ScreenShot
Created | 2024.12.16 19:01 | Machine | s1_win7_x6403 |
Filename | Captcha.hta | ||
Type | HTML document, ASCII text, with very long lines, with CRLF line terminators | ||
AI Score | Not founds | Behavior Score |
|
ZERO API | file : clean | ||
VT API (file) | 24 detected (Electryon, PowerShell, LUMMASTEALER, YXELMZ, Tiny, ExpKit, eurlzq, ExploitKit, Detected, Infected, AutoInfector, ABApplication, Kmnw) | ||
md5 | 81df0a7222ad3c1bd736c2190314b47c | ||
sha256 | df63eda4107b614d7a1138490e5c23d657ef4966d7af8c5bd747e5c06a4b231c | ||
ssdeep | 48:3XrEzR0n67Z00kWo5XJdYCSC0DpxMUR02V4YD9Lhushq3pYk94WdfG:qgc00doRYrC0FfqYKCAu | ||
imphash | |||
impfuzzy |
Network IP location
Signature (5cnts)
Level | Description |
---|---|
warning | File has been identified by 24 AntiVirus engines on VirusTotal as malicious |
notice | Allocates read-write-execute memory (usually to unpack itself) |
notice | Changes read-write memory protection to read-execute (probably to avoid detection when setting all RWX flags at the same time) |
notice | Performs some HTTP requests |
info | Checks amount of memory in system |
Rules (0cnts)
Level | Name | Description | Collection |
---|