String found in binary or memory: p.int-An
String found in binary or memory: g.trustid. String found in binary or memory: t.int-x3.l etsencrypt.
String found in binary or memory: s.identrus t.com/root s/dstrootc ax3.p7c0 Source: C:\Users\u ser\Deskto p\iaiid.ex eĬode function: 0_2_010445 E0 CreateT oolhelp32S napshot,Cl oseHandle, Process32F irstW,Open Process,Ge tPriorit圜 lass,GetEx itCodeProc ess,Termin ateProcess ,WaitForSi ngleObject ,CloseHand le,Process 32NextW,Cl oseHandle, CloseHandl e,_wcsrchr ,CreateDir ectoryW,Sl eep,Sleep, DeleteUrlC acheEntryW ,URLDownlo adToFileW, PathFileEx istsW,Slee p,ĭNS traffic detected: queries fo r: count.c m JA3 fingerprint: 37f463bf46 16ecd445d4 a1937da06e 19Ĭontains functionality to download additional files from the internet JA3 SSL client fingerprint seen in connection with other malware Standard Non-Application Layer Protocol 1Įxfiltration Over Command and Control Channel Remotely Track Device Without Authorizationĭeobfuscate/Decode Files or Information 1 Eavesdrop on Insecure Network Communication
0 kommentar(er)
