Trojan.Alien.C
Table of Contents
Analysis Report
General information
| Family Name: | Trojan.Alien.C |
|---|---|
| Signature status: | Root Not Trusted |
Known Samples
Known Samples
This section lists other file samples believed to be associated with this family.|
MD5:
b625cc1223d0afc24ba9f58a0721c6df
SHA1:
aa8b54505bec3d337e2297065214bc6bb7806edb
SHA256:
B3B0C317C26EE23E19B61E7B3C3338BE7B2BF09B96A9464B326817DF6902B3CA
File Size:
648.95 KB, 648952 bytes
|
|
MD5:
b4905409e6cd04e8549ade4da6506680
SHA1:
7169656d2c1dd02fb25cd7f007846e19fc3e64ba
SHA256:
1B6C4C92C4BEF2D473FC2033AD0CED17D9981CA472064D6F8DEB0218DB7ABAAB
File Size:
648.97 KB, 648968 bytes
|
|
MD5:
7d8347fcd06b942ec0e46e45ec0212ca
SHA1:
03b6166eb74b148ea0eb6f019412ab0a80747496
SHA256:
773975B29BEF7B4106959D26B07FCD6C40BD417F911E39804FBADACE7F5AEC32
File Size:
648.93 KB, 648928 bytes
|
|
MD5:
d5f22d70eb054d14ec0bd7d39fcb8875
SHA1:
6474bc2f35e3342a745911f0a51e478b7896dff5
SHA256:
1B430B58CFB86757A292F28FEE62E2A7ECC699F4BC0F4F239112D61B52CDFEB9
File Size:
648.93 KB, 648928 bytes
|
|
MD5:
8426baacc8fcc60a15c70783755a0f20
SHA1:
af96f5eaeed94eafc0bc3542877a432baade1610
SHA256:
0DA18B7C6490897E9D1B6376E088BE74938A6B6C3536B74FFF8DF2A49BEF24D6
File Size:
648.93 KB, 648928 bytes
|
Show More
|
MD5:
9b091811de6927ba676ad857ba71aadc
SHA1:
17797c3b70dbcf1bc7a9a3bf100e15bc8263ce79
SHA256:
DF9D06BA4CB9A5441269844BDC3F14163E1DC2064BA887131CF233555D4F7E52
File Size:
648.93 KB, 648928 bytes
|
|
MD5:
ca4c854d83ff8b3b261cf8752671c6f9
SHA1:
e393f8a131fcfa49e630fbf720d19c62a6a6bcab
SHA256:
9EC9D5647FDF5CEAEB1A31A58E73685A03B6383DEA00288263425DEEE5289CE2
File Size:
648.93 KB, 648928 bytes
|
|
MD5:
9b353b13eee08c93fecfac444a1b2395
SHA1:
19047ca0b1443e3fb91a75fbeb63fff6a4acea8f
SHA256:
E56595DCE335D69CCC6244BCEFC4EFC69352D37F9FD274AF372F774724A38A9A
File Size:
648.95 KB, 648952 bytes
|
|
MD5:
cbf45faa810484d11eea472b8401e6ea
SHA1:
885a0cc4f66f0dfd07aedf87ce4d8a694f465b47
SHA256:
3E97F038726C0BD52B1150182AF11D97833525EA2B9BD8B1B80C688F09361ABE
File Size:
648.93 KB, 648928 bytes
|
|
MD5:
2d2ff690b4aad0d55f1146bb0a225761
SHA1:
49f51da54df5a9a773188ae87b67cda21163a2bb
SHA256:
D7722BDB308D94CE881DC1D2FD5EC90819AF244F5178F2A3E450BDC74B8986B8
File Size:
648.93 KB, 648928 bytes
|
|
MD5:
7b5102cbcaefa6fed3c17397cb0890cb
SHA1:
674679bdf5714ba1e44286e1f9ced2bd9b816623
SHA256:
6556B38BF459BE6828B7424C5CCC43AD054DCBA1F835423C62415CAAC77C53C9
File Size:
648.93 KB, 648928 bytes
|
|
MD5:
8e3d204dc4cc94e623a2768fe1477ef0
SHA1:
28d375b3d7017676a3a10fb2c71b3f32d5017469
SHA256:
B84C91AAEEFAF294E8507614B1EB150073B505CA641AAD2437279EDFC0C1A4AE
File Size:
648.93 KB, 648928 bytes
|
|
MD5:
c0712017a94210a80f6298fb5b10537e
SHA1:
8e7c320d867a96f12509cfba93071ce2bd21c202
SHA256:
BF7E41865DC40AB6BF1E29BA7A02776921736A8E0B691174B50D5D7B95779EAE
File Size:
648.93 KB, 648928 bytes
|
|
MD5:
017d7335bc986911dde1d8ac0c6142bf
SHA1:
abd2e22f7511cb26f2a360a38454fb02e0a1fcc0
SHA256:
1FB417DEBE495EFFA00CD7CADDC381F8C98DBC36038513619571BF5D43C789DE
File Size:
648.93 KB, 648928 bytes
|
|
MD5:
a13d418ab149a2b8415428f06e6a1951
SHA1:
1d77cf460ae8d4d4609533125602e52e4309e4de
SHA256:
49F5606521835DB9C3FBDD86321F371BC74D63E79730DE1CE2CA75F5B34C8C6F
File Size:
648.93 KB, 648928 bytes
|
|
MD5:
cf19ae07b5e6e198480ef2b339ea49c7
SHA1:
e7ba8afdf313356a8266793b7723ff15b3d5a611
SHA256:
DABA54A8E942627B6FC0E6042B3DB338E02D3CE0845323AC24AB15EEFA40E5F0
File Size:
648.94 KB, 648936 bytes
|
|
MD5:
9633e8a40c969fc313c96bf6457db711
SHA1:
22f70d97627335bc06254ac6c7e88b8b94a0f7d9
SHA256:
B0748D3CBFBEE95A77FD9142E21ED15CF31667A622CAAD5E4EAFCA044321E73E
File Size:
648.93 KB, 648928 bytes
|
|
MD5:
abb353263b24740864b43f13f281b73c
SHA1:
a64f895ec4e54be5bc30ca9b2faf6ef64cfab17e
SHA256:
6188CAB9C45278FFE01E4EC33ED5185DFE81A8216EB6EA9746A005597176CDC4
File Size:
648.93 KB, 648928 bytes
|
|
MD5:
1da6acc1efdcf47e57f548a4733b958b
SHA1:
8bed8458baab92071422680b8b6053d5cb32b1f6
SHA256:
1D2A321CFD5148540A511265837B0560A2C0D5B6B676E5AAE2C15D6C81A06E21
File Size:
648.93 KB, 648928 bytes
|
|
MD5:
4229d0ddc277d7139ddce14382d1d9c1
SHA1:
ba7413a73b60f6b2ffae5c2f786b9e9878af2442
SHA256:
EF5C339BC1F2CAD956412A00D11D184C2E178EA454E4393BB5F0CAB776112380
File Size:
648.93 KB, 648928 bytes
|
|
MD5:
98e6847b9251f02a8972636395038527
SHA1:
356a3366dbeb11b4ee13b9478f0fb30135d9e813
SHA256:
884C3F0E841E047639D97A9D1CD1030F0F763BD276259B55BEED40BA370373A4
File Size:
648.94 KB, 648936 bytes
|
|
MD5:
2d8862f9f2a163895dd1fda45864bba9
SHA1:
afc24811f4241f0f6c4a90ca77b60674a94d725c
SHA256:
2F900642A145B15F55EB9A16DA0D9E2EBAE6E1B46ACDF384857A6DE605844230
File Size:
648.93 KB, 648928 bytes
|
|
MD5:
ea0dfcf05ad3b6e3fa03a67b6d2ae3d3
SHA1:
9b807c55e3c69cc548da7c40477d1a56dec52da0
SHA256:
880D7200629C0B05A8D61E3656E9B1CA7DB901EB08FA09448D5E20A99D17704F
File Size:
642.29 KB, 642288 bytes
|
|
MD5:
960abb8178c8e216536251986e9619f8
SHA1:
30aa39756d58f2b6ab4110d18e890d61df6f4189
SHA256:
7C3A16C528D0FA9EFD8BC34BC85D6CF517CBEF5734FB5C351328952EC2BCFB56
File Size:
648.95 KB, 648952 bytes
|
|
MD5:
23777e24b9dc18e8bc69981ad7b00a76
SHA1:
e304bbca1f9b2cd35fa1cc66687835782a80eec6
SHA256:
50D3E92FA958248CC0D3CFA318BFA36F9DDB648D38EBE8520A441AA7E1099B68
File Size:
648.95 KB, 648952 bytes
|
|
MD5:
962ce67092dae9dbdefd20ad4d138ca4
SHA1:
2bbc625e8d55ad41460cc2dca4f688c0b9f3a733
SHA256:
8C79DB974C44D1A30B6BC98E600D17CD8C8DD99329160DC2F937DED87723E975
File Size:
648.95 KB, 648952 bytes
|
|
MD5:
6a2f92949ca5e46583be465d7aca412b
SHA1:
5b14f991290768cc73cf5d75d26ba026a8981478
SHA256:
5D9841420404DD114BC254C8AFADAAA9BF7471E740EB28FDF0B3BDB7135027ED
File Size:
648.95 KB, 648952 bytes
|
|
MD5:
3afd0cbe635b884d90dcde9f9c147ffc
SHA1:
20913eadea32022118056f23e522e010bd342e16
SHA256:
DDA62A230E1E88767F3269515CF7CE70B2A1DD5F4BCF08CAC6621B36F705A020
File Size:
648.95 KB, 648952 bytes
|
|
MD5:
694829b750392dda0e92ff3f8487ee11
SHA1:
143d6c80007d219d132cd54b7b143def300915a6
SHA256:
09586444EB40500AB705CE38CA32A8E40028DBCC20215BEE21976A9EFF763C5C
File Size:
648.93 KB, 648928 bytes
|
|
MD5:
f0b97f7232dd5f3c058f748fab67d488
SHA1:
2d3f72afba127378edf8de0173c5bb4e401ccd42
SHA256:
29F571391A7B2C3361EC46298679A3597CA0EBA2AF0CD66A959D7C23C1C6D4D1
File Size:
648.93 KB, 648928 bytes
|
|
MD5:
a827e8123e699ba46f172b9f03cfe53b
SHA1:
96960da88e04b9b43dd8551c66a6a8043f66111c
SHA256:
8F4978B6574E0B8B09255A73958650BCA182810942B7B182FCB2EE6FC3D1E2A8
File Size:
648.93 KB, 648928 bytes
|
|
MD5:
95d71dc6651079c672982e829faf9028
SHA1:
b810bf3ce4541c202e9e75d3e256fae9168e4073
SHA256:
884CF3467AA6FF7CEC4C896AEDD247835BA561B028EFAA1B22302822879B8E96
File Size:
648.93 KB, 648928 bytes
|
Windows Portable Executable Attributes
- File doesn't have "Rich" header
- File doesn't have debug information
- File doesn't have exports table
- File doesn't have relocations information
- File is 64-bit executable
- File is either console or GUI application
- File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
- File is Native application (NOT .NET application)
- File is not packed
- IMAGE_FILE_DLL is not set inside PE header (Executable)
Show More
- IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)
File Icons
File Icons
This section displays icon resources found within family samples. Malware often replicates icons commonly associated with legitimate software to mislead users into believing the malware is safe.
Windows PE Version Information
Windows PE Version Information
This section displays values and attributes that have been set in the Windows file version information data structure for samples within this family. To mislead users, malware actors often add fake version information mimicking legitimate software.| Name | Value |
|---|---|
| Company Name | SimpleHelp Ltd |
| File Description |
|
| File Version |
|
| Legal Copyright |
|
| Original Filename |
|
| Product Name |
|
| Product Version |
|
Digital Signatures
Digital Signatures
This section lists digital signatures that are attached to samples within this family. When analyzing and verifying digital signatures, it is important to confirm that the signature’s root authority is a well-known and trustworthy entity and that the status of the signature is good. Malware is often signed with non-trustworthy “Self Signed” digital signatures (which can be easily created by a malware author with no verification). Malware may also be signed by legitimate signatures that have an invalid status, and by signatures from questionable root authorities with fake or misleading “Signer” names.| Signer | Root | Status |
|---|---|---|
| SimpleHelp Ltd | DigiCert Trusted Root G4 | Root Not Trusted |
| SimpleHelp Ltd | DigiCert Trusted Root G4 | Root Not Trusted |
| SimpleHelp Ltd | SimpleHelp Ltd | Self Signed |
File Traits
- big overlay
- x64
Block Information
Block Information
During analysis, EnigmaSoft breaks file samples into logical blocks for classification and comparison with other samples. Blocks can be used to generate malware detection rules and to group file samples into families based on shared source code, functionality and other distinguishing attributes and characteristics. This section lists a summary of this block data, as well as its classification by EnigmaSoft. A visual representation of the block data is also displayed, where available.| Total Blocks: | 1,311 |
|---|---|
| Potentially Malicious Blocks: | 390 |
| Whitelisted Blocks: | 921 |
| Unknown Blocks: | 0 |
Visual Map
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
0
0
x
x
x
x
x
0
0
x
x
x
x
x
x
x
x
x
x
x
0
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
0
x
x
x
x
x
x
x
x
x
x
0
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
0
0
x
x
x
x
x
x
x
x
x
x
x
0
x
x
x
x
x
x
x
x
x
x
0
0
0
x
x
0
x
0
x
x
x
x
x
x
x
x
x
x
x
x
x
0
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
0
x
0
x
x
x
x
x
0
0
x
x
x
0
x
x
0
x
0
x
x
x
x
0
x
x
0
x
x
x
0
x
x
x
0
0
0
0
x
x
x
0
x
x
0
x
x
x
x
x
0
x
x
0
x
x
0
0
0
0
0
x
x
0
0
0
0
0
x
x
0
0
x
x
0
0
x
x
x
x
x
x
x
0
x
x
x
x
x
0
0
x
x
0
0
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
0
x
x
x
x
0
0
x
x
x
0
0
0
0
x
0
x
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
2
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
x
0
0
0
0
0
0
1
0
0
0
0
1
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
0
0
0
0
1
0
0
0
0
0
0
0
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
0
0
0
0
0
0
0
1
0
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
x
0
0
1
0
0
0
0
0
0
1
0
0
0
0
0
0
0
0
0
0
x
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
1
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
x
0
x
x
0
0
0
x
x
x
x
0
x
x
x
x
x
x
x
x
x
x
0
x
x
0
x
0
0
x
x
x
x
0
0
0
x
0
0
x
x
0
x
0
0
x
x
0
0
x
x
0
0
0
x
0
0
0
0
0
x
x
x
0
x
x
x
x
0
x
x
x
x
x
x
x
0
x
0
x
x
x
0
x
x
0
0
0
x
x
0
0
x
0
x
x
0
0
0
0
0
0
0
0
0
0
0
x
0
x
0
x
0
0
x
x
x
x
0
0
0
x
x
0
0
0
0
0
0
0
0
x
0
0
0
x
0
0
0
0
0
x
x
0
0
0
0
x
0
0
0
0
1
0
0
0
x
x
0
0
0
x
0
x
0
x
x
x
x
0
0
x
x
0
0
0
x
x
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
x
x
0
0
0
0
x
0
0
0
x
0
x
x
0
x
0
0
0
0
x
0
x
0
0
x
x
0
x
0
0
x
0
0
0
x
0
x
x
x
0
0
x
x
0
0
0
0
0
x
0
x
0
0
0
0
0
0
0
x
x
1
0
0
0
0
0
1
0
x
0
0
0
0
0
x
x
x
0
0
0
0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block
? - Unknown Block
x - Potentially Malicious Block
Similar Families
Similar Families
This section lists other families that share similarities with this family, based on EnigmaSoft’s analysis. Many malware families are created from the same malware toolkits and use the same packing and encryption techniques but uniquely extend functionality. Similar families may also share source code, attributes, icons, subcomponents, compromised and/or invalid digital signatures, and network characteristics. Researchers leverage these similarities to rapidly and effectively triage file samples and extend malware detection rules.- Alien.C
Files Modified
Files Modified
This section lists files that were created, modified, moved and/or deleted by samples in this family. File system activity can provide valuable insight into how malware functions on the operating system.| File | Attributes |
|---|---|
| c:\programdata\jwrapper-remote access\logs\wrapper-2025-09-26-00-04-29-913.log | Generic Write,Read Attributes |
| c:\programdata\jwrapper-remote access\logs\wrapper-2025-10-07-21-52-28-752.log | Generic Write,Read Attributes |
| c:\programdata\jwrapper-remote access\logs\wrapper-2025-10-25-16-10-44-878.log | Generic Write,Read Attributes |
| c:\programdata\jwrapper-remote access\logs\wrapper-2025-10-30-13-16-42-737.log | Generic Write,Read Attributes |
| c:\programdata\jwrapper-remote access\logs\wrapper-2025-11-13-06-40-44-110.log | Generic Write,Read Attributes |
| c:\programdata\jwrapper-remote access\logs\wrapper-2025-12-06-23-40-48-689.log | Generic Write,Read Attributes |
| c:\programdata\jwrapper-remote access\logs\wrapper-2025-12-11-14-30-06-183.log | Generic Write,Read Attributes |
| c:\programdata\jwrapper-remote access\logs\wrapper-2025-12-12-05-15-55-420.log | Generic Write,Read Attributes |
| c:\programdata\jwrapper-remote access\logs\wrapper-2025-12-17-03-45-14-733.log | Generic Write,Read Attributes |
| c:\programdata\jwrapper-remote access\logs\wrapper-2025-12-18-00-05-48-176.log | Generic Write,Read Attributes |
Show More
| c:\programdata\jwrapper-remote access\logs\wrapper-2026-01-07-19-36-56-794.log | Generic Write,Read Attributes |
| c:\programdata\jwrapper-remote access\logs\wrapper-2026-01-20-11-18-00-083.log | Generic Write,Read Attributes |
| c:\programdata\jwrapper-remote access\logs\wrapper-2026-01-29-21-10-56-439.log | Generic Write,Read Attributes |
| c:\programdata\jwrapper-remote access\logs\wrapper-2026-02-02-16-16-58-226.log | Generic Write,Read Attributes |
| c:\programdata\jwrapper-remote access\logs\wrapper-2026-02-21-04-45-49-772.log | Generic Write,Read Attributes |
| c:\programdata\jwrapper-remote access\logs\wrapper-2026-02-25-12-35-46-612.log | Generic Write,Read Attributes |
| c:\programdata\jwrapper-remote access\logs\wrapper-2026-03-10-07-07-30-636.log | Generic Write,Read Attributes |
| c:\programdata\jwrapper-remote access\logs\wrapper-2026-03-11-05-18-24-897.log | Generic Write,Read Attributes |
| c:\programdata\jwrapper-remote access\logs\wrapper-2026-03-22-11-12-38-876.log | Generic Write,Read Attributes |
| c:\programdata\jwrapper-remote access\logs\wrapper-2026-04-06-22-49-33-693.log | Generic Write,Read Attributes |
| c:\programdata\jwrapper-remote access\logs\wrapper-2026-04-09-08-58-48-626.log | Generic Write,Read Attributes |
| c:\programdata\jwrapper-remote access\logs\wrapper-2026-04-11-06-14-49-288.log | Generic Write,Read Attributes |
| c:\programdata\jwrapper-remote access\logs\wrapper-2026-04-11-14-35-25-284.log | Generic Write,Read Attributes |
| c:\programdata\jwrapper-remote access\logs\wrapper-2026-04-14-10-13-05-860.log | Generic Write,Read Attributes |
| c:\programdata\jwrapper-remote access\logs\wrapper-2026-04-14-10-17-06-505.log | Generic Write,Read Attributes |
| c:\programdata\jwrapper-remote access\logs\wrapper-2026-04-14-13-13-29-693.log | Generic Write,Read Attributes |
| c:\programdata\jwrapper-remote access\logs\wrapper-2026-04-18-12-17-05-935.log | Generic Write,Read Attributes |
| c:\programdata\jwrapper-remote access\logs\wrapper-2026-04-18-20-37-05-944.log | Generic Write,Read Attributes |
| c:\programdata\jwrapper-remote access\logs\wrapper-2026-04-20-07-45-38-296.log | Generic Write,Read Attributes |
| c:\users\user\appdata\roaming\jwrapper-remote support\logs\wrapper-2026-02-20-07-07-45-441.log | Generic Write,Read Attributes |
| c:\users\user\appdata\roaming\jwrapper-remote support\logs\wrapper-2026-03-23-06-19-53-443.log | Generic Write,Read Attributes |
| c:\users\user\appdata\roaming\jwrapper-simplehelp technician\logs\wrapper-2025-09-26-18-50-26-292.log | Generic Write,Read Attributes |
Windows API Usage
Windows API Usage
This section lists Windows API calls that are used by the samples in this family. Windows API usage analysis is a valuable tool that can help identify malicious activity, such as keylogging, security privilege escalation, data encryption, data exfiltration, interference with antivirus software, and network request manipulation.| Category | API |
|---|---|
| Syscall Use |
Show More
|
