#5639 [Huntress Detection] LOW - Incident on KLAW-Cathy (CK Legal Services, PLLC)

Huntress detected the following Malware Artifacts on one of your managed hosts: - This is an artifact from persistent malware. The executable file has been removed, but the persistence mechanism used to start it is still present. Considering the low risk posed, you can follow the below remediation guidance at your convenience. Host: KLAW-Cathy - https://artichoke.huntress.io/org/48375/agents/951344 Organization: CK Legal Services, PLLC Tags: None Security Products: Windows Defender, Bitdefender Remediation Instructions ------------------------ To remediate, perform the actions below: - Remove the "c:/users/cathy/temp/wedtgjl4.vbs" file and ensure it is not recreated. Footholds --------- Foothold 1 - https://artichoke.huntress.io/org/48375/autoruns/5098163 Startup Path: c:/users/cathy/temp/wedtgjl4.vbs Command: c:/users/cathy/temp/wedtgjl4.vbs File Path: c:/users/cathy/temp/wedtgjl4.vbs VirusTotal Detections: 0 / 0 - https://www.virustotal.com/#/file/920062be50d4679cf84e5027089c9260638047ec76a65da62211daf06a9a6fda Thanks again for trusting Huntress and please don't hesitate to reach out to [email protected] if you have any questions.