ScreenShot
| Created | 2021.05.20 16:44 | Machine | s1_win7_x6402 |
| Filename | fax_Documents.zip | ||
| Type | Zip archive data, at least v2.0 to extract | ||
| AI Score | Not founds | Behavior Score |
|
| ZERO API | file : malware | ||
| VT API (file) | 24 detected (malicious, high confidence, Targaryen, Unsafe, PWSX, Razy, Agensla, SpyBotNET, AgentTesla, Gen8, DarkStealer, score, R420346, ZemsilCO, nm0@aKIvVcm, ai score=80, TelegramBot, ZkYqOVQUviS, Static AI, Malicious Archive, susgen) | ||
| md5 | e9ab849de3862d15c03f2dc2535a2fe0 | ||
| sha256 | 85bd32821c47bd88811a829c88ec601932613fd5d5b07b2fa3461f7ffcf9682f | ||
| ssdeep | 3072:tE3KbE5jpqT5zVUcDlKPGkno8VYuSMZXmZ6j/um5g:tT+jITLvUGkohuSuXoM/un | ||
| imphash | |||
| impfuzzy | |||
Network IP location
Signature (2cnts)
| Level | Description |
|---|---|
| warning | File has been identified by 24 AntiVirus engines on VirusTotal as malicious |
| watch | Communicates with host for which no DNS query was performed |
Rules (0cnts)
| Level | Name | Description | Collection |
|---|
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|