Easybee vim6/1/2023 Reads information about supported languagesĪn adversary may gather the system time and/or time zone from a local or remote system.Ĭontains ability to query local/system timeĪdversaries may attempt to gather information about attached peripheral devices and components connected to a computer system.Īn adversary may attempt to get detailed information about the operating system and hardware, including version, patches, hotfixes, service packs, and architecture.Ĭontains ability to read software policiesĪdversaries may attempt to get a listing of security software, configurations, defensive tools, and sensors that are installed on a system or in a cloud environment.Īdversaries may use Valid Accounts to log into a computer using the Remote Desktop Protocol (RDP). Installs hooks/patches the running processĪdversaries may interact with the Windows Registry to gather information about the system, configuration, and installed software. Report generated by Falcon Sandbox v8.49.7 © Hybrid AnalysisĪdversaries may perform software packing or virtual machine software protection to conceal their code.Īdversaries may employ various means to detect and avoid virtualization and analysis environments.Īdversaries may hook into Windows application programming interface (API) functions to collect user credentials. Guest System: Windows 7 32 bit, Professional, 6.1 (build 7601), Service Pack 1 This report is generated from a file or URL submitted to this webservice on November 19th 2021 22:58:12 (UTC) Threat Score: 100/100 AV Detection: 75% Labeled as: #abaddonpos
0 Comments
Leave a Reply. |