Task registration methods: 'CreateRou ndRectRgn' Source: TaskbarX.e xe, Taskba rX/Win32.c s Sample might require command line argumentsĬlassification label: sus25.evad source code contains functionality to register a task Key value queried: HKEY_LOCAL _MACHINE\S OFTWARE\Cl asses\WOW6 432Node\CL SID\\InprocS erver32 Uses an in-process (OLE) Automation server Joe Sandbox Cloud Basic: Detection: clean Sco re: 0 dllįound detection on Joe Sandbox Cloud Basic with higher score Parts of this applications are using the. Key opened: HKEY_CURRE NT_USER\So ftware\Pol icies\Micr osoft\Wind ows\Safer\ CodeIdenti fiers text IMAGE _SCN_MEM_E XECUTE, IM AGE_SCN_CN T_CODE, IM AGE_SCN_ME M_READ text section and no other executable section Source: C:\Users\u ser\Deskto p\TaskbarX. Static PE information: Resource n ame: RT_IC ON type: G LS_BINARY_ LSB_FIRST Sample file is different than original file name gathered from version info Static PE information: 32BIT_MACH INE, EXECU TABLE_IMAG E
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |