ef1613f88744acec36908126b21bcba9ba775f8af25a1e86988e36985dd6f6fb (SHA256)
order ref ftp.exe
Created at 2018-10-16 10:55:00
Severity | Category | Operation | Classification | |
---|---|---|---|---|
4/5
|
Information Stealing | Reads browser data | - | |
|
||||
4/5
|
Injection | Writes into the memory of another running process | - | |
|
||||
4/5
|
Injection | Modifies control flow of another process | - | |
|
||||
3/5
|
Browser | Reads data related to saved browser credentials | - | |
|
||||
|
||||
2/5
|
Anti Analysis | Resolves APIs dynamically to possibly evade static detection | - | |
|
||||
2/5
|
Network | Associated with known malicious/suspicious URLs | - | |
|
||||
1/5
|
Process | Creates system object | - | |
|
||||
|
||||
|
||||
1/5
|
Process | Creates process with hidden window | - | |
|
||||
1/5
|
Process | Reads from memory of another process | - | |
|
||||
1/5
|
Process | Creates a page with write and execute permissions | - | |
|
||||
1/5
|
Network | Performs DNS request | - | |
|
||||
1/5
|
Network | Connects to remote host | - | |
|