ScreenShot
| Created | 2021.07.01 08:18 | Machine | s1_win7_x6402 |
| Filename | CE_Agent_Funding_Advice_pdf.js | ||
| Type | ASCII text, with very long lines, with no line terminators | ||
| AI Score | Not founds | Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | |||
| md5 | dadca572b4e524d5f03a2a4f9b25a050 | ||
| sha256 | 65987f95b365501579431ea8dec1d45940430d8c9defad58908a14e6fb96a347 | ||
| ssdeep | 24576:eOa0QS/9pn7qKkxds34NPoE3j2hYW8jecNH2Pzw83ZEkTE50DngGfayxg3qfDOoX:Pl | ||
| imphash | |||
| impfuzzy | |||
Network IP location
Signature (6cnts)
| Level | Description |
|---|---|
| danger | Connects to IP addresses that are no longer responding to requests (legitimate services will remain up-and-running usually) |
| watch | Communicates with host for which no DNS query was performed |
| notice | Connects to a Dynamic DNS Domain |
| notice | Executes one or more WMI queries |
| notice | Executes one or more WMI queries which can be used to identify virtual machines |
| info | Queries for the computername |
Rules (0cnts)
| Level | Name | Description | Collection |
|---|
