CLEANED status
Nova malware family
HIGH severity
Endpoint Behavioral Guard triggered by
c:\windows\system32\reg.exe trigger
infostealer.win.clipper.a protection name
IEUser local user
ATTACK STATS
What sort of connections and processes were involved?
1 Unclassified
Connections
1 Suspicious
Processes
4 Suspicious
Files
1 Script
Processes
ENTRY POINT
How did it enter the system?
Incident started through vmtoolsd.exe
REMEDIATION
Were all incident created elements removed?
100%165/165
Terminated processes
100%21/21
Quarantined/Deleted files