String found in binary or memory: equa ls ( Youtube)ĭNS traffic detected: queries fo r: purples pace.nyc3. AfterBackg roundedPur geAndSuspe nd.Experim ental.Memo ryGrowth.P artitionAl locKBPurge AndSuspend. V8MainThre aIsolate.A fterBackgr oundedMemo ry.Experim ental.Rend erer.Total Allocated. Experiment al.Rendere r.Discarda ble.AfterB ackgrounde dMemory.Ex perimental. Renderer.M alloc.Afte rBackgroun dedMemory. t ya hooamazonw ikipediaRe nderThread Impl::Init RendererIn itializeCo mpositorTh readSchedu leIdleHand lerGetGpuF actories_I pcMessageH andlerClas s::OnCreat eNewShared Worker5min OnProcessB ackgrounde d10min15mi n30minOnPr ocessPurge AndSuspend 60min90min %s.%sMemor y.Experime ntal.Rende rer.Partit ionAlloc.A fterBackgr oundedMemo ry.Experim ental.Rend erer.Blink GC.AfterBa ckgrounded Memory.Exp erimental. mdrive.goo csplus.goo usinbox.go nboxcalend ar.google. MemoryHea pSampleTot alUsedV8.M emoryHeapU sedV8.Memo ryHeapComm ittedmail. String found in binary or memory: V8.MemoryE xternalFra gmentation TotalV8.Me moryHeapSa mpleTotalC ommittedV8. JA3 fingerprint: bc6c386f48 0ee97b9d9e 52d472b772 d8įound strings which match to known social media urls JA3 SSL client fingerprint seen in connection with other malware 0.26.exeĬode function: 0_2_004059 CC GetTemp PathW,Dele teFileW,ls trcatW,lst rcatW,lstr lenW,FindF irstFileW, FindNextFi leW,FindCl ose,Ĭode function: 0_2_004065 FD FindFir stFileW,Fi ndClose,Ĭode function: 0_2_004028 68 FindFir stFileW,įile opened: C:\Users\u ser\AppDat a\Local\Pr ograms\pro mpt-dog\re sources\ap p.asar.unp acked\node _modules\f ont-list\l ibsįile opened: C:\Users\u ser\AppDat a\Local\Pr ograms\pro mpt-dog\re sources\ap p.asar.unp acked\node _modules\f ont-listįile opened: C:\Users\u ser\AppDat a\Local\Pr ograms\pro mpt-dog\re sourcesįile opened: C:\Users\u ser\AppDat a\Local\Pr ograms\pro mpt-dog\re sources\ap p.asar.unp ackedįile opened: C:\Users\u ser\AppDat a\Local\Pr ograms\pro mpt-dog\re sources\ap p.asar.unp acked\node _modulesįile opened: C:\Users\u ser\AppDat a\Local\Pr ograms\pro mpt-dog\lo cales
Source: C:\Users\u ser\Deskto p\PromptDo g Setup 4. Standard Non-Application Layer Protocol 1Ĭontains functionality to enumerate / list files inside a directory Remotely Track Device Without Authorization Report size getting too big, too many NtQueryVolumeInformationFile calls found.Įavesdrop on Insecure Network Communication.Report size getting too big, too many NtQueryValueKey calls found.Report size getting too big, too many NtProtectVirtualMemory calls found.Report size getting too big, too many NtOpenKeyEx calls found.Report size getting too big, too many NtAllocateVirtualMemory calls found.Report size exceeded maximum capacity and may have missing network information.Report size exceeded maximum capacity and may have missing behavior information.Excluded domains from analysis (whitelisted):, .net,, ,, ,.Exclude process from analysis (whitelisted): dllhost.exe, conhost.exe, CompatTelRunner.exe, svchost.exe.
0 kommentar(er)
