ScreenShot
| Created | 2024.07.20 20:28 | Machine | s1_win7_x6402 |
| Filename | crowdstrike-hotfix.zip | ||
| Type | Zip archive data, at least v2.0 to extract | ||
| AI Score | Not founds | Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | 6 detected (ccmw, Remcos, Wacatac, Penguish, TSEJtDi4xGw, susgen) | ||
| md5 | 1e84736efce206dc973acbc16540d3e5 | ||
| sha256 | c44506fe6e1ede5a104008755abf5b6ace51f1a84ad656a2dccc7f2c39c0eca2 | ||
| ssdeep | 98304:D7FFh0ObjLP706bh7a5Keyv0X5kWgrYhpz9mMZyz:DXf/bhYaYkFshpz9/yz | ||
| imphash | |||
| impfuzzy | |||
Network IP location
Signature (2cnts)
| Level | Description |
|---|---|
| watch | Communicates with host for which no DNS query was performed |
| notice | File has been identified by 6 AntiVirus engines on VirusTotal as malicious |
Rules (1cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| info | zip_file_format | ZIP file format | binaries (upload) |
