PeStudio - static analysis of compiled C++ and flag anomalies in the binary. $string1 = " urn:schemas-microsoft-com:asm.v3 " (open) vssadmin.exe delete shadows /all /Quiet Performed the following DNS requests:Ĭ:\Documents and Settings\\Application Data\wqkdy-bc.exe:Zone.IdentifierĬ:\WINDOWS\system32\vssadmin.exe" delete shadows /all /Quiet "īcdedit.exe /set recoveryenabled off USER AGENT: Mozilla/5.0 (Windows NT 6.3 WOW64 Trident/7.0 Touch rv:11.0) like Gecko Construction and evaluation of the new heuristic malware detection mechanism based on executable files static analysis Kozachok, A. C:\Documents and Settings\\My Documents\recover_file_yemaesylm.txt.
C:\Documents and Settings\\Application Data\wqkdy-bc.exe.
0 kommentar(er)
