sdmpīinary or memory string: OriginalFi lenameuser 32j% vs Sp aceSniffer. sdmpīinary or memory string: \1.0%i%i%i %i.%i%i% i%i.Prod uctNamePro ductVersio nOriginalF ilenameFil eDescripti onFileVers ionCompany NameLegalC opyrightLe galTradema rksInterna lNamePriva teBuildSpe cialBuildC omments\\V arFileInfo \Translati on\StringF ileInfo\\ vs SpaceSn iffer.exe sdmpīinary or memory string: OriginalFi lenamecomc UIj% vs Sp aceSniffer. Sample file is different than original file name gathered from version infoīinary or memory string: OriginalFi lename vs SpaceSniff er.exe Static PE information: Resource n ame: RT_IC ON type: G LS_BINARY_ LSB_FIRST Source: C:\Users\u ser\Deskto p\SpaceSni ffer.exeĬode function: 1_2_0055D6 5C FindFir stFileW,Fi ndClose,Ĭode function: 1_2_0055D0 3C GetModu leHandleW, GetProcAdd ress,lstrc pynW,lstrc pynW,lstrc pynW,FindF irstFileW, FindClose, lstrlenW,l strcpynW,l strlenW,ls trcpynW,Ĭode function: 1_2_0053F2 D0 FindFir stFileW,Fi ndClose,Ĭode function: 1_2_004386 C0 _frmCon fig,Wow64D isableWow6 4FsRedirec tion,Sleep ,FindFirst FileExW,Fi ndFirstFil eExW,FindF irstFileW, FindFirstF ileW,FindN extFileW,F indClose,S leep,GetLa stError,_f rmConsole,Ĭontains functionality to query local drivesĬode function: 1_2_004203 5C GetLogi calDrives, GetLogical DriveStrin gsA,GetDri veTypeA,Ge tVolumeInf ormationA,įound potential string decryption / allocating functionsĬode function: String fun ction: 005 B7E88 appe ars 55 tim esĬode function: String fun ction: 005 B2D10 appe ars 49 tim esĬode function: String fun ction: 005 B6FD0 appe ars 158 ti mes Contains functionality to enumerate / list files inside a directory
0 Comments
Leave a Reply. |