Signature info
Signature Verification
File is not signed
Dynamic Analysis Sandbox Detections
The sandbox Yomi Hunter flags this file as: MALWARE
History
Creation Time
2023-07-12 16:36:26 UTC
First Seen In The Wild
2023-07-12 11:46:49 UTC
First Submission
2023-07-13 12:04:00 UTC
Last Submission
2024-01-10 05:13:38 UTC
Last Analysis
2024-03-27 15:01:15 UTC
Matches rule Change PowerShell Policies to an Insecure Level by frack113 at Sigma Integrated Rule Set (GitHub)
Detects use of executionpolicy option to set insecure policies
Matches rule Change PowerShell Policies to an Insecure Level - PowerShell by frack113 at Sigma Integrated Rule Set (GitHub)
Detects use of Set-ExecutionPolicy to set insecure policies
Matches rule Suspicious Get-WmiObject by frack113 at Sigma Integrated Rule Set (GitHub)
The infrastructure for management data and operations that enables local and remote management of Windows personal computers and servers
Matches rule Creation of an Executable by an Executable by frack113 at Sigma Integrated Rule Set (GitHub)
Detects the creation of an executable by another executable
https://www.virustotal.com/gui/file/ddb40e0762f4805d660523ebfadd3ce1d906bfa0f0c2a18db58fd6d4b30d3498/detection
Names lemminx-win32.exe sha256 ddb40e0762f4805d660523ebfadd3ce1d906bfa0f0c2a18db58fd6d4b30d3498
Signature info Signature Verification File is not signed
Dynamic Analysis Sandbox Detections The sandbox Yomi Hunter flags this file as: MALWARE
History Creation Time 2023-07-12 16:36:26 UTC First Seen In The Wild 2023-07-12 11:46:49 UTC First Submission 2023-07-13 12:04:00 UTC Last Submission 2024-01-10 05:13:38 UTC Last Analysis 2024-03-27 15:01:15 UTC
Matches rule Change PowerShell Policies to an Insecure Level by frack113 at Sigma Integrated Rule Set (GitHub) Detects use of executionpolicy option to set insecure policies
Matches rule Change PowerShell Policies to an Insecure Level - PowerShell by frack113 at Sigma Integrated Rule Set (GitHub) Detects use of Set-ExecutionPolicy to set insecure policies
Matches rule Suspicious Get-WmiObject by frack113 at Sigma Integrated Rule Set (GitHub) The infrastructure for management data and operations that enables local and remote management of Windows personal computers and servers
Matches rule Creation of an Executable by an Executable by frack113 at Sigma Integrated Rule Set (GitHub) Detects the creation of an executable by another executable