ScreenShot
| Created | 2024.11.07 21:45 | Machine | s1_win7_x6401 |
| Filename | 1.hta | ||
| Type | HTML document, ASCII text, with very long lines | ||
| AI Score | Not founds | Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | 28 detected (Countermeasure, G2JS, GenericKD, ExpKit, fetrmm, TOPIS, mqoLyYAvOAQ, Muldrop, Detected, ABRisk, XVXT, Ltgl, ai score=84) | ||
| md5 | 682f821b4daa22d6629825e83159e98f | ||
| sha256 | 2947a56a5485ca6871e15a26b0e05f9623023cdd2d6b69e1915c60e5ea39b3b8 | ||
| ssdeep | 3072:89u+3cQdER4pZ0bEBz8s/PM8dWGYIbFB92prl:8A+38RaZNBos/PMVGYW92 | ||
| imphash | |||
| impfuzzy | |||
Network IP location
Signature (2cnts)
| Level | Description |
|---|---|
| warning | File has been identified by 28 AntiVirus engines on VirusTotal as malicious |
| info | One or more processes crashed |
Rules (1cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| danger | Win_Trojan_Formbook_Zero | Used Formbook | binaries (upload) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|