AMSI Module

The AMSI Module for FireEye Endpoint Security monitors and detects suspicious scripts utilizing the AMSI interface on Windows OS.

AMSI Module detects the execution of malicious scripts using AMSI interface to send script objects for additional FireEye Endpoint Security scan. An event with detection metadata is sent to Endpoint Security (HX) controller which will be viewable in Alerts page.

This TechPreview release of AMSI Module is supported on Endpoint Security 5.0.4 with xAgent v32.30.0 

Note: AMSI Module v1.1.0 will NOT work on Endpoint Security 5.0.3 (and lower) with xAgent v31 or lower. This is not a supported scenario. 

As this is a tech preview module, the usual support SLAs don’t apply to the module. You can also provide feedback to the module team through the email listed below. 

Authentication RequiredDownloading this app requires a FireEye subscription to use and is only accessible for FireEye users with an active FireEye Support account. If you already have an account, please . Otherwise, please Request Support Access or Contact Sales to learn more about becoming a FireEye customer.

Module Info

Version:1.1.0
Last Updated:August 5, 2021
Platform:Windows
Requirements:Supported on Endpoint Security 5.0.4 with xAgent v32.30.0+
Size:42.59 MB
MD5:AD405CA7EE43490FD76E24AF3BA7D797
SHA1:BFE30A63E8E7C45CA4AA4E5E9B981C4079812C7E
SHA256:AAD86DB06B6ACF584648104D171369441BE82E2103F7F0DEA5FE0E6CDD945F55

Similar Apps

Endpoint Security Module
Endpoint Security Module
Endpoint Security Module
Endpoint Security Module