Soc138 Detected Suspicious Xls File

Soc138 Detected Suspicious Xls File


LetsDefend

ssh_command.

Buscamos la ip en el administrador de logs.

ssh_command.

ssh_command.

https://www.virustotal.com/gui/file/7bcd31bd41686c32663c7cabf42b18c50399e3b3b4533fc2ff002d9f2e058813/details

ssh_command.

Vemos los resultados:

ssh_command.

A la mano derecha le damos click a crear un caso ’>>’

ssh_command.

ssh_command.

Escogemos la primera opcion ‘Unknown or unexpected outgoing internet traffic.’

Le damos click a Next.

ssh_command.

Le damos click a Not quarantined.

ssh_command.

Le damos click a Malicious.

ssh_command.

Le damos click a Accessed.

ssh_command.

Le damos click a Next.

ssh_command.

Le damos click a Next.

ssh_command.

Le damos click a Next.

ssh_command.

Cerramos el caso.

ssh_command.

© 2026 Cu3rv0x