Skip to content

Commit

Permalink
Manually updating test to confirm issue
Browse files Browse the repository at this point in the history
  • Loading branch information
cccs-kevin committed Feb 5, 2024
1 parent b55efe3 commit 0887b71
Showing 1 changed file with 1 addition and 29 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -276,27 +276,6 @@
"title_text": "IOCs extracted by Box.js",
"zeroize_on_tag_safe": false
},
{
"auto_collapse": false,
"body": "rundll32 C:\\ProgramData\\Trdce\\desired.dll, HUF_inc_var",
"body_config": {},
"body_format": "TEXT",
"classification": "TLP:C",
"depth": 1,
"heuristic": null,
"promote_to": null,
"tags": {
"dynamic": {
"process": {
"command_line": [
"rundll32 C:\\ProgramData\\Trdce\\desired.dll, HUF_inc_var"
]
}
}
},
"title_text": "The script ran the following commands",
"zeroize_on_tag_safe": false
},
{
"auto_collapse": false,
"body": "C:\\ProgramData\\Trdce\\desired.dll",
Expand Down Expand Up @@ -491,7 +470,7 @@
"sha256": "4af7e12ad0e9238529121a173c6577a819f10a8c3c82226f372720fd04b04c8a"
},
{
"name": "boxjs_cmds.bat",
"name": "extracted_wscript.bat",
"sha256": "b20d210cb0e10059d191871493db534e3b2b95eb3d8ecb109734de2cb3446935"
}
],
Expand Down Expand Up @@ -588,13 +567,6 @@
}
],
"tags": {
"dynamic.process.command_line": [
{
"heur_id": null,
"signatures": [],
"value": "rundll32 C:\\ProgramData\\Trdce\\desired.dll, HUF_inc_var"
}
],
"dynamic.process.file_name": [
{
"heur_id": null,
Expand Down

0 comments on commit 0887b71

Please sign in to comment.