![]() ![]() MemoryHea pSampleTot alUsedV8.M emoryHeapU sedV8.Memo ryHeapComm ittedmail. String found in binary or memory: V8.MemoryE xternalFra gmentation TotalV8.Me moryHeapSa mpleTotalC ommittedV8. JA3 fingerprint: bc6c386f48 0ee97b9d9e 52d472b772 d8įound strings which match to known social media urls JA3 SSL client fingerprint seen in connection with other malware 0.26.exeĬode function: 0_2_004059 CC GetTemp PathW,Dele teFileW,ls trcatW,lst rcatW,lstr lenW,FindF irstFileW, FindNextFi leW,FindCl ose,Ĭode function: 0_2_004065 FD FindFir stFileW,Fi ndClose,Ĭode function: 0_2_004028 68 FindFir stFileW,įile opened: C:\Users\u ser\AppDat a\Local\Pr ograms\pro mpt-dog\re sources\ap p.asar.unp acked\node _modules\f ont-list\l ibsįile opened: C:\Users\u ser\AppDat a\Local\Pr ograms\pro mpt-dog\re sources\ap p.asar.unp acked\node _modules\f ont-listįile opened: C:\Users\u ser\AppDat a\Local\Pr ograms\pro mpt-dog\re sourcesįile opened: C:\Users\u ser\AppDat a\Local\Pr ograms\pro mpt-dog\re sources\ap p.asar.unp ackedįile opened: C:\Users\u ser\AppDat a\Local\Pr ograms\pro mpt-dog\re sources\ap p.asar.unp acked\node _modulesįile opened: C:\Users\u ser\AppDat a\Local\Pr ograms\pro mpt-dog\lo cales Source: C:\Users\u ser\Deskto p\PromptDo g Setup 4. Standard Non-Application Layer Protocol 1Ĭontains functionality to enumerate / list files inside a directory Remotely Track Device Without Authorization Report size getting too big, too many NtQueryVolumeInformationFile calls found.Įavesdrop on Insecure Network Communication.Report size getting too big, too many NtQueryValueKey calls found.Report size getting too big, too many NtProtectVirtualMemory calls found.Report size getting too big, too many NtOpenKeyEx calls found.Report size getting too big, too many NtAllocateVirtualMemory calls found.Report size exceeded maximum capacity and may have missing network information.Report size exceeded maximum capacity and may have missing behavior information.Excluded domains from analysis (whitelisted):, .net,, ,, ,.Exclude process from analysis (whitelisted): dllhost.exe, conhost.exe, CompatTelRunner.exe, svchost.exe. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |