bricknas.blogg.se

Static PE information: data direc tory type: IMAGE_DIR ECTORY_ENT RY_DEBUG Static PE information: data direc tory type: IMAGE_DIR ECTORY_ENT RY_BASEREL OC Static PE information: data direc tory type: IMAGE_DIR ECTORY_ENT RY_RESOURC E Static PE information: data direc tory type: IMAGE_DIR ECTORY_ENT RY_IMPORT PE file contains a mix of data directories often seen in goodware Key opened: HKEY_CURRE NT_USER\So ftware\Pol icies\Micr osoft\Wind ows\Safer\ CodeIdenti fiers text IMAGE _SCN_MEM_E XECUTE, IM AGE_SCN_CN T_CODE, IM AGE_SCN_ME M_READ text section and no other executable section Static PE information: Resource n ame: RT_IC ON type: G LS_BINARY_ LSB_FIRST Source: C:\Users\u ser\Deskto p\Adobe Ge nuine Help er.exeįound potential string decryption / allocating functionsĬode function: String fun ction: 012 46A1E appe ars 66 tim esĬode function: String fun ction: 012 454D0 appe ars 34 tim esĬode function: String fun ction: 012 278D0 appe ars 42 tim es Key, Mouse, Clipboard, Microphone and Screen Capturing: String found in binary or memory: w.digicert. String found in binary or memory: / rpa0. String found in binary or memory: / cps0% String found in binary or memory: .sy 0 String found in binary or memory: crl.ws.sym / sha256-tss -ca.crl0 String found in binary or memory: aia.ws.sym / sha256-tss -ca.cer0( String found in binary or memory: ts/ClientR enderer.Fo cusedNodeC hanged String found in binary or memory: /u niversal-r oot.crl0 String found in binary or memory: p.digicert. String found in binary or memory: 4.digicert. com/DigiC ertHighAss uranceEVRo otCA.crl0 String found in binary or memory: 3.digicert. String found in binary or memory: erts.digic ert.com/Di giCertHigh AssuranceE VRootCA.cr t0 String found in binary or memory: erts.digic ert.com/Di giCertEVCo deSigningC A-SHA2.crt 0

Stop behavior analysis, all processes terminated.Found application associated with file extension.Successful, ratio: 99.7% (good quality ratio 86.9%).Number of analysed new started processes analysed: