ScreenShot
Created | 2025.04.02 09:48 | Machine | s1_win7_x6401 |
Filename | KeyActivation-GLEO.FUN.lnk | ||
Type | MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Wed Feb 5 04:09:11 2025, mtime=Sun Mar 16 20:50:37 2025, atime=Wed Feb 5 04:09: | ||
AI Score | Not founds | Behavior Score |
|
ZERO API | file : clean | ||
VT API (file) | 12 detected (Malcode, a variant of Generik, QUSDUP, LNKEXEC, WinLNK, IRT633, Jmnw) | ||
md5 | d6c471d75a7d9e707349988639f9aa69 | ||
sha256 | deb98936aad91a2805108a839ad5083a043efa1045dd92869d7a00036bcd771a | ||
ssdeep | 48:8kryrp1OkZP66L7T8r39bILvvalLq+ucU:8kryrp1x66L7or39b2Iq+6 | ||
imphash | |||
impfuzzy |
Network IP location
Signature (4cnts)
Level | Description |
---|---|
watch | File has been identified by 12 AntiVirus engines on VirusTotal as malicious |
notice | Allocates read-write-execute memory (usually to unpack itself) |
notice | Creates a shortcut to an executable file |
info | Command line console output was observed |
Rules (4cnts)
Level | Name | Description | Collection |
---|---|---|---|
warning | Generic_Malware_Zero | Generic Malware | binaries (upload) |
watch | Antivirus | Contains references to security software | binaries (upload) |
info | lnk_file_format | Microsoft Windows Shortcut File Format | binaries (upload) |
info | Lnk_Format_Zero | LNK Format | binaries (upload) |
Network (0cnts) ?
Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
---|