![]() Source: C:\Users\u ser\Downlo ads\Restor e-My-Files. exe PID: 5160, type : MEMORYST Rįile source: Process Me mory Space : winlogon. exe PID: 8528, type : MEMORYST Rįile source: Process Me mory Space : winlogon. exe PID: 10348, typ e: MEMORYS TRįile source: Process Me mory Space : winlogon. exe PID: 6832, type : MEMORYST Rįile source: Process Me mory Space : winlogon. String found in binary or memory: cc.io/X8GR zsw.gif String found in binary or memory: /o kfn/annota tor/blob/m aster/LICE NSE String found in binary or memory: /o kfn/annota tor/ String found in binary or memory: de.jquery. String found in binary or memory: emas.xmlso ap.org/ws/ 2005/05/id entity/cla ims/name String found in binary or memory: i-locker.o ne/index.p hpq ![]() String found in binary or memory: i-locker.o ne/index.p hp5 String found in binary or memory: i-locker.o ne/index.p hp String found in binary or memory: eb/sites/I SSEngineer ing/EngFun /SitePages /Home.aspx 0 exeĬode function: 0_2_056ACC 78 FindFir stFileW,Ĭode function: 0_2_056ACC 6E FindFir stFileW,Ĭode function: 18_2_038DA CC0 FindFi rstFileW,Ĭode function: 18_2_038DA CB5 FindFi rstFileW,įile opened: C:\Users\u ser\AppDat a\Roaming\ Microsoft\ Windows\St art Menu\įile opened: C:\Users\u ser\AppDat a\Roaming\ Microsoft\ Windows\St art Menu\P rograms\St artup\įile opened: C:\Users\u ser\AppDat a\Roaming\ Microsoft\ Windows\St art Menu\P rograms\įile opened: C:\Users\u ser\AppDat a\Roaming\ Microsoft\ Source: C:\Users\u ser\Deskto p\winlogon. Machine Learning detection for dropped fileĬontains functionality to enumerate / list files inside a directory Source: C:\Windows \SysWOW64\ winlogon.e xe Source: C:\Windows \SysWOW64\ config\sys temprofile \AppData\R oaming\win logon.exe Source: C:\Users\u ser\AppDat a\Roaming\ winlogon.e xe Source: C:\Users\u ser\AppDat a\Roaming\ Microsoft\ Windows\St art Menu\P rograms\St artup\winl ogon.exe Multi AV Scanner detection for dropped file exeĪvira: detection malicious, Label: HE UR/AGEN.11 39796 Source: C:\Program Data\Micro soft\Windo ws\Start M enu\Progra ms\StartUp \winlogon. Multi AV Scanner detection for submitted fileĪntivirus / Scanner detection for submitted sample
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |