ScreenShot
Created | 2023.09.18 11:30 | Machine | s1_win7_x6401 |
Filename | XMYFCPT9speAh98pdf.lnk | ||
Type | MS Windows shortcut, Item id list present, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Sun Dec 31 15:32:08 1600, mtime=Sun Dec 31 15:32:08 1600, atime=Sun Dec 31 15:32:08 1600, length=0, window=hidenormalshowminimized | ||
AI Score | Not founds | Behavior Score |
|
ZERO API | file : clean | ||
VT API (file) | 15 detected (Save, gen20, Malicious, score, WinLNK, Runner, VPUW, Phonzy, Detected, Outbreak) | ||
md5 | 6d164ac8281441a98190607ceff43264 | ||
sha256 | 149dc877de7fe63d793d487b91c9325cfd99a0d17916d364054fbba5db375123 | ||
ssdeep | 24:8D4OAiKDqaAPHxkQgjaxoAzicEu7O40u85nITfC4ZkaClc:8/AiBng3dFITfP2asc | ||
imphash | |||
impfuzzy |
Network IP location
Signature (4cnts)
Level | Description |
---|---|
watch | File has been identified by 15 AntiVirus engines on VirusTotal as malicious |
notice | Creates a shortcut to an executable file |
notice | Queries the disk size which could be used to detect virtual machine with small fixed size or dynamic allocation |
info | Command line console output was observed |
Rules (2cnts)
Level | Name | Description | Collection |
---|---|---|---|
info | lnk_file_format | Microsoft Windows Shortcut File Format | binaries (upload) |
info | Lnk_Format_Zero | LNK Format | binaries (upload) |
Network (0cnts) ?
Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
---|