ScreenShot
| Created | 2024.11.20 09:15 | Machine | s1_win7_x6403_us |
| Filename | inv.lnk | ||
| Type | MS Windows shortcut, Points to a file or directory, Icon number=11, Archive, ctime=Tue Nov 12 01:01:00 2024, mtime=Tue Nov 12 01:00:50 2024, atime=Tue Nov 12 01:00:50 2024, length=156, window=hidenormalshowminimized | ||
| AI Score | Not founds | Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | 9 detected (DownLnk, Detected, 7ROWFL, Dplw) | ||
| md5 | 842132a519bc8f532382c78c1895cb02 | ||
| sha256 | b5bb66a242f901ac5c82eaa653209a45faa6efc968282e1ad1af38738947fadb | ||
| ssdeep | 24:8nps8zZHWWY6/wHcmPnqQE58S5V74DCj+7SToX2JQvMP37tAX2xV74u:8np3HWWf0cuqQE74D75X2JzKX2j74 | ||
| imphash | |||
| impfuzzy | |||
Network IP location
Signature (6cnts)
| Level | Description |
|---|---|
| watch | Harvests credentials from local email clients |
| notice | Checks adapter addresses which can be used to detect virtual network interfaces |
| notice | Creates a shortcut to an executable file |
| notice | File has been identified by 9 AntiVirus engines on VirusTotal as malicious |
| info | Command line console output was observed |
| info | Queries for the computername |
Rules (2cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| info | lnk_file_format | Microsoft Windows Shortcut File Format | binaries (upload) |
| info | Lnk_Format_Zero | LNK Format | binaries (upload) |
