Multi-License Discount Quote

Change Region

English
Threat Database Potentially Unwanted Programs PUP.Brute.BBT

PUP.Brute.BBT

By CagedTech in Potentially Unwanted Programs

Analysis Report

General information

Family Name: PUP.Brute.BBT
Packers: UPX
Signature status: No Signature

Known Samples

MD5: 141a03e8764382059c1ddc0785fdde91
SHA1: 4c708e5e393d51ac9dcd5dd628241c49d6d6a628
SHA256: A4C64EACF0B1DFE0B0610EACBAB8A30CE650979A69EC17A370A13AAF9416620C
File Size: 1.79 MB, 1791629 bytes

Windows Portable Executable Attributes

  • File doesn't have "Rich" header
  • File doesn't have debug information
  • File doesn't have exports table
  • File doesn't have relocations information
  • File doesn't have security information
  • File has been packed
  • File is 32-bit executable
  • File is either console or GUI application
  • File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
  • File is Native application (NOT .NET application)
Show More
  • IMAGE_FILE_DLL is not set inside PE header (Executable)
  • IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

File Icons

Windows PE Version Information

Name Value
Company Name ESTsoft Corp.
File Description ALZip Self Extractor
File Version 19, 10, 1, 1
Internal Name EGGSFX
Legal Copyright Copyright (c) 1999 - present ESTsoft Corp. All right reserved.
Original Filename EGGSFX.sfx
Product Name ALZip
Product Version 19, 10, 1, 1

File Traits

  • big overlay
  • HighEntropy
  • packed
  • x86

Block Information

Total Blocks: 1,999
Potentially Malicious Blocks: 781
Whitelisted Blocks: 1,218
Unknown Blocks: 0

Visual Map

0 0 0 x 0 0 0 0 x x 0 0 0 x 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 x 0 0 x x x x x x x x 0 0 x x 0 x x x x 0 x 0 0 x x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 x 0 0 x x 0 x x 0 0 0 x 0 0 x 0 0 x x x x x x x x x x x x x x x x x x x x x 0 0 0 x x x 0 0 x 0 x x 0 0 x x x x x x x x x 0 0 0 0 0 0 x x x x x x x x 0 0 x x x x x 0 x 0 0 x x x x x x x x x x 0 x x x x x x x x x x x x x x x x 0 x x x x x x x x x x x x x x x x 0 x x x x x x x x x x x x x x x x 0 x 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 x x x x x 0 0 x x x x x x 0 x 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x x x x x 0 x x x x x x x x 0 0 0 0 0 0 0 0 0 0 x x x 0 0 0 x 0 0 x 0 0 0 x 0 0 x 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 x x x x x x x x x x x x x x x x 0 x x x x 0 x x x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x x 0 0 0 0 0 0 0 x 0 0 x x x x x x 0 0 x 0 0 0 0 x 0 x x x x x x x x x x x x x 0 0 0 x x x x x x x x 0 0 x 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x x 0 0 x x 0 0 0 0 0 x x x x 0 0 0 x x 0 0 x x 0 x x 0 0 0 0 0 x x x 0 0 0 0 x x x 0 0 0 0 0 0 x x 0 0 0 0 0 0 0 0 0 x x 0 x x 0 x x x x x x x x x x x x x x 0 0 0 0 x x x 0 0 0 0 0 0 0 0 0 0 0 x 0 x x x x x x x 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 x 0 x 0 0 0 0 0 x x 0 0 0 0 0 0 0 0 0 0 0 0 x 0 x x x x x x x x x x 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 x x 0 0 x x x 0 0 0 x 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 x x x 0 x 0 0 0 0 0 x 0 0 0 0 0 0 x 0 0 0 x x 0 x 0 x x x 0 0 0 0 x x x x 0 x x x x 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 x x 0 x x x 0 0 0 x x 0 0 x x 0 0 0 0 0 x x x x 0 x 0 x x x 0 x x x 0 x x x 0 0 0 0 0 0 0 0 0 0 0 0 x x x x x x x x x 0 0 x x x 0 x 0 x 0 0 0 x 0 x x x 0 x x x 0 0 x x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 x 0 x x x 0 0 0 x 0 0 x x x x x 0 x x x x x x x x 0 x 0 x 0 0 0 0 x x 0 0 x x x x x 0 0 0 0 0 x 1 1 1 1 x 0 x x 0 0 x x x x 0 x 0 x x x x x x x x 0 x x x x x x x x x x x x x x 0 x 0 x x 0 x 0 x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x x x x x x x x x x x x 0 0 x x x x x x x x x x x 0 0 0 x 0 x x x x x 0 x x x x x 0 x x x x x x x 0 x x 0 x 0 x 0 x x x x x x 0 0 x x x 0 0 x 0 x x x x x x x x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x x x x x x x 0 x x x x x x 0 0 0 0 0 0 0 x 0 0 x x x x x x x x x x x x x 0 0 x x x x x x 0 x x x x 0 0 x 0 x x x x 0 0 0 x x x x x x x x x x x 0 x x x x x x x x x x x x 0 x x 0 x x x x 0 0 x 0 0 x x x x x x 0 0 0 0 0 0 x 0 0 0 x x x 0 x x x x 0 x x x x x x x x 0 x x 0 0 0 0 x 0 0 0 x x x x x x 0 0 0 0 x x x x x 0 0 0 x x 0 0 0 x x x x 0 0 0 x x x x x 0 0 0 x 0 0 0 x 0 x x 0 x 0 0 0 0 0 0 x x x x 0 0 0 0 0 0 x x x x 0 x x x x 0 0 x x x x x x x x x x x 0 x x x x 0 x x x 0 0 x 0 0 0 0 x x x x 0 0 0 0 x 0 0 0 0 0 0 0 x x x x x x 0 0 x 0 x 0 0 x x x x x x 0 x 0 x x x x 0 x 0 0 x 0 x x x x 0 x 0 x x x x 0 0 0 0 x x 0 x x 0 x x 0 0 x 0 0 0 x x x x x x x x 0 0 x x x x x x x x 0 x x x x x x 0 x x x x 0 x x x x 0 x 0 0 x 0 x 1 1 1 1 1 1 1 1 1 1 0 0 0 0 0 0 0 0 0 0 x x x x x x x x x x x x x x x x 0 x x x x x x x x x x x x x x 0 x x x x x x x x x x x 0 0 1 2 0 0 0 0 0 0 1 1 0 1 0 0 0 1 0 0 1 0 0 0 1 0 0 1 0 1 0 0 0 0 1 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 1 0 0 0 0 0 0 0 0 0 0 1 1 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 1 1 1 0 3 1 1 1 0 0 1 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 2 3 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 2 2 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 1 1 1 0 0 1 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 1 1 0 1 0 0 1 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 2 0 0 0 0 1 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block

Similar Families

  • Agent.MC
  • Brute.BBT
  • Pakes.B

Files Modified

File Attributes
c:\samsung\win11arm\arm64\sadrvor.dll Generic Write,Read Attributes
c:\samsung\win11arm\arm64\sadrvor.dll Synchronize,Write Attributes
c:\samsung\win11arm\arm64\sadrvpj.dll Generic Write,Read Attributes
c:\samsung\win11arm\arm64\sadrvpj.dll Synchronize,Write Attributes
c:\samsung\win11arm\arm64\sadrvsc.dll Generic Write,Read Attributes
c:\samsung\win11arm\arm64\sadrvsc.dll Synchronize,Write Attributes
c:\samsung\win11arm\arm64\sadrvzd.dll Generic Write,Read Attributes
c:\samsung\win11arm\arm64\sadrvzd.dll Synchronize,Write Attributes
c:\samsung\win11arm\arm64\smpclrc2.dll Generic Write,Read Attributes
c:\samsung\win11arm\arm64\smpclrc2.dll Synchronize,Write Attributes
Show More
c:\samsung\win11arm\arm64\smxpsff1.dll Generic Write,Read Attributes
c:\samsung\win11arm\arm64\smxpsff1.dll Synchronize,Write Attributes
c:\samsung\win11arm\colora3pcl.bat Generic Write,Read Attributes
c:\samsung\win11arm\colora3pcl.bat Synchronize,Write Attributes
c:\samsung\win11arm\colora3pcl_en.bat Generic Write,Read Attributes
c:\samsung\win11arm\colora3pcl_en.bat Synchronize,Write Attributes
c:\samsung\win11arm\colorpcl6.bat Generic Write,Read Attributes
c:\samsung\win11arm\colorpcl6.bat Synchronize,Write Attributes
c:\samsung\win11arm\colorpcl6_en.bat Generic Write,Read Attributes
c:\samsung\win11arm\colorpcl6_en.bat Synchronize,Write Attributes
c:\samsung\win11arm\colorspl.bat Generic Write,Read Attributes
c:\samsung\win11arm\colorspl.bat Synchronize,Write Attributes
c:\samsung\win11arm\colorspl_en.bat Generic Write,Read Attributes
c:\samsung\win11arm\colorspl_en.bat Synchronize,Write Attributes
c:\samsung\win11arm\monoa3pcl.bat Generic Write,Read Attributes
c:\samsung\win11arm\monoa3pcl.bat Synchronize,Write Attributes
c:\samsung\win11arm\monoa3pcl_en.bat Generic Write,Read Attributes
c:\samsung\win11arm\monoa3pcl_en.bat Synchronize,Write Attributes
c:\samsung\win11arm\monopcl6.bat Generic Write,Read Attributes
c:\samsung\win11arm\monopcl6.bat Synchronize,Write Attributes
c:\samsung\win11arm\monopcl6_en.bat Generic Write,Read Attributes
c:\samsung\win11arm\monopcl6_en.bat Synchronize,Write Attributes
c:\samsung\win11arm\monospl.bat Generic Write,Read Attributes
c:\samsung\win11arm\monospl.bat Synchronize,Write Attributes
c:\samsung\win11arm\monospl_en.bat Generic Write,Read Attributes
c:\samsung\win11arm\monospl_en.bat Synchronize,Write Attributes
c:\samsung\win11arm\prnsacl1.cat Generic Write,Read Attributes
c:\samsung\win11arm\prnsacl1.cat Synchronize,Write Attributes
c:\samsung\win11arm\prnsacl1.inf Generic Write,Read Attributes
c:\samsung\win11arm\prnsacl1.inf Synchronize,Write Attributes
c:\samsung\win11arm\saacevents.xml Generic Write,Read Attributes
c:\samsung\win11arm\saacevents.xml Synchronize,Write Attributes
c:\samsung\win11arm\saacps.gdl Generic Write,Read Attributes
c:\samsung\win11arm\saacps.gdl Synchronize,Write Attributes
c:\samsung\win11arm\saacps.xml Generic Write,Read Attributes
c:\samsung\win11arm\saacps.xml Synchronize,Write Attributes
c:\samsung\win11arm\saactcpip.xml Generic Write,Read Attributes
c:\samsung\win11arm\saactcpip.xml Synchronize,Write Attributes
c:\samsung\win11arm\saacuni.gdl Generic Write,Read Attributes
c:\samsung\win11arm\saacuni.gdl Synchronize,Write Attributes
c:\samsung\win11arm\saacusb.js Generic Write,Read Attributes
c:\samsung\win11arm\saacusb.js Synchronize,Write Attributes
c:\samsung\win11arm\saacusb.xml Generic Write,Read Attributes
c:\samsung\win11arm\saacusb.xml Synchronize,Write Attributes
c:\samsung\win11arm\saacwsd.xml Generic Write,Read Attributes
c:\samsung\win11arm\saacwsd.xml Synchronize,Write Attributes
c:\samsung\win11arm\sabp6-manifest.ini Generic Write,Read Attributes
c:\samsung\win11arm\sabp6-manifest.ini Synchronize,Write Attributes
c:\samsung\win11arm\sabp6-pipelineconfig.xml Generic Write,Read Attributes
c:\samsung\win11arm\sabp6-pipelineconfig.xml Synchronize,Write Attributes
c:\samsung\win11arm\sabp6.gpd Generic Write,Read Attributes
c:\samsung\win11arm\sabp6.gpd Synchronize,Write Attributes
c:\samsung\win11arm\sabp6b-manifest.ini Generic Write,Read Attributes
c:\samsung\win11arm\sabp6b-manifest.ini Synchronize,Write Attributes
c:\samsung\win11arm\sabps-manifest.ini Generic Write,Read Attributes
c:\samsung\win11arm\sabps-manifest.ini Synchronize,Write Attributes
c:\samsung\win11arm\sabps-pipelineconfig.xml Generic Write,Read Attributes
c:\samsung\win11arm\sabps-pipelineconfig.xml Synchronize,Write Attributes
c:\samsung\win11arm\sabps.ppd Generic Write,Read Attributes
c:\samsung\win11arm\sabps.ppd Synchronize,Write Attributes
c:\samsung\win11arm\sabxp-manifest.ini Generic Write,Read Attributes
c:\samsung\win11arm\sabxp-manifest.ini Synchronize,Write Attributes
c:\samsung\win11arm\sabxp-pipelineconfig.xml Generic Write,Read Attributes
c:\samsung\win11arm\sabxp-pipelineconfig.xml Synchronize,Write Attributes
c:\samsung\win11arm\sabxp.gpd Generic Write,Read Attributes
c:\samsung\win11arm\sabxp.gpd Synchronize,Write Attributes
c:\samsung\win11arm\sacp6-manifest.ini Generic Write,Read Attributes
c:\samsung\win11arm\sacp6-manifest.ini Synchronize,Write Attributes
c:\samsung\win11arm\sacp6-pipelineconfig.xml Generic Write,Read Attributes
c:\samsung\win11arm\sacp6-pipelineconfig.xml Synchronize,Write Attributes
c:\samsung\win11arm\sacp6.gpd Generic Write,Read Attributes
c:\samsung\win11arm\sacp6.gpd Synchronize,Write Attributes
c:\samsung\win11arm\sacp6b-manifest.ini Generic Write,Read Attributes
c:\samsung\win11arm\sacp6b-manifest.ini Synchronize,Write Attributes
c:\samsung\win11arm\sacps-manifest.ini Generic Write,Read Attributes
c:\samsung\win11arm\sacps-manifest.ini Synchronize,Write Attributes
c:\samsung\win11arm\sacps-pipelineconfig.xml Generic Write,Read Attributes
c:\samsung\win11arm\sacps-pipelineconfig.xml Synchronize,Write Attributes
c:\samsung\win11arm\sacps.ppd Generic Write,Read Attributes
c:\samsung\win11arm\sacps.ppd Synchronize,Write Attributes
c:\samsung\win11arm\sacrd1.gpd Generic Write,Read Attributes
c:\samsung\win11arm\sacrd1.gpd Synchronize,Write Attributes
c:\samsung\win11arm\sacrd2.gpd Generic Write,Read Attributes
c:\samsung\win11arm\sacrd2.gpd Synchronize,Write Attributes
c:\samsung\win11arm\sacv2a-manifest.ini Generic Write,Read Attributes
c:\samsung\win11arm\sacv2a-manifest.ini Synchronize,Write Attributes
c:\samsung\win11arm\sacv2a-propertybag.bag Generic Write,Read Attributes
c:\samsung\win11arm\sacv2a-propertybag.bag Synchronize,Write Attributes
c:\samsung\win11arm\sacv2b-manifest.ini Generic Write,Read Attributes
c:\samsung\win11arm\sacv2b-manifest.ini Synchronize,Write Attributes
c:\samsung\win11arm\sacv2b-propertybag.bag Generic Write,Read Attributes
c:\samsung\win11arm\sacv2b-propertybag.bag Synchronize,Write Attributes
c:\samsung\win11arm\sacv5a-manifest.ini Generic Write,Read Attributes
c:\samsung\win11arm\sacv5a-manifest.ini Synchronize,Write Attributes
c:\samsung\win11arm\sacv5a-propertybag.bag Generic Write,Read Attributes
c:\samsung\win11arm\sacv5a-propertybag.bag Synchronize,Write Attributes
c:\samsung\win11arm\sacv5b-manifest.ini Generic Write,Read Attributes
c:\samsung\win11arm\sacv5b-manifest.ini Synchronize,Write Attributes
c:\samsung\win11arm\sacv5b-propertybag.bag Generic Write,Read Attributes
c:\samsung\win11arm\sacv5b-propertybag.bag Synchronize,Write Attributes
c:\samsung\win11arm\sacv5c-manifest.ini Generic Write,Read Attributes
c:\samsung\win11arm\sacv5c-manifest.ini Synchronize,Write Attributes
c:\samsung\win11arm\sacv5c-propertybag.bag Generic Write,Read Attributes
c:\samsung\win11arm\sacv5c-propertybag.bag Synchronize,Write Attributes
c:\samsung\win11arm\sacxp-manifest.ini Generic Write,Read Attributes
c:\samsung\win11arm\sacxp-manifest.ini Synchronize,Write Attributes
c:\samsung\win11arm\sacxp-pipelineconfig.xml Generic Write,Read Attributes
c:\samsung\win11arm\sacxp-pipelineconfig.xml Synchronize,Write Attributes
c:\samsung\win11arm\sacxp.gpd Generic Write,Read Attributes
c:\samsung\win11arm\sacxp.gpd Synchronize,Write Attributes
c:\samsung\win11arm\samrd1.gpd Generic Write,Read Attributes
c:\samsung\win11arm\samrd1.gpd Synchronize,Write Attributes
c:\samsung\win11arm\samrd2.gpd Generic Write,Read Attributes
c:\samsung\win11arm\samrd2.gpd Synchronize,Write Attributes
c:\samsung\win11arm\samv1a-manifest.ini Generic Write,Read Attributes
c:\samsung\win11arm\samv1a-manifest.ini Synchronize,Write Attributes
c:\samsung\win11arm\samv1a-propertybag.bag Generic Write,Read Attributes
c:\samsung\win11arm\samv1a-propertybag.bag Synchronize,Write Attributes
c:\samsung\win11arm\samv2a-manifest.ini Generic Write,Read Attributes
c:\samsung\win11arm\samv2a-manifest.ini Synchronize,Write Attributes
c:\samsung\win11arm\samv2a-propertybag.bag Generic Write,Read Attributes
c:\samsung\win11arm\samv2a-propertybag.bag Synchronize,Write Attributes
c:\samsung\win11arm\samv2b-manifest.ini Generic Write,Read Attributes
c:\samsung\win11arm\samv2b-manifest.ini Synchronize,Write Attributes
c:\samsung\win11arm\samv2b-propertybag.bag Generic Write,Read Attributes
c:\samsung\win11arm\samv2b-propertybag.bag Synchronize,Write Attributes
c:\samsung\win11arm\samv3a-manifest.ini Generic Write,Read Attributes
c:\samsung\win11arm\samv3a-manifest.ini Synchronize,Write Attributes
c:\samsung\win11arm\samv3a-propertybag.bag Generic Write,Read Attributes
c:\samsung\win11arm\samv3a-propertybag.bag Synchronize,Write Attributes
c:\samsung\win11arm\samv3b-manifest.ini Generic Write,Read Attributes
c:\samsung\win11arm\samv3b-manifest.ini Synchronize,Write Attributes
c:\samsung\win11arm\samv3b-propertybag.bag Generic Write,Read Attributes
c:\samsung\win11arm\samv3b-propertybag.bag Synchronize,Write Attributes
c:\samsung\win11arm\samv3c-manifest.ini Generic Write,Read Attributes
c:\samsung\win11arm\samv3c-manifest.ini Synchronize,Write Attributes
c:\samsung\win11arm\samv3c-propertybag.bag Generic Write,Read Attributes
c:\samsung\win11arm\samv3c-propertybag.bag Synchronize,Write Attributes
c:\samsung\win11arm\samv3d-manifest.ini Generic Write,Read Attributes
c:\samsung\win11arm\samv3d-manifest.ini Synchronize,Write Attributes
c:\samsung\win11arm\samv3d-propertybag.bag Generic Write,Read Attributes
c:\samsung\win11arm\samv3d-propertybag.bag Synchronize,Write Attributes
c:\samsung\win11arm\samv3e-manifest.ini Generic Write,Read Attributes
c:\samsung\win11arm\samv3e-manifest.ini Synchronize,Write Attributes
c:\samsung\win11arm\samv3e-propertybag.bag Generic Write,Read Attributes
c:\samsung\win11arm\samv3e-propertybag.bag Synchronize,Write Attributes
c:\samsung\win11arm\samv3f-manifest.ini Generic Write,Read Attributes
c:\samsung\win11arm\samv3f-manifest.ini Synchronize,Write Attributes
c:\samsung\win11arm\samv3f-propertybag.bag Generic Write,Read Attributes
c:\samsung\win11arm\samv3f-propertybag.bag Synchronize,Write Attributes
c:\samsung\win11arm\samv3g-manifest.ini Generic Write,Read Attributes
c:\samsung\win11arm\samv3g-manifest.ini Synchronize,Write Attributes
c:\samsung\win11arm\samv3g-propertybag.bag Generic Write,Read Attributes
c:\samsung\win11arm\samv3g-propertybag.bag Synchronize,Write Attributes
c:\samsung\win11arm\samv3h-manifest.ini Generic Write,Read Attributes
c:\samsung\win11arm\samv3h-manifest.ini Synchronize,Write Attributes
c:\samsung\win11arm\samv3h-propertybag.bag Generic Write,Read Attributes
c:\samsung\win11arm\samv3h-propertybag.bag Synchronize,Write Attributes
c:\samsung\win11arm\samv3i-manifest.ini Generic Write,Read Attributes
c:\samsung\win11arm\samv3i-manifest.ini Synchronize,Write Attributes
c:\samsung\win11arm\samv3i-propertybag.bag Generic Write,Read Attributes
c:\samsung\win11arm\samv3i-propertybag.bag Synchronize,Write Attributes
c:\samsung\win11arm\samv5a-manifest.ini Generic Write,Read Attributes
c:\samsung\win11arm\samv5a-manifest.ini Synchronize,Write Attributes
c:\samsung\win11arm\samv5a-propertybag.bag Generic Write,Read Attributes
c:\samsung\win11arm\samv5a-propertybag.bag Synchronize,Write Attributes
c:\samsung\win11arm\samv5b-manifest.ini Generic Write,Read Attributes
c:\samsung\win11arm\samv5b-manifest.ini Synchronize,Write Attributes
c:\samsung\win11arm\samv5b-propertybag.bag Generic Write,Read Attributes
c:\samsung\win11arm\samv5b-propertybag.bag Synchronize,Write Attributes
c:\samsung\win11arm\sasp-pipelineconfig.xml Generic Write,Read Attributes
c:\samsung\win11arm\sasp-pipelineconfig.xml Synchronize,Write Attributes
c:\samsung\win11arm\smpclrc2.gpd Generic Write,Read Attributes
c:\samsung\win11arm\smpclrc2.gpd Synchronize,Write Attributes
c:\users\user\appdata\local\microsoft\windows\usrclass.dat{dba6b5ef-640a-11ed-9bcb-f677369d361c}.txr.1.regtrans-ms Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\microsoft\windows\usrclass.dat{dba6b5ef-640a-11ed-9bcb-f677369d361c}.txr.2.regtrans-ms Generic Read,Write Data,Write Attributes,Write extended,Append data

Registry Modifications

Key::Value Data API Name
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::proxybypass  RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::intranetname  RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::uncasintranet  RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::autodetect RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::proxybypass  RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::intranetname  RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::uncasintranet  RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::autodetect RegNtPreCreateKey
HKLM\system\controlset001\services\bam\state\usersettings\s-1-5-21-3119368278-1123331430-659265220-1001::\device\harddiskvolume2\windows\system32\conhost.exe ᇪǜ RegNtPreCreateKey

Windows API Usage

Category API
Anti Debug
  • IsDebuggerPresent
User Data Access
  • GetUserObjectInformation
Process Manipulation Evasion
  • NtUnmapViewOfSection
Process Shell Execute
  • ShellExecuteEx
  • WriteConsole
Syscall Use
  • ntdll.dll!NtAccessCheck
  • ntdll.dll!NtAddAtomEx
  • ntdll.dll!NtAlertThreadByThreadId
  • ntdll.dll!NtAlpcConnectPortEx
  • ntdll.dll!NtAlpcQueryInformation
  • ntdll.dll!NtAlpcSendWaitReceivePort
  • ntdll.dll!NtApphelpCacheControl
  • ntdll.dll!NtClearEvent
  • ntdll.dll!NtClose
  • ntdll.dll!NtConnectPort
Show More
  • ntdll.dll!NtCreateEvent
  • ntdll.dll!NtCreateFile
  • ntdll.dll!NtCreateMutant
  • ntdll.dll!NtCreateSection
  • ntdll.dll!NtCreateSemaphore
  • ntdll.dll!NtDeviceIoControlFile
  • ntdll.dll!NtDuplicateObject
  • ntdll.dll!NtDuplicateToken
  • ntdll.dll!NtEnumerateValueKey
  • ntdll.dll!NtFindAtom
  • ntdll.dll!NtFreeVirtualMemory
  • ntdll.dll!NtMapViewOfSection
  • ntdll.dll!NtOpenDirectoryObject
  • ntdll.dll!NtOpenEvent
  • ntdll.dll!NtOpenFile
  • ntdll.dll!NtOpenKey
  • ntdll.dll!NtOpenKeyEx
  • ntdll.dll!NtOpenMutant
  • ntdll.dll!NtOpenProcessToken
  • ntdll.dll!NtOpenProcessTokenEx
  • ntdll.dll!NtOpenSection
  • ntdll.dll!NtOpenSemaphore
  • ntdll.dll!NtOpenThreadToken
  • ntdll.dll!NtOpenThreadTokenEx
  • ntdll.dll!NtProtectVirtualMemory
  • ntdll.dll!NtQueryAttributesFile
  • ntdll.dll!NtQueryInformationProcess
  • ntdll.dll!NtQueryInformationThread
  • ntdll.dll!NtQueryInformationToken
  • ntdll.dll!NtQueryKey
  • ntdll.dll!NtQueryPerformanceCounter
  • ntdll.dll!NtQuerySecurityAttributesToken
  • ntdll.dll!NtQuerySecurityObject
  • ntdll.dll!NtQuerySystemInformation
  • ntdll.dll!NtQueryValueKey
  • ntdll.dll!NtQueryVirtualMemory
  • ntdll.dll!NtQueryVolumeInformationFile
  • ntdll.dll!NtQueryWnfStateData
  • ntdll.dll!NtReleaseMutant
  • ntdll.dll!NtReleaseSemaphore
  • ntdll.dll!NtReleaseWorkerFactoryWorker
  • ntdll.dll!NtRequestWaitReplyPort
  • ntdll.dll!NtSetEvent
  • ntdll.dll!NtSetInformationKey
  • ntdll.dll!NtSetInformationProcess
  • ntdll.dll!NtSetInformationVirtualMemory
  • ntdll.dll!NtSetInformationWorkerFactory
  • ntdll.dll!NtSetTimer2
  • ntdll.dll!NtSubscribeWnfStateChange
  • ntdll.dll!NtTestAlert
  • ntdll.dll!NtTraceControl
  • ntdll.dll!NtUnmapViewOfSection
  • ntdll.dll!NtUnmapViewOfSectionEx
  • ntdll.dll!NtWaitForAlertByThreadId
  • ntdll.dll!NtWaitForMultipleObjects
  • ntdll.dll!NtWaitForSingleObject
  • ntdll.dll!NtWaitForWorkViaWorkerFactory
  • ntdll.dll!NtWaitLowEventPair
  • ntdll.dll!NtWorkerFactoryWorkerReady
  • ntdll.dll!NtWriteFile
  • UNKNOWN

Shell Command Execution

(NULL) C:\Samsung\Win11ARM\colorPCL6.bat
WriteConsole: Windows11 ARM 64
WriteConsole: 312e20e29482e295abe2959ec2abe294
WriteConsole: 322e20555342e29596e295ac20e29490
WriteConsole: 332e20e29482c2ace29691c3ade29692
Show More
WriteConsole: e2959fe294b4e29595e29691e294bce2

Trending

Most Viewed

Loading...