sqlite_mas ter WHERE name='sql ite_sequen ce' īinary or memory string: INSERT INT O %Q.%s VA LUES('inde x',%Q,%Q,# %d,%Q) ' || quote (name) || ' SELECT * FROM main. SQL strings found in memory and binary dataīinary or memory string: SELECT 'IN SERT INTO vacuum_db. Key opened: HKEY_CURRE NT_USER\So ftware\Pol icies\Micr osoft\Wind ows\Safer\ CodeIdenti fiers text IMAGE _SCN_MEM_E XECUTE, IM AGE_SCN_CN T_CODE, IM AGE_SCN_ME M_READ text section and no other executable section Static PE information: 32BIT_MACH INE, EXECU TABLE_IMAG EĬlassification label: mal52.evad functionality for error loggingĬode function: 1_2_003283 50 GetLast Error,Form atMessageW ,FormatMes sageA,Loca lFree, 00020000.s dmpīinary or memory string: OriginalFi lenameProd uctKeyFind er.exeF vs Xp0PcRVWx H.exe Sample file is different than original file name gathered from version info Static PE information: Resource n ame: RT_IC ON type: G LS_BINARY_ LSB_FIRST Source: C:\Users\u ser\Deskto p\Xp0PcRVW xH.exeįound potential string decryption / allocating functionsĬode function: String fun ction: 003 87EC0 appe ars 537 ti mesĬode function: String fun ction: 003 25CD0 appe ars 61 tim esĬode function: String fun ction: 003 253A0 appe ars 69 tim esĬode function: String fun ction: 003 8A6B0 appe ars 531 ti mesĬode function: String fun ction: 003 25DD0 appe ars 37 tim es
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |