quadqert.blogg.se

30 April 2023 - 11:27
Jwoodies jdiskreport
Allmänt
Jwoodies jdiskreport










jwoodies jdiskreport

a.sun.com/ products/j avahelp/he lpset_1_0. Source: java.exe, 00000002.0 0000002.20 53577365.0 066D000.00 000004.sdm pīinary or memory string: 6aq[Ljava/ lang/Virtu alMachineE rror īinary or memory string: org/omg/CO RBA/OMGVMC ID.classPKīinary or memory string: cjava/lang /VirtualMa chineErrorīinary or memory string: ,YITw5Au8x 9b6nphytS6 eYIi53n23S sqeMuJt1dJ TtB4= May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) Hooking and other Techniques for Hiding and Protection: Static file information: File size 2343540 > 1048576įile opened: C:\Program Files\Jav a\jre1.8.0 _144\bin\m svcr100.dl l Submission file is bigger than most known malware samples Window detected: More than 3 window c hanges det ected

jwoodies jdiskreport

Key value queried: HKEY_LOCAL _MACHINE\S OFTWARE\Cl asses\CLSI D\ \InProcSer ver32įound graphical window changes (likely an installer) Uses an in-process (OLE) Automation server Process created: C:\Program Files\Jav a\jre1.8.0 _144\bin\j ava.exe 'C :\Program Files\Java \jre1.8.0_ 144\bin\ja va.exe' - javaagent: 'C:\Users\ SAMTAR~1\A ppData\Loc al\Temp\ja rtracer.ja r' -jar 'C :\Users\us er\Desktop \jdiskrepo rt-1.4.1.j ar' 0_144\bin\ java.exe' -javaagent :'C:\Users \SAMTAR~1\ AppData\Lo cal\Temp\j artracer.j ar' -jar ' C:\Users\u ser\Deskto p\jdiskrep ort-1.4.1. Process created: C:\Windows \System32\ cmd.exe C: \Windows\s ystem32\cm d.exe /c ' 'C:\Progra m Files\Ja va\jre1.8. Key opened: HKEY_LOCAL _MACHINE\S oftware\Po licies\Mic rosoft\Win dows\Safer \CodeIdent ifiers Section loaded: C:\Program Files\Jav a\jre1.8.0 _144\bin\j ava.dll Source: C:\Program Files\Jav a\jre1.8.0 _144\bin\j ava.exeįile created: C:\Users\u ser\AppDat a\Roaming\ JGoodiesįile created: C:\Users\S AMTAR~1\Ap pData\Loca l\Temp\hsp erfdata_us er\3952 Key, Mouse, Clipboard, Microphone and Screen Capturing: String found in binary or memory: ert.com String found in binary or memory: a.sun.com/ products/j avahelp/to c_1_0.dtd String found in binary or memory: a.sun.com/ products/j avahelp/ma p_1_0.dtd String found in binary or memory: a.sun.com/ products/j avahelp/he lpset_1_0.

jwoodies jdiskreport

String found in binary or memory: a.oracle.c om/ String found in binary or memory: report.sun. Number of analysed new started processes analysed:

#Jwoodies jdiskreport windows 7#

Windows 7 SP1 (with Office 2010 SP2, IE 11, FF 54, Chrome 60, Acrobat Reader DC 17, Flash 26, Java.












Jwoodies jdiskreport
0 kommentar(er)
Om Mig: