Spectra Assure
Community
Docs

Behaviors

List of software behaviors discovered with static code analysis.

Downloads a file. (x1)
network
Uses a Python script interpreter. (x10)
execution
Opens a TCP connection to a remote server. (x1)
network
Contains URLs that link to interesting file formats. (x20)
network
Contains URLs that link to raw files on GitHub. (x1)
network
Creates a process. (x5)
execution
Decodes hex or base64-encoded streams. (x1)
packer
Contains URLs with suspicious path components. (x1)
network
Contains URLs that use suspicious top-level domains. (x2)
network
Deletes a file/directory. (x10)
file