weird appended characters to the csv #258
Comments
|
I don't know if I mentioned this before but please consider using THOR Lite because - as the README states - this project is not actively maintained anymore |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
executing the following command
loki.exe -p "Q:\pid" --force --csv --logfolder "C:\Users\xxxxx\Downloads\loki_0.51.0\loki\loggy" --onlyrelevant --allreasons --intense --vulnchecks --scriptanalysis --noprocscan > C:\Users\xxxxx\Downloads\loki_0.51.0\loki\loggy\scan_results.csv
and appended data to the csv is weird with this command but some warning data is valid as follows
�-�\�|�/�-�\�|�/�-�\�|�/�-�\�|�/�-�\�|�/�-�\�|�/�-�\�|�/�-�\�|�/�-�\�|�/�-�\�|�/�-�\�|�/�-�\�|�/�-�\�|�/�-�\�|�/�|�/�-�\�|�/�-�\�|�/�-�\�|�/�-�\�|�/�-�\�|�/�-�\�|�/�-�\�|�/�-�\�|�/�-�\�|�/�-�\�|�/�-�\�|�/�-�\�|�/�-�\�|�/�-�\�|�/�-�\�|�/�-�\�|�/�-�\�|�/�-20241030T09:22:00Z,DESKTOP-C8NKLVR,WARNING,FILE: Q:\pid\4\vmemd\0xffffb001f4980000.vmem SCORE: 60 TYPE: UNKNOWN SIZE: 524288 FIRST_BYTES: 75794d4c305a060a2b06010401823702010c314c / <filter object at 0x000002D4AA7C8EE0> MD5: 9220b0b1206a00b875e593fafe43db42 SHA1: ec60207104188d62e91e529b2cb6ab17f822b96f SHA256: c08470cfc55ba1737ceb806d5c9e983537b11a4ccc33eee7e618a034f9bff670 CREATED: Wed Oct 30 09:23:02 2024 MODIFIED: Wed Oct 30 09:23:02 2024 ACCESSED: Wed Oct 30 09:23:02 2024 REASON_1: Yara Rule MATCH: CoinMiner_Strings SUBSCORE: 60 DESCRIPTION: Detects mining pool protocol string in Executable REF: https://minergate.com/faq/what-pool-address AUTHOR: Florian Roth (Nextron Systems) MATCHES: $sa1: 'stratum+tcp://'
�\�|�/�-�\�|�/�-�\�|�/�-�\�|�/�-�\�|�/�-�\�|�/�-�\�|�/�-�\�|�/�-�\�|�/�-�\�|�/�-�\�|�/�-�\�|�/�-�\�|�/�-�\�|�/
the weird characters are in the first column of the csv
thanks
The text was updated successfully, but these errors were encountered: