![]() Stat_version=1.0&product=2345Pic&main_ver=9.2&version=9.&data=SkQFDlRYDl5GWU5GdgkHAgMWDUdTUQQMNlgHEEkXc1QBVldDAxdWBldXDSVzeAB0cAMGUyRTBQFVBlJwVHMDJggjV1IPB0McRiIFVAcLFQgRDRlXT1MeAVIGUxBJF3NUAlZfQwNOQ1Y7FVAWRFBYXBEOB0lDCkVLEhNeAkkXQTtHAxQSUFoPEl5BFxkbG3YCAAUHR1tSHBsnAVcDVBcIVR1EJ1AIBFASXlFISBVQWUZWU1IXQ1hLGwdAOwJUFwg%252FAztKQ1hEPgBWQQ8%252FBmQbEFJFaFVSQApiV2xIEAREbVQFRFw6CWhNEgUSalQCGw1pAmlKGGs= POST /pic/cloud/cloud_install_switch.php HTTP/1.1Ĭontent-Type: application/x-www-form-urlencoded charset=UTF-8ĭata_version=1.0&client_data=Q0cAUFVfXgZYa1oAEgJGAQVRAAJXER8aBB4UCgpGAUNnEwZKR1hfDRYOEUYcGgxQWhtZQjlFVkoSDwsIRw5GExRHClZHRVEPWGtXBUlLRgsFTRJZE1pXGltERkpHWAVCTDoCW0BYRgZrUFIdQxpeARlDXFMVR2xNEgMAOQFVHUIaX1MUFl5DPFZdR0YKDlAdFw5DbRBWQUsICQpEXxZSHwlHTxpEUkMCUlFsElVKF1haDxIIRBEfGhEPBzkTURZCUQoNGg4TEk8WREELVE0HRWoXVUAVWlxWQ1xGX0sGSgAWXVcPAxMcQUdbVRBvUQpXWkMKEFYDAwhRVlRWVQRUAQhVUwgEAQBTBAQDVAAIVAEFUQACVgMDCFFWVFZVBFQBCFVTCAQTHEFBWloLXmcNVRdbEhBKEUZNCAJGXEcWGTs= GET /11/rdr/CHS/win/nooem/none/message.zip HTTP/1.1 Maldun_Anomoly_Combined_Activities_7 (Spotted potential malicious behaviors from a small size target, like process manipultion, privilege, token and files)ĬNAME.win_files_operation (Affect private profile).win_registry (Detected system registries modification function).escalate_priv (Detected escalate priviledges function).create_process (Detection function for creating a new process).screenshot (Detected take screenshot function).DebuggerTiming_Ticks (Detected timing ticks function).HasRichSignature (Detected Rich Signature).HasDigitalSignature (Detected Digital Signature). ![]() HasOverlay (Detected Overlay signature).IsWindowsGUI (Detected a Windows GUI sample).with_urls (Detected the presence of an or several urls).
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |