![]() Sample file is different than original file name gathered from version infoīinary or memory string: OriginalFi lename vs Foxit Phan tom.exe Static PE information: Resource n ame: RT_IC ON type: G LS_BINARY_ LSB_FIRST Process created: C:\Windows \SysWOW64\ WerFault.e xe C:\Wind ows\SysWOW 64\WerFaul t.exe -u - p 6288 -s 1160 Source: C:\Users\u ser\Deskto p\Foxit Ph antom.exeĬode function: 0_2_79BF1E 4C GetCurr entProcess ,NtProtect VirtualMem ory, text IMAGE _SCN_MEM_E XECUTE, IM AGE_SCN_ME M_WRITE, I MAGE_SCN_C NT_CODE, I MAGE_SCN_M EM_READĬontains functionality to call native functions foxitsoft /p df/phantom / w.foxitsof / pdf/reader /filepakwb adon-dema nd.de/red/ 2303/Inter netShortcu tURLeBay.u rlSoftware String found in binary or memory: p.thawte.c om0 String found in binary or memory: p.godaddy. ![]() com/addon/ query.php? name=isnew pluginmodu le_typetru eresultlev elregkeyur String found in binary or memory: nload.foxi tsoftware. String found in binary or memory: tificates. String found in binary or memory: 02.foxitso /pub/foxit /manual/en u/FoxitPha ntom21_Man ual.pdfPha ntom
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |