AMSI Module
The AMSI Module for FireEye Endpoint Security monitors and detects suspicious scripts utilizing the AMSI interface on Windows OS.
AMSI Module detects the execution of malicious scripts using AMSI interface to send script objects for additional FireEye Endpoint Security scan. An event with detection metadata is sent to Endpoint Security (HX) controller which will be viewable in Alerts page.
This TechPreview release of AMSI Module is supported on Endpoint Security 5.0.4 with xAgent v32.30.0
Note: AMSI Module v1.1.0 will NOT work on Endpoint Security 5.0.3 (and lower) with xAgent v31 or lower. This is not a supported scenario.
As this is a tech preview module, the usual support SLAs don’t apply to the module. You can also provide feedback to the module team through the email listed below.
Downloading this app requires a FireEye subscription to use and is only accessible for FireEye users with an active FireEye Support account. If you already have an account, please . Otherwise, please Request Support Access or Contact Sales to learn more about becoming a FireEye customer.
Support
| Developer: | FireEye |
| Supported By: | FireEye |
| Contact: | |
| Resources: | Endpoint Security AMSI v1.1.0 User Guide |
| Endpoint Security AMSI v1.1.0 Release Notes | |
| FireEye Endpoint Security Products Page |
Module Info
| Version: | 1.1.0 |
| Last Updated: | August 5, 2021 |
| Platform: | Windows |
| Requirements: | Supported on Endpoint Security 5.0.4 with xAgent v32.30.0+ |
| Size: | 42.59 MB |
| MD5: | AD405CA7EE43490FD76E24AF3BA7D797 |
| SHA1: | BFE30A63E8E7C45CA4AA4E5E9B981C4079812C7E |
| SHA256: | AAD86DB06B6ACF584648104D171369441BE82E2103F7F0DEA5FE0E6CDD945F55 |