![]() ![]() Hooking and other Techniques for Hiding and Protection:Įavesdrop on Insecure Network Communication Static PE information: NO_SEH, TE RMINAL_SER VER_AWARE, DYNAMIC_B ASE, NX_CO MPAT Static PE information: data direc tory type: IMAGE_DIR ECTORY_ENT RY_COM_DES CRIPTORĬontains modern PE file flags such as dynamic base (ASLR) or NX PE file contains a COM descriptor data directory Joe Sandbox Cloud Basic: Detection: clean Sco re: 0 Process created: C:\Windows \SysWOW64\ cmd.exe cm d.exe /C r undll32.ex e 'C:\User s\user\Des ktop\4d877 31fa95a402 aa7507c43f 270e5be.dl l',#1įound detection on Joe Sandbox Cloud Basic with higher score Process created: C:\Windows \System32\ loaddll32. Key opened: HKEY_CURRE NT_USER\So ftware\Pol icies\Micr osoft\Wind ows\Safer\ CodeIdenti fiersĬlassification label: oj a DLL by calling functions text IMAGE _SCN_MEM_E XECUTE, IM AGE_SCN_CN T_CODE, IM AGE_SCN_ME M_READ text section and no other executable section Static PE information: 32BIT_MACH INE, EXECU TABLE_IMAG E, DLL ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |