ScreenShot
| Created | 2024.11.20 09:15 | Machine | s1_win7_x6402 |
| Filename | DKM-9067291.pdf.lnk | ||
| Type | MS Windows shortcut, Points to a file or directory, Icon number=11, Archive, ctime=Sun Nov 17 08:56:53 2024, mtime=Sun Nov 17 08:56:44 2024, atime=Sun Nov 17 08:56:44 2024, length=153, window=hidenormalshowminimized | ||
| AI Score | Not founds | Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | 10 detected (DownLnk, Detected, 8I32DT, Zmhl) | ||
| md5 | ec59f33659d0f4d2b1cddc76d82c9556 | ||
| sha256 | 45d00dc1fa18402b7062f11116e11d0267a8abcf341893d66854bac17b2624ee | ||
| ssdeep | 24:8koHdFgrWncY6/wHcmBnR1E583nK5Cj+7S/TIU2JQvMcCvDxIU2SKs:8lUWcf0cc31K578EU2JYC6U2SK | ||
| imphash | |||
| impfuzzy | |||
Network IP location
Signature (6cnts)
| Level | Description |
|---|---|
| watch | File has been identified by 10 AntiVirus engines on VirusTotal as malicious |
| watch | Harvests credentials from local email clients |
| notice | Checks adapter addresses which can be used to detect virtual network interfaces |
| notice | Creates a shortcut to an executable file |
| info | Command line console output was observed |
| info | Queries for the computername |
Rules (2cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| info | lnk_file_format | Microsoft Windows Shortcut File Format | binaries (upload) |
| info | Lnk_Format_Zero | LNK Format | binaries (upload) |
