Source Hybrid Analysis Technology relevance 1/10Ĭontains ability to find and load resources of a specific from inst_gf_popup.exe (PID: 2308) ( Show from inst_gf_popup.exe (PID: 2308) ( Show from inst_gf_popup.exe (PID: 2308) ( Show from inst_gf_popup.exe (PID: 2308) ( Show from inst_gf_popup.exe (PID: 2308) ( Show from inst_gf_popup.exe (PID: 2308) ( Show from inst_gf_popup.exe (PID: 2308) ( Show from inst_gf_popup.exe (PID: 2308) ( Show from inst_gf_popup.exe (PID: 2308) ( Show from inst_gf_popup.exe (PID: 2308) ( Show from inst_gf_popup.Samba passwords are managed separately from your regular account password. Possibly tries to detect the presence of a from PID from inst_gf_popup.exe (PID: 2308) ( Show from inst_gf_popup.exe (PID: 2308) ( Show from inst_gf_popup.exe (PID: 2308) ( Show from PID from PID from inst_gf_popup.exe (PID: 2308) ( Show from PID from PID from PID from inst_gf_popup.exe (PID: 2308) ( Show from inst_gf_popup.exe (PID: 2308) ( Show from PID from PID from PID from inst_gf_popup.exe (PID: 2308) ( Show from PID from inst_gf_popup.exe (PID: 2308) ( Show from PID at 65515-2443-1007C910 Source Hybrid Analysis Technology relevance 10/10 Which is directly followed by "cmp eax, dword ptr " and "xor ecx, ebp". Which is directly followed by "cmp eax, dword ptr " and "jl 00A42ECFh". Which is directly followed by "cmp dword ptr, 05h" and "jbe 00A68730h".
"" (Access type: "CREATE" Path: "HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CTLS")Ĭontains ability to reboot/shutdown the operating systemįound API call (Target: "inst_gf_popup.exe" Stream UID: "00158078-00002308-1279-889-00A686E6") "" (Access type: "CREATE" Path: "HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CRLS") "" (Access type: "CREATE" Path: "HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CERTIFICATES") "" (Access type: "CREATE" Path: "HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED") "" (Access type: "CREATE" Path: "HKCU\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CTLS") "" (Access type: "CREATE" Path: "HKCU\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CRLS") "" (Access type: "CREATE" Path: "HKCU\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CERTIFICATES")
"" (Access type: "CREATE" Path: "HKCU\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED") Source Hybrid Analysis Technology relevance 8/10 From PID from PID from inst_gf_popup.exe (PID: 2308) ( Show from inst_gf_popup.exe (PID: 2308) ( Show from inst_gf_popup.exe (PID: 2308) ( Show from PID from inst_gf_popup.exe (PID: 2308) ( Show from inst_gf_popup.exe (PID: 2308) ( Show from inst_gf_popup.exe (PID: 2308) ( Show from inst_gf_popup.exe (PID: 2308) ( Show from inst_gf_popup.exe (PID: 2308) ( Show from inst_gf_popup.exe (PID: 2308) ( Show from PID from inst_gf_popup.exe (PID: 2308) ( Show from inst_gf_popup.exe (PID: 2308) ( Show from inst_gf_popup.exe (PID: 2308) ( Show from inst_gf_popup.exe (PID: 2308) ( Show from inst_gf_popup.exe (PID: 2308) ( Show from PID from inst_gf_popup.exe (PID: 2308) ( Show from PID from inst_gf_popup.exe (PID: 2308) ( Show at at 56536-4214-100BC060
0 kommentar(er)
