ThreatSniper v.1.0.9.376

Kongo

Kongo

Level 35
Thread author
Verified
Top Poster
Well-known
Feb 25, 2017
2,492
Just found a thread about this tool on Wilders and thought it would be worth sharing here.

In a security incident, time is everything. ThreatSniper speeds up the initial investigation process by presenting the analyst with a wealth of relevant information in a streamlined, time-saving layout, rather than having to use the following tools and features separately:

● Task manager
● Netstat
● VirusTotal lookups (for both files and IP addresses)
● Whois
● Smart hostname lookups
● Air-gapped mode: use any smartphone to perform real-time malware checks on an air-gapped / offline machine
Click to expand...
Website: Metasudo
 
  • Like
  • Thanks
  • +Reputation
Reactions: Zartarra, Mikesierra, Dave Russo and 13 others
B

Back3

Level 14
Verified
Top Poster
Apr 14, 2019
658
Got it. Nice tool. Thanks
One security vendor flagged the exe as malicious in Virus Total!

Capture.PNG
 
Last edited:
  • Like
Reactions: Dave Russo, bayasdev, Venustus and 7 others
Stopspying

Stopspying

Level 19
Verified
Top Poster
Well-known
Jan 21, 2018
814
Thanks for the heads up about this, this could be very useful. It would be even better if you could resize the window, it seems to be stuck on the default size.

I use MT far more than Wilders so I may well have missed this there, or perhaps I should spend more time there! SSShhh don't tell the mods here I said that! If anyone has a secret way to gain an extra few hours in each day I'd appreciate knowing what it is.
 
  • Like
  • HaHa
Reactions: Dave Russo, Venustus, roger_m and 5 others
Kongo

Kongo

Level 35
Thread author
Verified
Top Poster
Well-known
Feb 25, 2017
2,492
Stopspying said:
Thanks for the heads up about this, this could be very useful. It would be even better if you could resize the window, it seems to be stuck on the default size.

I use MT far more than Wilders so I may well have missed this there, or perhaps I should spend more time there! SSShhh don't tell the mods here I said that! If anyone has a secret way to gain an extra few hours in each day I'd appreciate knowing what it is.
Click to expand...
I just scroll through the latest replies on Wilders from time to time. MT is my home after all. 😄
 
  • Like
  • HaHa
Reactions: Dave Russo, Venustus, SeriousHoax and 4 others
Stopspying

Stopspying

Level 19
Verified
Top Poster
Well-known
Jan 21, 2018
814
CyberDevil said:
For some reason, it does not show data from VirusTotal. What am I doing wrong? :rolleyes:
View attachment 257777
Click to expand...

SecureKongo said:
Same for me with some processes...
Click to expand...
I had that happen to me when I first ran ThreatSniper. I checked my connections so I knew it wasn't them, I restarted the program and it connected to VirusTotal OK after that. Hope that works for you as well. Do your firewalls allow it to access the internet?
 
  • Like
  • Thanks
Reactions: Dave Russo, Venustus, SeriousHoax and 3 others
Kongo

Kongo

Level 35
Thread author
Verified
Top Poster
Well-known
Feb 25, 2017
2,492
Stopspying said:
I had that happen to me when I first ran ThreatSniper. I checked my connections so I knew it wasn't them, I restarted the program and it connected to VirusTotal OK after that. Hope that works for you as well. Do your firewalls allow it to access the internet?
Click to expand...
Doesn't help... I think I'll stick with System Explorer or Process Explorer. 😄
 
  • Like
  • Applause
Reactions: Dave Russo, Venustus, SeriousHoax and 3 others
Stopspying

Stopspying

Level 19
Verified
Top Poster
Well-known
Jan 21, 2018
814
Stopspying said:
I had that happen to me when I first ran ThreatSniper. I checked my connections so I knew it wasn't them, I restarted the program and it connected to VirusTotal OK after that. Hope that works for you as well. Do your firewalls allow it to access the internet?
Click to expand...
The VirusTotal results that I get which suggest an issue (1/74) are all for security type programs - SpyShelter, CF, Windscribe, SurfShark, F-Secure and Threatsniper itself. Yes, there are two VPNs and two firewalls in that list, I swapped them over to see if anything was flagged from a second product after I saw that the first one had one negative result.
 
  • Like
Reactions: Dave Russo, Venustus, SeriousHoax and 1 other person
SeriousHoax

SeriousHoax

Level 47
Verified
Top Poster
Well-known
Mar 16, 2019
3,633
  • Like
Reactions: Zeitas, Stopspying, Venustus and 3 others

Similar threads

Bot
    • Like
Analysis of a targeted attack exploiting the WinRar CVE-2018-20250 vulnerability
Replies
4
Views
1,600
Microsoft Defender
Andrew3000
Andrew3000
Bot
    • Like
  • Locked
Poisoned peer-to-peer app kicked off Dofoil coin miner outbreak
Replies
1
Views
1,401
Microsoft Defender
shmu26
shmu26
omidomi
    • Like
Kaspersky: ProjectSauron, aka Strider, rivals the most elite APTs in sophistication
Replies
1
Views
1,288
Malware Analysis Archive
_CyberGhosT_
_CyberGhosT_

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top