Name RT_BITMAP RVA 0x3e3b8 Size 0圆66 Type data Language English Opens the Kernel Security Device Driver (KsecDD) of Windows Pattern match: "Pattern match: "Heuristic match: " e.g. Heuristic match: "engineCtrl = MODULE_PATH:opensc-pkcs11.so" Heuristic match: "GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBRkWpgw%2BLqMW4OEGa%2BAXHumfxkGKgQUwHu0yLduVqcJSJr4ck%2FX1yQsNj4CEFWcjsGwXgakSTwTAn2cZ0M%3D HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Microsoft-CryptoAPI/6.1Host: "
Heuristic match: "GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBTYOkzrrCGQj08njZXbUQQpkoUmuQQUCHbNywf%2FJPbFze27kLzihDdGdfcCEGsyag8DKNN6HVML%2FSO9SOI%3D HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Microsoft-CryptoAPI/6.1Host: " "openssl.exe" touched file "C:\Windows\Globalization\Sorting\s" "openssl.exe" touched file "C:\Windows\System32\rsaenh.dll" "" touched file "C:\Users\%USERNAME%\AppData\Local\Microsoft\Windows\Caches\cversions.1.db" "" touched file "%LOCALAPPDATA%\Microsoft\Windows\Caches" "" touched file "C:\Windows\System32\en-US\" "" touched file "C:\Windows\Globalization\Sorting\s" "stunnel.html" has type "XML document text" "nf" has type "UTF-8 Unicode (with BOM) text with CRLF line terminators"
"openssl.cnf" has type "ASCII text with CRLF line terminators" "modern-wizard.bmp" has type "PC bitmap Windows 3.x format 164 x 314 x 4" "ca-certs.pem" has type "UTF-8 Unicode text with CRLF line terminators" Reads information about supported languages "standalone="yes"?>Nullsoft Install System v3.0b0" (Indicator: "requestedExecutionLevel level="highestAvailable"")ĬRC value set in PE header does not match actual value "Nullsoft Install System v3.0b0" (Indicator: "requestedExecutionLevel level="highestAvailable"") Opens the MountPointManager (often used to detect additional infection locations) "uninstall.exe" has type "PE32 executable (GUI) Intel 80386 for MS Windows Nullsoft Installer self-extracting archive" "SimpleFC.dll" has type "PE32 executable (DLL) (GUI) Intel 80386 for MS Windows" "libea圓2.dll" has type "PE32 executable (DLL) (console) Intel 80386 for MS Windows" "sslea圓2.dll" has type "PE32 executable (DLL) (console) Intel 80386 for MS Windows" "capi.dll" has type "PE32 executable (DLL) (console) Intel 80386 for MS Windows" "nsDialogs.dll" has type "PE32 executable (DLL) (GUI) Intel 80386 for MS Windows" "UserInfo.dll" has type "PE32 executable (DLL) (GUI) Intel 80386 for MS Windows" "openssl.exe" has type "PE32 executable (console) Intel 80386 for MS Windows" "stunnel.exe" has type "PE32 executable (GUI) Intel 80386 for MS Windows" "System.dll" has type "PE32 executable (DLL) (GUI) Intel 80386 for MS Windows" "pkcs11.dll" has type "PE32 executable (DLL) (GUI) Intel 80386 for MS Windows"
"padlock.dll" has type "PE32 executable (DLL) (console) Intel 80386 for MS Windows"
0 kommentar(er)
