Xenocode virtual desktop windows 10
- #Xenocode virtual desktop windows 10 code#
- #Xenocode virtual desktop windows 10 windows 7#
- #Xenocode virtual desktop windows 10 download#
- #Xenocode virtual desktop windows 10 windows#
#Xenocode virtual desktop windows 10 windows#
Source: C:\Users\user\AppData\Local\Xenocode\Sandbox\Sistema operativo Microsoft Windows opened: C:\Users\u ser\AppDat a\Local\ Source: C:\Users\user\AppData\Local\Xenocode\Sandbox\Sistema operativo Microsoft Windows opened: C:\Users\u ser\AppDat a\Local\Xe nocode\San dbox\Siste ma operati vo Microso ft Window s \6.00.29 00.2180\ Source: C:\Users\user\AppData\Local\Xenocode\Sandbox\Sistema operativo Microsoft Windows opened: C:\Users\u ser\AppDat a\ Source: C:\Users\user\AppData\Local\Xenocode\Sandbox\Sistema operativo Microsoft Windows opened: C:\Users\u ser\AppDat a\Local\Xe nocode\ Source: C:\Users\user\AppData\Local\Xenocode\Sandbox\Sistema operativo Microsoft Windows opened: C:\Users\u ser\AppDat a\Local\Xe nocode\San dbox\ Source: C:\Users\user\AppData\Local\Xenocode\Sandbox\Sistema operativo Microsoft Windows function: 2_2_01002A 96 _String CopyWorker ngCatWorke FirstFileA ,lstrcmpA, _StringCop 2,lstrcmpA ,lstrcmpA, _StringCat ,_StringCa 2,SetFileA ttributesA ,DeleteFil eA,FindNex tFileA,Fin dClose,Rem oveDirecto ryA, Source: C:\Users\user\AppData\Local\Xenocode\Sandbox\Sistema operativo Microsoft Windows function: 2_2_003E1F 90 CloseHa ndle,FindF irstFileW, FindNextFi leW,Create FileW,Crea teFileMapp ingW,MapVi ewOfFile,U nmapViewOf File,MapVi ewOfFile,U nmapViewOf File,MapVi ewOfFile,U nmapViewOf File,MapVi ewOfFile,M apViewOfFi le,UnmapVi ewOfFile,M apViewOfFi le,CloseHa ndle,Close Handle,Fin dClose,Get LastError, CloseHandl e,GetLastE rror,GetLa stError,Cl oseHandle, FindClose, Source: C:\Users\user\AppData\Local\Xenocode\Sandbox\Sistema operativo Microsoft Windows function: 2_2_003BCD A9 push ec x retĬontains functionality to enumerate / list files inside a directoryĬode function: 1_2_002B1F 90 CloseHa ndle,FindF irstFileW, FindNextFi leW,Create FileW,Crea teFileMapp ingW,MapVi ewOfFile,U nmapViewOf File,MapVi ewOfFile,U nmapViewOf File,MapVi ewOfFile,U nmapViewOf File,MapVi ewOfFile,M apViewOfFi le,UnmapVi ewOfFile,M apViewOfFi le,CloseHa ndle,Close Handle,Fin dClose,Get LastError, CloseHandl e,GetLastE rror,GetLa stError,Cl oseHandle, FindClose, Source: C:\Users\user\AppData\Local\Xenocode\Sandbox\Sistema operativo Microsoft Windows function: 2_2_003BBC E6 push ec x ret Source: C:\Users\user\AppData\Local\Xenocode\Sandbox\Sistema operativo Microsoft Windows function: 2_2_003B55 EB push ec x mov dwo rd ptr, eax
#Xenocode virtual desktop windows 10 code#
Uses code obfuscation techniques (call, push, ret)Ĭode function: 1_2_0028BC E6 push ec x retĬode function: 1_2_0028CD A9 push ec x retĬode function: 1_2_002855 EB push ec x mov dwo rd ptr, eaxĬode function: 1_2_684855 79 push ec x ret PE file contains sections with non-standard names
String found in binary or memory: cure.xenoc ode.com/St ore?Action =VmPurchas e&MachineS ig=&Publis herSerial= tĬontains functionality to dynamically determine API callsĬode function: 1_2_002C20 D4 LoadLib raryW,GetP rocAddress , String found in binary or memory: cure.xenoc ode.com/St ore?Action =VmPurchas e String found in binary or memory: cure.xenoc ode.com/St ore/Client Activation. String found in binary or memory: a.com/help a.com/help String found in binary or memory: a.com/help String found in binary or memory: file:///C: /Users/Sam %20Tarwell /Desktop/g gggg.EXEer String found in binary or memory: file:///C: /Users/Sam %20Tarwell /Desktop/g gggg.EXE Source: C:\Users\user\Desktop\3KPGbN7MNw.exeĬode function: 1_2_684735 A0 Interne tQueryData Available, SetEvent,G etLastErro r,Internet ReadFile,
#Xenocode virtual desktop windows 10 download#
Successful, ratio: 36.2% (good quality ratio 35.8%)Ĭontains functionality to download additional files from the internet.Number of analysed new started processes analysed:
#Xenocode virtual desktop windows 10 windows 7#
Windows 7 SP1 (with Office 2010 SP2, IE 11, FF 54, Chrome 60, Acrobat Reader DC 17, Flash 26, Java. Analysis Report Overview General InformationģKPGbN7MNw (renamed file extension from none to exe)