p.m. |
-
wscript.exe "C:\Windows\System32\wscript.exe" C:\Users\test22\AppData\Local\Temp\sign_now.vbs
2560
Name | Response | Post-Analysis Lookup |
---|---|---|
www.python.org | 151.101.108.223 |
Suricata Alerts
Flow | SID | Signature | Category |
---|---|---|---|
TCP 192.168.56.101:49161 -> 146.75.48.223:443 | 906200054 | SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) | undefined |
Suricata TLS
No Suricata TLS
Skyhigh | BehavesLike.VBS.Dropper.xp |
Symantec | ISB.Downloader!gen60 |
TrendMicro-HouseCall | Mal_VBSCRDLX |
Avast | Script:SNH-gen [Trj] |
NANO-Antivirus | Trojan.Script.Vbs-heuristic.druvzi |
TrendMicro | Mal_VBSCRDLX |
Kingsoft | Script.Ks.Malware.12156 |
Microsoft | Trojan:Script/Sabsik.FL.A!ml |
ZoneAlarm | HEUR:Trojan-Downloader.Script.Generic |
Yandex | HTML.Psyme.Gen |
AVG | Script:SNH-gen [Trj] |