ScreenShot
Created | 2021.07.01 08:18 | Machine | s1_win7_x6402 |
Filename | CE_Agent_Funding_Advice_pdf.js | ||
Type | ASCII text, with very long lines, with no line terminators | ||
AI Score | Not founds | Behavior Score |
|
ZERO API | file : clean | ||
VT API (file) | |||
md5 | dadca572b4e524d5f03a2a4f9b25a050 | ||
sha256 | 65987f95b365501579431ea8dec1d45940430d8c9defad58908a14e6fb96a347 | ||
ssdeep | 24576:eOa0QS/9pn7qKkxds34NPoE3j2hYW8jecNH2Pzw83ZEkTE50DngGfayxg3qfDOoX:Pl | ||
imphash | |||
impfuzzy |
Network IP location
Signature (6cnts)
Level | Description |
---|---|
danger | Connects to IP addresses that are no longer responding to requests (legitimate services will remain up-and-running usually) |
watch | Communicates with host for which no DNS query was performed |
notice | Connects to a Dynamic DNS Domain |
notice | Executes one or more WMI queries |
notice | Executes one or more WMI queries which can be used to identify virtual machines |
info | Queries for the computername |
Rules (0cnts)
Level | Name | Description | Collection |
---|