May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) Source: Amcache.hv e.4.drīinary or memory string: VMware Vir tual USB M ouseīinary or memory string: VMware20,1 Amcache.hv e.4.drīinary or memory string: c:\windows \system32\ driverstor e\filerepo sitory\vmc i.inf_amd6 4_68ed4946 9341f563īinary or memory string: Ascsi/cdro m&ven_necv mwar&prod_ vmware_sat a_cd00/4&2 24f42ef&0& 000000īinary or memory string. Process information set: NOOPENFILE ERRORBOX Source: C:\Windows \SysWOW64\ WerFault.e xe Process information set: FAILCRITIC ALERRORS | NOGPFAULT ERRORBOX Disables application error messsages (SetErrorMode) Source: C:\Windows \SysWOW64\ WerFault.e xe
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |