ScreenShot
| Created | 2024.11.11 09:36 | Machine | s1_win7_x6403 |
| Filename | dccuac.ps1 | ||
| Type | ASCII text, with very long lines | ||
| AI Score | Not founds | Behavior Score |
|
| ZERO API | |||
| VT API (file) | 27 detected (PwShell, powershell, RefA, Attribute, HighConfidence, PowerMacro, CLASSIC, PowSploit, Detected, Casdet, ABTrojan, DKQE, Tgil, HackTool, Mikatz) | ||
| md5 | 33cf935daecc1036651e586728eb87bb | ||
| sha256 | 67de37a29c353434b27c98ac9012bff6b489aeba1504c6dd86ae2216bb74075f | ||
| ssdeep | 6144:f5hYs0ly3uApLfHg2NVOHiUDs3BcjRqo9Hlv+ZbVztTsj7DVYXy+sZHbXSFFfVCu:f5hbf+y4iVzNi7D+y3HbcWPUQI0u | ||
| imphash | |||
| impfuzzy | |||
Network IP location
Signature (3cnts)
| Level | Description |
|---|---|
| warning | File has been identified by 27 AntiVirus engines on VirusTotal as malicious |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| info | Checks amount of memory in system |
Rules (2cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| warning | Generic_Malware_Zero | Generic Malware | binaries (download) |
| watch | Antivirus | Contains references to security software | binaries (download) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|