ScreenShot
| Created | 2025.04.02 09:48 | Machine | s1_win7_x6401 |
| Filename | KeyActivation-GLEO.FUN.lnk | ||
| Type | MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Wed Feb 5 04:09:11 2025, mtime=Sun Mar 16 20:50:37 2025, atime=Wed Feb 5 04:09: | ||
| AI Score | Not founds | Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | 12 detected (Malcode, a variant of Generik, QUSDUP, LNKEXEC, WinLNK, IRT633, Jmnw) | ||
| md5 | d6c471d75a7d9e707349988639f9aa69 | ||
| sha256 | deb98936aad91a2805108a839ad5083a043efa1045dd92869d7a00036bcd771a | ||
| ssdeep | 48:8kryrp1OkZP66L7T8r39bILvvalLq+ucU:8kryrp1x66L7or39b2Iq+6 | ||
| imphash | |||
| impfuzzy | |||
Network IP location
Signature (4cnts)
| Level | Description |
|---|---|
| watch | File has been identified by 12 AntiVirus engines on VirusTotal as malicious |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Creates a shortcut to an executable file |
| info | Command line console output was observed |
Rules (4cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| warning | Generic_Malware_Zero | Generic Malware | binaries (upload) |
| watch | Antivirus | Contains references to security software | binaries (upload) |
| info | lnk_file_format | Microsoft Windows Shortcut File Format | binaries (upload) |
| info | Lnk_Format_Zero | LNK Format | binaries (upload) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|