From 0887b715daf689be710263d89c965216416a244e Mon Sep 17 00:00:00 2001 From: cccs-kevin Date: Mon, 5 Feb 2024 20:16:19 +0000 Subject: [PATCH] Manually updating test to confirm issue --- .../result.json | 30 +------------------ 1 file changed, 1 insertion(+), 29 deletions(-) diff --git a/tests/results/14158b01bd923506175ac3398625464ce2ad91d2a7924237621280e27b49f116/result.json b/tests/results/14158b01bd923506175ac3398625464ce2ad91d2a7924237621280e27b49f116/result.json index 9c62810a..e3862ae7 100644 --- a/tests/results/14158b01bd923506175ac3398625464ce2ad91d2a7924237621280e27b49f116/result.json +++ b/tests/results/14158b01bd923506175ac3398625464ce2ad91d2a7924237621280e27b49f116/result.json @@ -276,27 +276,6 @@ "title_text": "IOCs extracted by Box.js", "zeroize_on_tag_safe": false }, - { - "auto_collapse": false, - "body": "rundll32 C:\\ProgramData\\Trdce\\desired.dll, HUF_inc_var", - "body_config": {}, - "body_format": "TEXT", - "classification": "TLP:C", - "depth": 1, - "heuristic": null, - "promote_to": null, - "tags": { - "dynamic": { - "process": { - "command_line": [ - "rundll32 C:\\ProgramData\\Trdce\\desired.dll, HUF_inc_var" - ] - } - } - }, - "title_text": "The script ran the following commands", - "zeroize_on_tag_safe": false - }, { "auto_collapse": false, "body": "C:\\ProgramData\\Trdce\\desired.dll", @@ -491,7 +470,7 @@ "sha256": "4af7e12ad0e9238529121a173c6577a819f10a8c3c82226f372720fd04b04c8a" }, { - "name": "boxjs_cmds.bat", + "name": "extracted_wscript.bat", "sha256": "b20d210cb0e10059d191871493db534e3b2b95eb3d8ecb109734de2cb3446935" } ], @@ -588,13 +567,6 @@ } ], "tags": { - "dynamic.process.command_line": [ - { - "heur_id": null, - "signatures": [], - "value": "rundll32 C:\\ProgramData\\Trdce\\desired.dll, HUF_inc_var" - } - ], "dynamic.process.file_name": [ { "heur_id": null,