This article describes how to list detections from an endpoint for the scan initiated from Palo Alto Networks Cortex™ XSOAR.
Base command
malwarebytes-get-scan-detectionsInput
| Argument name | Description | Required |
|---|---|---|
| job_id | The job ID of the initiated Scan actions only. | Required |
Context Output
| Path | Type | Description |
|---|---|---|
| Malwarebytes.Scan.Job_ID | string | The job-id of the initiated Scan/Isolation/Deisolation actions. |
| Malwarebytes.Scan.Status | string | The scan Status for the host. |
| Malwarebytes.Scan.Detections | string | Scan detections for the host. |
Command example
!malwarebytes-get-scan-detections job_id=931f63ca-e14f-43ad-85d2-3eb8236f1bddContext example
{
"Malwarebytes.Scan": {
"Status": "COMPLETED",
"Detections": [
{
"category": "arw",
"status": "found",
"machine_name": "DESKTOP-664HFM6",
"reported_at": "2020-03-03T13:28:57.393772Z",
"threat_name": "Ransom.Ekati",
"path": "C:\\USERS\\ROHIN SAMBATH KUMAR\\DESKTOP\\CCOKDBVT\\MHTQR4AW1913.EXE",
"machine_id": "5074ade3-5716-44d8-83c7-5985379c0399",
"type": [
"file"
]
},
{
"category": "arw",
"status": "found",
"machine_name": "DESKTOP-664HFM6",
"reported_at": "2020-03-03T13:28:57.393772Z",
"threat_name": "Ransom.FileLocker",
"path": "C:\\USERS\\ROHIN SAMBATH KUMAR\\DESKTOP\\CCOKDBVT\\EKATI3479.EXE",
"machine_id": "5074ade3-5716-44d8-83c7-5985379c0399",
"type": [
"file"
]
},
{
"category": "arw",
"status": "found",
"machine_name": "DESKTOP-664HFM6",
"reported_at": "2020-03-03T13:28:57.393772Z",
"threat_name": "Ransom.Ekati",
"path": "C:\\USERS\\ROHIN SAMBATH KUMAR\\DESKTOP\\CCOKDBVT\\5WRQN2VY9117.EXE",
"machine_id": "5074ade3-5716-44d8-83c7-5985379c0399",
"type": [
"file"
]
},
{
"category": "arw",
"status": "found",
"machine_name": "DESKTOP-664HFM6",
"reported_at": "2020-03-03T13:28:57.393772Z",
"threat_name": "Ransom.FileLocker",
"path": "C:\\USERS\\ROHIN SAMBATH KUMAR\\DESKTOP\\AMDSCQBK\\EKATI3234.EXE",
"machine_id": "5074ade3-5716-44d8-83c7-5985379c0399",
"type": [
"file"
]
},
{
"category": "arw",
"status": "found",
"machine_name": "DESKTOP-664HFM6",
"reported_at": "2020-03-03T13:28:57.393772Z",
"threat_name": "Ransom.FileLocker",
"path": "C:\\USERS\\ROHIN SAMBATH KUMAR\\DESKTOP\\RKSUGKK2\\EKATI1111.EXE",
"machine_id": "5074ade3-5716-44d8-83c7-5985379c0399",
"type": [
"file"
]
},
{
"category": "arw",
"status": "found",
"machine_name": "DESKTOP-664HFM6",
"reported_at": "2020-03-03T13:28:57.393772Z",
"threat_name": "Ransom.Ekati",
"path": "C:\\USERS\\ROHIN SAMBATH KUMAR\\DESKTOP\\RKSUGKK2\\5IPWAWNR7377.EXE",
"machine_id": "5074ade3-5716-44d8-83c7-5985379c0399",
"type": [
"file"
]
},
{
"category": "arw",
"status": "found",
"machine_name": "DESKTOP-664HFM6",
"reported_at": "2020-03-03T13:28:57.393772Z",
"threat_name": "Ransom.Ekati",
"path": "C:\\USERS\\ROHIN SAMBATH KUMAR\\DESKTOP\\REAQNH4P\\UWAEL22C6434.EXE",
"machine_id": "5074ade3-5716-44d8-83c7-5985379c0399",
"type": [
"file"
]
},
{
"category": "arw",
"status": "found",
"machine_name": "DESKTOP-664HFM6",
"reported_at": "2020-03-03T13:28:57.393772Z",
"threat_name": "Ransom.Ekati",
"path": "C:\\USERS\\ROHIN SAMBATH KUMAR\\DESKTOP\\REAQNH4P\\GJL0GTPS2496.EXE",
"machine_id": "5074ade3-5716-44d8-83c7-5985379c0399",
"type": [
"file"
]
},
{
"category": "arw",
"status": "found",
"machine_name": "DESKTOP-664HFM6",
"reported_at": "2020-03-03T13:28:57.393772Z",
"threat_name": "Ransom.FileLocker",
"path": "C:\\USERS\\ROHIN SAMBATH KUMAR\\DESKTOP\\REAQNH4P\\EKATI5786.EXE",
"machine_id": "5074ade3-5716-44d8-83c7-5985379c0399",
"type": [
"file"
]
},
{
"category": "arw",
"status": "found",
"machine_name": "DESKTOP-664HFM6",
"reported_at": "2020-03-03T13:28:57.393772Z",
"threat_name": "Ransom.Ekati",
"path": "C:\\USERS\\ROHIN SAMBATH KUMAR\\DESKTOP\\REAQNH4P\\AAWK4JEC6577.EXE",
"machine_id": "5074ade3-5716-44d8-83c7-5985379c0399",
"type": [
"file"
]
},
{
"category": "arw",
"status": "found",
"machine_name": "DESKTOP-664HFM6",
"reported_at": "2020-03-03T13:28:57.393772Z",
"threat_name": "Ransom.FileLocker",
"path": "C:\\USERS\\ROHIN SAMBATH KUMAR\\DESKTOP\\R5QH05OL\\EKATI5120.EXE",
"machine_id": "5074ade3-5716-44d8-83c7-5985379c0399",
"type": [
"file"
]
},
{
"category": "arw",
"status": "found",
"machine_name": "DESKTOP-664HFM6",
"reported_at": "2020-03-03T13:28:57.393772Z",
"threat_name": "Ransom.FileLocker",
"path": "C:\\USERS\\ROHIN SAMBATH KUMAR\\DESKTOP\\QJTCQTO5\\EKATI3976.EXE",
"machine_id": "5074ade3-5716-44d8-83c7-5985379c0399",
"type": [
"file"
]
},
{
"category": "arw",
"status": "found",
"machine_name": "DESKTOP-664HFM6",
"reported_at": "2020-03-03T13:28:57.393772Z",
"threat_name": "Ransom.FileLocker",
"path": "C:\\USERS\\ROHIN SAMBATH KUMAR\\DESKTOP\\QGZQD505\\EKATI6903.EXE",
"machine_id": "5074ade3-5716-44d8-83c7-5985379c0399",
"type": [
"file"
]
},
{
"category": "arw",
"status": "found",
"machine_name": "DESKTOP-664HFM6",
"reported_at": "2020-03-03T13:28:57.393772Z",
"threat_name": "Ransom.FileLocker",
"path": "C:\\USERS\\ROHIN SAMBATH KUMAR\\DESKTOP\\QDI3PGI1\\EKATI8011.EXE",
"machine_id": "5074ade3-5716-44d8-83c7-5985379c0399",
"type": [
"file"
]
},
{
"category": "arw",
"status": "found",
"machine_name": "DESKTOP-664HFM6",
"reported_at": "2020-03-03T13:28:57.393772Z",
"threat_name": "Ransom.FileLocker",
"path": "C:\\USERS\\ROHIN SAMBATH KUMAR\\DESKTOP\\PHVALVXM\\EKATI5172.EXE",
"machine_id": "5074ade3-5716-44d8-83c7-5985379c0399",
"type": [
"file"
]
},
{
"category": "arw",
"status": "found",
"machine_name": "DESKTOP-664HFM6",
"reported_at": "2020-03-03T13:28:57.393772Z",
"threat_name": "Ransom.FileLocker",
"path": "C:\\USERS\\ROHIN SAMBATH KUMAR\\DESKTOP\\PCHQV24F\\EKATI8221.EXE",
"machine_id": "5074ade3-5716-44d8-83c7-5985379c0399",
"type": [
"file"
]
},
{
"category": "arw",
"status": "found",
"machine_name": "DESKTOP-664HFM6",
"reported_at": "2020-03-03T13:28:57.393772Z",
"threat_name": "Ransom.Ekati",
"path": "C:\\USERS\\ROHIN SAMBATH KUMAR\\DESKTOP\\PCHQV24F\\0LI1UX235485.EXE",
"machine_id": "5074ade3-5716-44d8-83c7-5985379c0399",
"type": [
"file"
]
},
{
"category": "arw",
"status": "found",
"machine_name": "DESKTOP-664HFM6",
"reported_at": "2020-03-03T13:28:57.393772Z",
"threat_name": "Ransom.FileLocker",
"path": "C:\\USERS\\ROHIN SAMBATH KUMAR\\DESKTOP\\OX4R0SZA\\EKATI6865.EXE",
"machine_id": "5074ade3-5716-44d8-83c7-5985379c0399",
"type": [
"file"
]
},
{
"category": "arw",
"status": "found",
"machine_name": "DESKTOP-664HFM6",
"reported_at": "2020-03-03T13:28:57.393772Z",
"threat_name": "Ransom.FileLocker",
"path": "C:\\USERS\\ROHIN SAMBATH KUMAR\\DESKTOP\\K2LXHNO1\\EKATI6770.EXE",
"machine_id": "5074ade3-5716-44d8-83c7-5985379c0399",
"type": [
"file"
]
},
{
"category": "arw",
"status": "found",
"machine_name": "DESKTOP-664HFM6",
"reported_at": "2020-03-03T13:28:57.393772Z",
"threat_name": "Ransom.FileLocker",
"path": "C:\\USERS\\ROHIN SAMBATH KUMAR\\DESKTOP\\K1UQJ5KL\\EKATI1034.EXE",
"machine_id": "5074ade3-5716-44d8-83c7-5985379c0399",
"type": [
"file"
]
},
{
"category": "arw",
"status": "found",
"machine_name": "DESKTOP-664HFM6",
"reported_at": "2020-03-03T13:28:57.393772Z",
"threat_name": "Ransom.FileLocker",
"path": "C:\\USERS\\ROHIN SAMBATH KUMAR\\DESKTOP\\JI4PZP0K\\EKATI5574.EXE",
"machine_id": "5074ade3-5716-44d8-83c7-5985379c0399",
"type": [
"file"
]
},
{
"category": "arw",
"status": "found",
"machine_name": "DESKTOP-664HFM6",
"reported_at": "2020-03-03T13:28:57.393772Z",
"threat_name": "Ransom.FileLocker",
"path": "C:\\USERS\\ROHIN SAMBATH KUMAR\\DESKTOP\\ICOWWYNX\\EKATI7940.EXE",
"machine_id": "5074ade3-5716-44d8-83c7-5985379c0399",
"type": [
"file"
]
},
{
"category": "arw",
"status": "found",
"machine_name": "DESKTOP-664HFM6",
"reported_at": "2020-03-03T13:28:57.393772Z",
"threat_name": "Ransom.FileLocker",
"path": "C:\\USERS\\ROHIN SAMBATH KUMAR\\DESKTOP\\HUOBVYD0\\EKATI8486.EXE",
"machine_id": "5074ade3-5716-44d8-83c7-5985379c0399",
"type": [
"file"
]
},
{
"category": "arw",
"status": "found",
"machine_name": "DESKTOP-664HFM6",
"reported_at": "2020-03-03T13:28:57.393772Z",
"threat_name": "Ransom.FileLocker",
"path": "C:\\USERS\\ROHIN SAMBATH KUMAR\\DESKTOP\\H0LKYXKH\\EKATI6183.EXE",
"machine_id": "5074ade3-5716-44d8-83c7-5985379c0399",
"type": [
"file"
]
},
{
"category": "arw",
"status": "found",
"machine_name": "DESKTOP-664HFM6",
"reported_at": "2020-03-03T13:28:57.393772Z",
"threat_name": "Ransom.FileLocker",
"path": "C:\\USERS\\ROHIN SAMBATH KUMAR\\DESKTOP\\ZWIZHTVD\\EKATI6050.EXE",
"machine_id": "5074ade3-5716-44d8-83c7-5985379c0399",
"type": [
"file"
]
},
{
"category": "arw",
"status": "found",
"machine_name": "DESKTOP-664HFM6",
"reported_at": "2020-03-03T13:28:57.393772Z",
"threat_name": "Ransom.FileLocker",
"path": "C:\\USERS\\ROHIN SAMBATH KUMAR\\DESKTOP\\ZAAN0543\\EKATI4385.EXE",
"machine_id": "5074ade3-5716-44d8-83c7-5985379c0399",
"type": [
"file"
]
},
{
"category": "arw",
"status": "found",
"machine_name": "DESKTOP-664HFM6",
"reported_at": "2020-03-03T13:28:57.393772Z",
"threat_name": "Ransom.FileLocker",
"path": "C:\\USERS\\ROHIN SAMBATH KUMAR\\DESKTOP\\YWDLSBOE\\EKATI7806.EXE",
"machine_id": "5074ade3-5716-44d8-83c7-5985379c0399",
"type": [
"file"
]
},
{
"category": "arw",
"status": "found",
"machine_name": "DESKTOP-664HFM6",
"reported_at": "2020-03-03T13:28:57.393772Z",
"threat_name": "Ransom.Ekati",
"path": "C:\\USERS\\ROHIN SAMBATH KUMAR\\DESKTOP\\XXQBCKEL\\Y2YWHFY47970.EXE",
"machine_id": "5074ade3-5716-44d8-83c7-5985379c0399",
"type": [
"file"
]
},
{
"category": "arw",
"status": "found",
"machine_name": "DESKTOP-664HFM6",
"reported_at": "2020-03-03T13:28:57.393772Z",
"threat_name": "Ransom.Ekati",
"path": "C:\\USERS\\ROHIN SAMBATH KUMAR\\DESKTOP\\XXQBCKEL\\HVAVEBY58253.EXE",
"machine_id": "5074ade3-5716-44d8-83c7-5985379c0399",
"type": [
"file"
]
},
{
"category": "arw",
"status": "found",
"machine_name": "DESKTOP-664HFM6",
"reported_at": "2020-03-03T13:28:57.393772Z",
"threat_name": "Ransom.FileLocker",
"path": "C:\\USERS\\ROHIN SAMBATH KUMAR\\DESKTOP\\XXQBCKEL\\EKATI6877.EXE",
"machine_id": "5074ade3-5716-44d8-83c7-5985379c0399",
"type": [
"file"
]
},
{
"category": "arw",
"status": "found",
"machine_name": "DESKTOP-664HFM6",
"reported_at": "2020-03-03T13:28:57.393772Z",
"threat_name": "Ransom.FileLocker",
"path": "C:\\USERS\\ROHIN SAMBATH KUMAR\\DESKTOP\\XDFR4BMU\\EKATI1611.EXE",
"machine_id": "5074ade3-5716-44d8-83c7-5985379c0399",
"type": [
"file"
]
},
{
"category": "arw",
"status": "found",
"machine_name": "DESKTOP-664HFM6",
"reported_at": "2020-03-03T13:28:57.393772Z",
"threat_name": "Ransom.FileLocker",
"path": "C:\\USERS\\ROHIN SAMBATH KUMAR\\DESKTOP\\X5IN24J2\\EKATI2562.EXE",
"machine_id": "5074ade3-5716-44d8-83c7-5985379c0399",
"type": [
"file"
]
},
{
"category": "arw",
"status": "found",
"machine_name": "DESKTOP-664HFM6",
"reported_at": "2020-03-03T13:28:57.393772Z",
"threat_name": "Ransom.FileLocker",
"path": "C:\\USERS\\ROHIN SAMBATH KUMAR\\DESKTOP\\X3DL34QB\\EKATI4718.EXE",
"machine_id": "5074ade3-5716-44d8-83c7-5985379c0399",
"type": [
"file"
]
},
{
"category": "arw",
"status": "found",
"machine_name": "DESKTOP-664HFM6",
"reported_at": "2020-03-03T13:28:57.393772Z",
"threat_name": "Ransom.FileLocker",
"path": "C:\\USERS\\ROHIN SAMBATH KUMAR\\DESKTOP\\WAWZXFJU\\EKATI3613.EXE",
"machine_id": "5074ade3-5716-44d8-83c7-5985379c0399",
"type": [
"file"
]
},
{
"category": "arw",
"status": "found",
"machine_name": "DESKTOP-664HFM6",
"reported_at": "2020-03-03T13:28:57.393772Z",
"threat_name": "Ransom.FileLocker",
"path": "C:\\USERS\\ROHIN SAMBATH KUMAR\\DESKTOP\\VAIVLV51\\EKATI2378.EXE",
"machine_id": "5074ade3-5716-44d8-83c7-5985379c0399",
"type": [
"file"
]
},
{
"category": "arw",
"status": "found",
"machine_name": "DESKTOP-664HFM6",
"reported_at": "2020-03-03T13:28:57.393772Z",
"threat_name": "Ransom.Ekati",
"path": "C:\\USERS\\ROHIN SAMBATH KUMAR\\DESKTOP\\FW3M1KTG\\NKWWQ5337273.EXE",
"machine_id": "5074ade3-5716-44d8-83c7-5985379c0399",
"type": [
"file"
]
},
{
"category": "arw",
"status": "found",
"machine_name": "DESKTOP-664HFM6",
"reported_at": "2020-03-03T13:28:57.393772Z",
"threat_name": "Ransom.Ekati",
"path": "C:\\USERS\\ROHIN SAMBATH KUMAR\\DESKTOP\\FW3M1KTG\\KQDYZ5DZ2805.EXE",
"machine_id": "5074ade3-5716-44d8-83c7-5985379c0399",
"type": [
"file"
]
},
{
"category": "arw",
"status": "found",
"machine_name": "DESKTOP-664HFM6",
"reported_at": "2020-03-03T13:28:57.393772Z",
"threat_name": "Ransom.FileLocker",
"path": "C:\\USERS\\ROHIN SAMBATH KUMAR\\DESKTOP\\FW3M1KTG\\EKATI8812.EXE",
"machine_id": "5074ade3-5716-44d8-83c7-5985379c0399",
"type": [
"file"
]
},
{
"category": "arw",
"status": "found",
"machine_name": "DESKTOP-664HFM6",
"reported_at": "2020-03-03T13:28:57.393772Z",
"threat_name": "Ransom.FileLocker",
"path": "C:\\USERS\\ROHIN SAMBATH KUMAR\\DESKTOP\\FNKI23QO\\EKATI9379.EXE",
"machine_id": "5074ade3-5716-44d8-83c7-5985379c0399",
"type": [
"file"
]
},
{
"category": "arw",
"status": "found",
"machine_name": "DESKTOP-664HFM6",
"reported_at": "2020-03-03T13:28:57.393772Z",
"threat_name": "Ransom.FileLocker",
"path": "C:\\USERS\\ROHIN SAMBATH KUMAR\\DESKTOP\\FMULGDCG\\EKATI5361.EXE",
"machine_id": "5074ade3-5716-44d8-83c7-5985379c0399",
"type": [
"file"
]
},
{
"category": "arw",
"status": "found",
"machine_name": "DESKTOP-664HFM6",
"reported_at": "2020-03-03T13:28:57.393772Z",
"threat_name": "Ransom.FileLocker",
"path": "C:\\USERS\\ROHIN SAMBATH KUMAR\\DESKTOP\\EZ3VSVR0\\EKATI3626.EXE",
"machine_id": "5074ade3-5716-44d8-83c7-5985379c0399",
"type": [
"file"
]
},
{
"category": "arw",
"status": "found",
"machine_name": "DESKTOP-664HFM6",
"reported_at": "2020-03-03T13:28:57.393772Z",
"threat_name": "Ransom.FileLocker",
"path": "C:\\USERS\\ROHIN SAMBATH KUMAR\\DESKTOP\\DYEBLIJJ\\EKATI2757.EXE",
"machine_id": "5074ade3-5716-44d8-83c7-5985379c0399",
"type": [
"file"
]
},
{
"category": "arw",
"status": "found",
"machine_name": "DESKTOP-664HFM6",
"reported_at": "2020-03-03T13:28:57.393772Z",
"threat_name": "Ransom.FileLocker",
"path": "C:\\USERS\\ROHIN SAMBATH KUMAR\\DESKTOP\\DVM05IV0\\EKATI4168.EXE",
"machine_id": "5074ade3-5716-44d8-83c7-5985379c0399",
"type": [
"file"
]
},
{
"category": "arw",
"status": "found",
"machine_name": "DESKTOP-664HFM6",
"reported_at": "2020-03-03T13:28:57.393772Z",
"threat_name": "Ransom.FileLocker",
"path": "C:\\USERS\\ROHIN SAMBATH KUMAR\\DESKTOP\\DKI4HFKX\\EKATI2083.EXE",
"machine_id": "5074ade3-5716-44d8-83c7-5985379c0399",
"type": [
"file"
]
},
{
"category": "arw",
"status": "found",
"machine_name": "DESKTOP-664HFM6",
"reported_at": "2020-03-03T13:28:57.393772Z",
"threat_name": "Ransom.FileLocker",
"path": "C:\\USERS\\ROHIN SAMBATH KUMAR\\DESKTOP\\TXS354JE\\EKATI7864.EXE",
"machine_id": "5074ade3-5716-44d8-83c7-5985379c0399",
"type": [
"file"
]
},
{
"category": "arw",
"status": "found",
"machine_name": "DESKTOP-664HFM6",
"reported_at": "2020-03-03T13:28:57.393772Z",
"threat_name": "Ransom.FileLocker",
"path": "C:\\USERS\\ROHIN SAMBATH KUMAR\\DESKTOP\\TFDVXDEW\\EKATI3594.EXE",
"machine_id": "5074ade3-5716-44d8-83c7-5985379c0399",
"type": [
"file"
]
},
{
"category": "arw",
"status": "found",
"machine_name": "DESKTOP-664HFM6",
"reported_at": "2020-03-03T13:28:57.393772Z",
"threat_name": "Ransom.FileLocker",
"path": "C:\\USERS\\ROHIN SAMBATH KUMAR\\DESKTOP\\TCERNEHR\\EKATI3060.EXE",
"machine_id": "5074ade3-5716-44d8-83c7-5985379c0399",
"type": [
"file"
]
},
{
"category": "arw",
"status": "found",
"machine_name": "DESKTOP-664HFM6",
"reported_at": "2020-03-03T13:28:57.393772Z",
"threat_name": "Ransom.FileLocker",
"path": "C:\\USERS\\ROHIN SAMBATH KUMAR\\DESKTOP\\SSODDPVL\\EKATI3273.EXE",
"machine_id": "5074ade3-5716-44d8-83c7-5985379c0399",
"type": [
"file"
]
},
{
"category": "arw",
"status": "found",
"machine_name": "DESKTOP-664HFM6",
"reported_at": "2020-03-03T13:28:57.393772Z",
"threat_name": "Ransom.Ekati",
"path": "C:\\USERS\\ROHIN SAMBATH KUMAR\\DESKTOP\\SK4GT55H\\NSMDWPVW1226.EXE",
"machine_id": "5074ade3-5716-44d8-83c7-5985379c0399",
"type": [
"file"
]
},
{
"category": "arw",
"status": "found",
"machine_name": "DESKTOP-664HFM6",
"reported_at": "2020-03-03T13:28:57.393772Z",
"threat_name": "Ransom.FileLocker",
"path": "C:\\USERS\\ROHIN SAMBATH KUMAR\\DESKTOP\\SK4GT55H\\EKATI6166.EXE",
"machine_id": "5074ade3-5716-44d8-83c7-5985379c0399",
"type": [
"file"
]
},
{
"category": "arw",
"status": "found",
"machine_name": "DESKTOP-664HFM6",
"reported_at": "2020-03-03T13:28:57.393772Z",
"threat_name": "Ransom.FileLocker",
"path": "C:\\USERS\\ROHIN SAMBATH KUMAR\\DESKTOP\\SJRCS2D5\\EKATI3838.EXE",
"machine_id": "5074ade3-5716-44d8-83c7-5985379c0399",
"type": [
"file"
]
},
{
"category": "arw",
"status": "found",
"machine_name": "DESKTOP-664HFM6",
"reported_at": "2020-03-03T13:28:57.393772Z",
"threat_name": "Ransom.FileLocker",
"path": "C:\\USERS\\ROHIN SAMBATH KUMAR\\DESKTOP\\S0RPYHDI\\EKATI1244.EXE",
"machine_id": "5074ade3-5716-44d8-83c7-5985379c0399",
"type": [
"file"
]
},
{
"category": "arw",
"status": "found",
"machine_name": "DESKTOP-664HFM6",
"reported_at": "2020-03-03T13:28:57.393772Z",
"threat_name": "Ransom.FileLocker",
"path": "C:\\USERS\\ROHIN SAMBATH KUMAR\\DESKTOP\\MDX3HHPZ\\EKATI7764.EXE",
"machine_id": "5074ade3-5716-44d8-83c7-5985379c0399",
"type": [
"file"
]
},
{
"category": "arw",
"status": "found",
"machine_name": "DESKTOP-664HFM6",
"reported_at": "2020-03-03T13:28:57.393772Z",
"threat_name": "Ransom.Ekati",
"path": "C:\\USERS\\ROHIN SAMBATH KUMAR\\DESKTOP\\MA2EZOX5\\HURT2A3R4366.EXE",
"machine_id": "5074ade3-5716-44d8-83c7-5985379c0399",
"type": [
"file"
]
},
{
"category": "arw",
"status": "found",
"machine_name": "DESKTOP-664HFM6",
"reported_at": "2020-03-03T13:28:57.393772Z",
"threat_name": "Ransom.Ekati",
"path": "C:\\USERS\\ROHIN SAMBATH KUMAR\\DESKTOP\\MA2EZOX5\\GVXQMXK04108.EXE",
"machine_id": "5074ade3-5716-44d8-83c7-5985379c0399",
"type": [
"file"
]
},
{
"category": "arw",
"status": "found",
"machine_name": "DESKTOP-664HFM6",
"reported_at": "2020-03-03T13:28:57.393772Z",
"threat_name": "Ransom.FileLocker",
"path": "C:\\USERS\\ROHIN SAMBATH KUMAR\\DESKTOP\\MA2EZOX5\\EKATI5862.EXE",
"machine_id": "5074ade3-5716-44d8-83c7-5985379c0399",
"type": [
"file"
]
},
{
"category": "arw",
"status": "found",
"machine_name": "DESKTOP-664HFM6",
"reported_at": "2020-03-03T13:28:57.393772Z",
"threat_name": "Ransom.FileLocker",
"path": "C:\\USERS\\ROHIN SAMBATH KUMAR\\DESKTOP\\LTMZR34O\\EKATI8397.EXE",
"machine_id": "5074ade3-5716-44d8-83c7-5985379c0399",
"type": [
"file"
]
},
{
"category": "arw",
"status": "found",
"machine_name": "DESKTOP-664HFM6",
"reported_at": "2020-03-03T13:28:57.393772Z",
"threat_name": "Ransom.FileLocker",
"path": "C:\\USERS\\ROHIN SAMBATH KUMAR\\DESKTOP\\5KE1T1MN\\EKATI3121.EXE",
"machine_id": "5074ade3-5716-44d8-83c7-5985379c0399",
"type": [
"file"
]
},
{
"category": "arw",
"status": "found",
"machine_name": "DESKTOP-664HFM6",
"reported_at": "2020-03-03T13:28:57.393772Z",
"threat_name": "Ransom.FileLocker",
"path": "C:\\USERS\\ROHIN SAMBATH KUMAR\\DESKTOP\\40ASYTIK\\EKATI2489.EXE",
"machine_id": "5074ade3-5716-44d8-83c7-5985379c0399",
"type": [
"file"
]
},
{
"category": "arw",
"status": "found",
"machine_name": "DESKTOP-664HFM6",
"reported_at": "2020-03-03T13:28:57.393772Z",
"threat_name": "Ransom.FileLocker",
"path": "C:\\USERS\\ROHIN SAMBATH KUMAR\\DESKTOP\\2VR0DR23\\EKATI9180.EXE",
"machine_id": "5074ade3-5716-44d8-83c7-5985379c0399",
"type": [
"file"
]
},
{
"category": "arw",
"status": "found",
"machine_name": "DESKTOP-664HFM6",
"reported_at": "2020-03-03T13:28:57.393772Z",
"threat_name": "Ransom.FileLocker",
"path": "C:\\USERS\\ROHIN SAMBATH KUMAR\\DESKTOP\\22PMRE41\\EKATI2935.EXE",
"machine_id": "5074ade3-5716-44d8-83c7-5985379c0399",
"type": [
"file"
]
},
{
"category": "arw",
"status": "found",
"machine_name": "DESKTOP-664HFM6",
"reported_at": "2020-03-03T13:28:57.393772Z",
"threat_name": "Ransom.FileLocker",
"path": "C:\\USERS\\ROHIN SAMBATH KUMAR\\DESKTOP\\1U0KTXL4\\EKATI4859.EXE",
"machine_id": "5074ade3-5716-44d8-83c7-5985379c0399",
"type": [
"file"
]
},
{
"category": "arw",
"status": "found",
"machine_name": "DESKTOP-664HFM6",
"reported_at": "2020-03-03T13:28:57.393772Z",
"threat_name": "Ransom.FileLocker",
"path": "C:\\USERS\\ROHIN SAMBATH KUMAR\\DESKTOP\\0TNNQOPO\\EKATI4374.EXE",
"machine_id": "5074ade3-5716-44d8-83c7-5985379c0399",
"type": [
"file"
]
},
{
"category": "arw",
"status": "found",
"machine_name": "DESKTOP-664HFM6",
"reported_at": "2020-03-03T13:28:57.393772Z",
"threat_name": "Ransom.Ekati",
"path": "C:\\USERS\\ROHIN SAMBATH KUMAR\\DESKTOP\\0TNNQOPO\\CHLGY5ZD1037.EXE",
"machine_id": "5074ade3-5716-44d8-83c7-5985379c0399",
"type": [
"file"
]
},
{
"category": "Malware",
"status": "found",
"machine_name": "DESKTOP-664HFM6",
"reported_at": "2020-03-03T13:28:57.393772Z",
"threat_name": "Generic.Malware/Suspicious",
"path": "C:\\USERS\\ROHIN SAMBATH KUMAR\\DESKTOP\\BIN3333.RAR",
"machine_id": "5074ade3-5716-44d8-83c7-5985379c0399",
"type": [
"file"
]
},
{
"category": "Malware",
"status": "found",
"machine_name": "DESKTOP-664HFM6",
"reported_at": "2020-03-03T13:28:57.393772Z",
"threat_name": "DDoSTool.Nitol",
"path": "C:\\USERS\\ROHIN SAMBATH KUMAR\\DESKTOP\\CCTV.EXE",
"machine_id": "5074ade3-5716-44d8-83c7-5985379c0399",
"type": [
"file"
]
},
{
"category": "PUP",
"status": "found",
"machine_name": "DESKTOP-664HFM6",
"reported_at": "2020-03-03T13:28:57.393772Z",
"threat_name": "PUP.Optional.Solimba",
"path": "C:\\USERS\\ROHIN SAMBATH KUMAR\\DESKTOP\\MICROSOFT OFFICE 2007 SERVICE PACK 2.EXE",
"machine_id": "5074ade3-5716-44d8-83c7-5985379c0399",
"type": [
"file"
]
},
{
"category": "Malware",
"status": "found",
"machine_name": "DESKTOP-664HFM6",
"reported_at": "2020-03-03T13:28:57.393772Z",
"threat_name": "Trojan.ServStart",
"path": "C:\\USERS\\ROHIN SAMBATH KUMAR\\DESKTOP\\FCK_RSC.DUMP",
"machine_id": "5074ade3-5716-44d8-83c7-5985379c0399",
"type": [
"file"
]
},
{
"category": "Malware",
"status": "found",
"machine_name": "DESKTOP-664HFM6",
"reported_at": "2020-03-03T13:28:57.393772Z",
"threat_name": "Generic.Malware/Suspicious",
"path": "C:\\USERS\\ROHIN SAMBATH KUMAR\\DESKTOP\\2211.RAR",
"machine_id": "5074ade3-5716-44d8-83c7-5985379c0399",
"type": [
"file"
]
}
],
"Job_ID": "931f63ca-e14f-43ad-85d2-3eb8236f1bdd"
}
}
Return to the table of contents.