![]() Which is directly followed by "cmp dword ptr, 01h" and "jne 0040F886h". See related instructions: ".+139 call dword ptr GetCurrentProcess+145 mov dword ptr, eax+148 lea eax, dword ptr +154 push eax+155 call dword ptr GetVersionExA+161 cmp dword ptr, 01h+1F4C9h". Which is directly followed by "cmp dword ptr, 01h" and "jne 0040F4C9h". ![]() Source Hybrid Analysis Technology relevance 8/10Ĭontains ability to reboot/shutdown the operating systemįound API call (Target: "" Stream UID: "16871-5197-0040F410") ![]() ( Show ( Show ( Show ( Show ( Show ( Show ( Show ( Show ( Show ( Show ( Show ( Show ( Show ( Show ( Show ( Show ( Show ( Show ( Show ( Show ( Show ( Show ( Show ( Show ( Show ( Show ( Show ( Show ( Show ( Show ( Show ( Show ( Show ( Show ( Show ( Show ( Show ( Show ( Show ( Show ( Show ( Show ( Show ( Show ( Show ( Show ( Show ( Show from FWUpdLcl.exe (PID: 2904) ( Show from FWUpdLcl.exe (PID: 2904) ( Show Stream)
0 Comments
Leave a Reply. |