Attention: please enable javascript in order to properly view & use this malware analysis service.

Bạn đang xem: Processchecker

This website uses cookies to enhance your browsing experience. Please note that by continuing to use this site you consent to the terms of our Data Protection Policy.

Toggle navigation

Sandbox Quiông xã Scans Resources Request Info More YARA Search String Search File Collection Search Report Search " placeholder="IP, Domain, Hash…">
Threat Score: 85/100 AV Detection: Marked as clean Labeled as: No error Link Twitter Thư điện tử

This report is generated from a file or URL submitted to this webservice on December 25th 2019 03:24:17 (UTC)Guest System: Windows 7 32 bit, Professional, 6.1 (build 7601), Service Paông chồng 1 Report generated by Falnhỏ Sandbox v8.30 © Hybrid Analysis

Remote Access Reads terminal service related keys (often RDP. related) Persistence Writes data to lớn a remote process Fingerprint Queries kernel debugger information Queries sensitive sầu IE security settings Reads the active computer name Reads the cryptographic machine GUID Evasive sầu Marks tệp tin for deletion Spreading Opens the MountPointManager (often used lớn detect additional infection locations) Tries khổng lồ access unusual system drive letters
This report has 27 indicators that were mapped lớn 17 attachồng techniques and 8 tactics. View all details
Initial Access Execution Persistence Privilege Escalation Defense Evasion Credential Access Discovery Lateral Movement Collection Commvà and Control Exfiltration Impact
Drive-by Compromise AppleScript .bash_profile and .bashrc Access Token Manipulation Access Token Manipulation Account Manipulation Account Discovery AppleScript Audio Capture Commonly Used Port Automated Exfiltration Data Destruction
Exploit Public-Facing Application CMSTP Accessibility Features Accessibility Features Binary Padding Bash History Application Window Discovery Application Deployment Software Automated Collection Communication Through Removable Media Data Compressed Data Encrypted for Impact
External Remote Services Command-Line Interface Account Manipulation AppCert DLLs BITS Jobs Brute Force Browser Bookmark Discovery Distributed Component Object Model Clipboard Data Connection Proxy Data Encrypted Defacement
Hardware Additions Compiled HTML File AppCert DLLs AppInit DLLs Bypass User Account Control Credential Dumping Domain Trust Discovery Exploitation of Remote Services Data from Information Repositories Custom Commvà & Control Protocol Data Transfer Size Limits Disk Content Wipe
Replication Through Removable Media Control Panel Items AppInit DLLs Application Shimming Clear Comm& History Credentials in Files File và Directory Discovery
Logon Scripts Data from Local System Custom Cryptographic Protocol Exfiltration Over Alternative sầu Protocol Disk Structure Wipe
Spearphishing Attachment Dynamic Data Exchange Application Shimming Bypass User Account Control CMSTPhường Credentials in Registry Network Service Scanning Pass the Hash Data from Network Shared Drive Data Encoding Exfiltration Over Comm& & Control Channel Endpoint Denial of Service
Spearphishing Link Execution through API Authentication Package DLL Search Order Hijacking Code Signing
Exploitation for Credential Access Network Share Discovery Pass the Ticket Data from Removable Media Data Obfuscation Exfiltration Over Other Network Medium Firmware Corruption
Spearphishing via Service Execution through Module Load BITS Jobs Dylib Hijacking Compile After Delivery Forced Authentication Network Sniffing Remote Desktop Protocol
Data Staged Domain Fronting Exfiltration Over Physical Medium Inhibit System Recovery
Supply Chain Compromise Exploitation for Client Execution Bootkit Exploitation for Privilege Escalation Compiled HTML File Hooking

Xem thêm: Nguyên Nhân Dẫn Lỗi E3 Là Gì, Nghĩa Của Từ E3 Trong Tiếng Việt

Domain Generation Algorithms Scheduled Transfer Network Denial of Service
Trusted Relationship Graphical User Interface Browser Extensions Extra Window Memory Injection Component Firmware Input Capture Peripheral Device Discovery
Remote Services Input Capture Fallbachồng Channels Resource Hijacking
Valid Accounts InstallUtil Change Default File Association File System Permissions Weakness Component Object Model Hijacking Input Prompt Permission Groups Discovery Replication Through Removable Media Man in the Browser Multi-hop Proxy Runtime Data Manipulation
Launchctl Component Firmware Hooking
Control Panel Items Kerberoasting Process Discovery Shared Webroot Screen Capture Multi-Stage Channels Service Stop
Local Job Scheduling Component Object Model Hijacking Image File Execution Options Injection DCShadow Keychain Query Registry
SSH Hijacking Video Capture Multiband Communication Stored Data Manipulation
LSASS Driver Create Account Launch Daemon Deobfuscate/Decode Files or Information LLMNR/NBT-NS Poisoning và Relay Remote System Discovery Taint Shared Content Multilayer Encryption Transmitted Data Manipulation
Mshta DLL Search Order Hijacking New Service Disabling Security Tools Network Sniffing Security Software Discovery Third-các buổi tiệc nhỏ Software Port Knocking
PowerShell Dylib Hijacking Path Interception DLL Search Order Hijacking Password Filter DLL System Information Discovery Windows Admin Shares Remote Access Tools
Regsvcs/Regasm External Remote Services Pcác mục Modification DLL Side-Loading Private Keys System Network Configuration Discovery Windows Remote Management Remote File Copy
Regsvr32 File System Permissions Weakness Port Monitors Execution Guardrails Securityd Memory System Network Connections Discovery Standard Application Layer Protocol
Rundll32 Hidden Files and Directories Process Injection
Exploitation for Defense Evasion Two-Factor Authentication Interception System Owner/User Discovery Standard Cryptographic Protocol
Scheduled Task Hooking
Scheduled Task Extra Window Memory Injection System Service Discovery Standard Non-Application Layer Protocol
Scripting Hypervisor Service Registry Permissions Weakness File Deletion
Image File Execution Options Injection Setuid & Setgid File Permissions Modification Virtualization/Sandbox Evasion Web Service
Signed Binary Proxy Execution Kernel Modules & Extensions
SID-History Injection File System Logical Offsets
Signed Script Proxy Execution Launch Agent Startup Items Gatekeeper Bypass
Source Launch Daemon Suvị Group Policy Modification
Space after Filename Launchctl Subởi Caching Hidden Files & Directories
Third-tiệc nhỏ Software LC_LOAD_DYLIB Addition Valid Accounts Hidden Users
Trap Local Job Scheduling Web Shell Hidden Window
Trusted Developer Utilities Login Item HISTCONTROL
User Execution Logon Scripts Image File Execution Options Injection
Windows Management Instrumentation LSASS Driver Indicator Blocking
Windows Remote Management Modify Existing Service Indicator Removal from Tools
XSL Script Processing Netsh Helper DLL Indicator Removal on Host
New Service Indirect Commvà Execution
Office Application Startup Install Root Certificate
Path Interception InstallUtil
Pdanh mục Modification Launchctl
Port Knocking LC_MAIN Hijacking
Port Monitors Masquerading
Rc.common Modify Registry
Re-opened Applications Mshta
Redundant Access Network Share Connection Removal
Registry Run Keys / Startup Folder NTFS File Attributes
Scheduled Task Obfuscated Files or Information
Screensaver Pcác mục Modification
Security Support Provider Port Knocking
Service Registry Permissions Weakness Process Doppelgänging
Setuid and Setgid Process Hollowing
Shortcut Modification Process Injection
SIP. và Trust Provider Hijacking Redundant Access
Startup Items Regsvcs/Regasm
System Firmware Regsvr32
Systemd Service Rootkit
Time Providers Rundll32
Trap Scripting
Valid Accounts Signed Binary Proxy Execution
Web Shell Signed Script Proxy Execution
Windows Management Instrumentation Event Subscription SIP and Trust Provider Hijacking
Winlogon Helper DLL Software Packing
Space after Filename
Template Injection
Trusted Developer Utilities
Valid Accounts
Virtualization/Sandbox Evasion
Web Service
XSL Script Processing
Initial Access Execution Persistence Privilege Escalation Defense Evasion Credential Access Discovery Lateral Movement Collection Comm& và Control Exfiltration Impact
Service Execution
Bài viết liên quan

Trả lời

Email của bạn sẽ không được hiển thị công khai. Các trường bắt buộc được đánh dấu *

Về - Trang web được thành lập bởi Wordpress. Nội dung trên blog này đều đề cập đến những vấn đề mọi người quan tâm và hay tìm kiếm trên công cụ tìm kiếm "Google" hiện nay, giúp người dùng có thêm nhiều thông tin hay và bổ ích.

Lưu Ý Nội Dung

Mọi thông tin trên website đều mang tính chất tham khảo. Và chúng tôi sẽ không chịu trách nhiệm khi bạn tự ý làm theo mà chưa hỏi ý kiến của chuyên gia.

Mọi thắc mắc xin liên hệ: [email protected]

Quản lý nội dung

Nội dung trên website chủ yếu được sưu tầm từ internet giúp bạn có thêm những tài liệu bổ ích và khách quan nhất. Nếu bạn là chủ sở hữu của những nội dung và không muốn chúng tôi đăng tải, hãy liên hệ với quản trị viên để gỡ bài viết