"" touched file "%WINDIR%\system32\netmsg.dll"
"" touched file "%WINDIR%\system32\en-US\" "" touched file "%WINDIR%\system32\OLEACCRC.DLL" For authorized use only", OU=VeriSign Trust Network, O="VeriSign The input sample is signed with a certificate issued by "CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="c 2006 VeriSign
Analiza rmn pret code#
The input sample is signed with a certificate issued by "CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US" (SHA1: 2C:0F:68:01:37:05:1A:E2:7B:59:A4:C3:A7:4A:6F:37:B7:22:87:28 see report for more information) The input sample is signed with a certificate issued by "CN=Symantec Time Stamping Services CA - G2, O=Symantec Corporation, C=US" (SHA1: 65:43:99:29:B6:79:73:EB:19:2D:6F:F2:43:E6:76:7A:DF:08:34:E4 see report for more information) The input sample is signed with a certificate issued by "CN=Thawte Timestamping CA, OU=Thawte Certification, O=Thawte, L=Durbanville, ST=Western Cape, C=ZA" (SHA1: 6C:07:45:3F:FD:DA:08:B8:37:07:C0:9B:82:FB:3D:15:F3:53:36:B1 see report for more information) Possibly tries to detect the presence of a debugger Source Hybrid Analysis Technology relevance 10/10 Which is directly followed by "cmp al, 04h" and "jc 0044E01Ch".
Which is directly followed by "cmp ax, 00000601h" and "jc 004CC2A7h". Which is directly followed by "cmp ax, 0005h" and "jc 0048006Bh". Which is directly followed by "cmp ax, 0005h" and "jnc 004B8AAFh". Which is directly followed by "cmp edx, 05h" and "jne 00408E03h". Which is directly followed by "cmp ax, 00000600h" and "je 0041112Bh". Which is directly followed by "cmp edx, 05h" and "jne 0040648Bh".
0 kommentar(er)
