Category | Machine | Started | Completed |
---|---|---|---|
FILE | s1_win7_x6401 | June 11, 2024, 2:40 p.m. | June 11, 2024, 2:44 p.m. |
-
wscript.exe "C:\Windows\System32\wscript.exe" C:\Users\test22\AppData\Local\Temp\DocuSign.vbs
2664
Name | Response | Post-Analysis Lookup |
---|---|---|
www.python.org | 151.101.228.223 |
Suricata Alerts
Flow | SID | Signature | Category |
---|---|---|---|
TCP 192.168.56.101:49162 -> 146.75.48.223:443 | 906200054 | SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) | undefined |
Suricata TLS
No Suricata TLS
Skyhigh | BehavesLike.VBS.Dropper.xp |
Symantec | ISB.Downloader!gen60 |
NANO-Antivirus | Trojan.Script.Vbs-heuristic.druvzi |
TrendMicro | HEUR_VBS.DL1 |
Kingsoft | Script.Ks.Malware.12156 |
Microsoft | Trojan:Script/Wacatac.B!ml |
ZoneAlarm | HEUR:Trojan-Downloader.Script.Generic |