String found in binary or memory: .sy 07 String found in binary or memory: crl.ws.sym / tss-ca-g2. String found in binary or memory: aia.ws.sym / tss-ca-g2. String found in binary or memory: p.thawte.c om0 String found in binary or memory: p.digicert. String found in binary or memory: s.python.o rg/ String found in binary or memory: 4.digicert. String found in binary or memory: 3.digicert. String found in binary or memory: erts.digic ert.com/Di giCertSHA2 AssuredIDC odeSigning CA.crt0 String found in binary or memory: erts.digic ert.com/Di giCertAssu redIDRootC A.crt0 String found in binary or memory: syndicatio n.org/2006 /appsynapp licationap uputil.cpp upgradeexc lusivetrue enclosured igestalgor String found in binary or memory: syndicatio n.org/2006 /appsyn 2.exeĬode function: 2_2_731B0B 9B GetFile Attributes W,GetLastE rror,GetLa stError,Se tFileAttri butesW,Get LastError, GetTempPat hW,GetLast Error,Find FirstFileW ,GetLastEr ror,SetFil eAttribute sW,DeleteF ileW,GetTe mpFileName W,MoveFile ExW,MoveFi leExW,Move FileExW,Fi ndNextFile W,GetLastE rror,GetLa stError,Ge tLastError ,GetLastEr ror,Remove DirectoryW ,GetLastEr ror,MoveFi leExW,GetL astError,F indClose, Source: C:\Windows \Temp\\.cr\p ython-3.8. 8.2.exeĬode function: 0_2_009BA0 BB Decrypt FileW,Ĭode function: 0_2_009DFA 62 CryptAc quireConte xtW,GetLas tError,Cry ptCreateHa sh,GetLast Error,Cryp tHashData, ReadFile,G etLastErro r,CryptDes troyHash,C ryptReleas eContext,G etLastErro r,CryptGet HashParam, GetLastErr or,SetFile PointerEx, GetLastErr or,Ĭode function: 0_2_009B9E 9E Decrypt FileW,Decr yptFileW, Source: C:\Users\u ser\Deskto p\python-3.
Uses Microsoft's Enhanced Cryptographic Provider Remotely Track Device Without Authorizationĭeobfuscate/Decode Files or Information 1Įxfiltration Over Command and Control Channel Eavesdrop on Insecure Network Communication
0 kommentar(er)
