text IMAGE _SCN_MEM_E XECUTE, IM AGE_SCN_CN T_CODE, IM AGE_SCN_ME M_READ text section and no other executable section Mutant created: \Sessions\ 1\BaseName dObjects\Q -DIR-GUID Sample file is different than original file name gathered from version info Static PE information: Resource n ame: RT_IC ON type: G LS_BINARY_ LSB_FIRST Static PE information: Resource n ame: RT_BI TMAP type: GLS_BINAR Y_LSB_FIRS T
Static PE information: Resource n ame: ZIP t ype: Zip a rchive dat a (empty) PE file contains executable resources (Code or Archives) Source: C:\Users\u ser\Deskto p\Q-Dir.ex e Key, Mouse, Clipboard, Microphone and Screen Capturing:Ĭreates files inside the system directory
String found in binary or memory: / CPS0D String found in binary or memory: / CPS0C softwareo k.com/?sei te=faq-Fin d.Same.Ima ges.OK&faq =0 SoftwareO K.de/?seit e=Freeware /Q-Dir/His tory SoftwareO K.com/?sei te=Freewar e/Q-Dir/Hi story String found in binary or memory: m/?seite=f aq-Q-DIR&f aq=0 String found in binary or memory: m/?seite=F reeware/Q- Dir/Histor y String found in binary or memory: p.sectigo. sectigo.c om/Sectigo RSATimeSta mpingCA.cr t0# sectigo.c om/Sectigo RSACodeSig ningCA.crt 0# sectigo.c om/Sectigo RSATimeSta mpingCA.cr l0t sectigo.c om/Sectigo RSACodeSig ningCA.crl 0s Remotely Track Device Without Authorization
Eavesdrop on Insecure Network Communication
0 kommentar(er)
