ScreenShot
| Created | 2023.07.12 08:07 | Machine | s1_win7_x6402 |
| Filename | notice_11_jul_7701757.js | ||
| Type | Little-endian UTF-16 Unicode text, with very long lines, with CRLF, CR, LF line terminators | ||
| AI Score | Not founds | Behavior Score |
|
| ZERO API | |||
| VT API (file) | |||
| md5 | 5dc5797adb91fb7c0609d3d6a7b7184a | ||
| sha256 | aff022471daf3087b5492eb57b0c22197826ea5bd31392fe3b72cad8553c3f96 | ||
| ssdeep | 3072:Y7iPO80tXW8UsIAAZRQlnqiKm0t0eirr1OFdo1ltXpc2pUjqTRECoNjrdH37D:x | ||
| imphash | |||
| impfuzzy | |||
Network IP location
Signature (2cnts)
| Level | Description |
|---|---|
| warning | Uses WMI to create a new process |
| info | Queries for the computername |
Rules (0cnts)
| Level | Name | Description | Collection |
|---|
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|