![]() "vboxservice.exe" (Indicator: "vboxservice") "vmwareuser.exe" (Indicator: "vmwareuser") "vmwaretray.exe" (Indicator: "vmwaretray") "VirtualBox Host-Only Ethernet Adapter" (Indicator: "virtualbox") "VMware Virtual Ethernet Adapter for VMnet1" (Indicator: "vmware") "VMware Virtual Ethernet Adapter for VMnet1" (Indicator: "vmnet") "VMware Virtual Ethernet Adapter for VMnet8" (Indicator: "vmware") "VMware Virtual Ethernet Adapter for VMnet8" (Indicator: "vmnet") "Microsoft Hyper-V Network Adapter" (Indicator: "hyper-v") "VMware Accelerated AMD PCNet Adapter" (Indicator: "vmware") ![]() Possibly checks for the presence of an Antivirus engineĪn adversary may attempt to get detailed information about the operating system and hardware, including version, patches, hotfixes, service packs, and architecture.Ĭontains ability to query CPU informationĪdversaries may target user email to collect sensitive information from a target.įound a potential E-Mail address in binary/memory Software packing is a method of compressing or encrypting an executable.Īdversaries may attempt to get a listing of security software, configurations, defensive tools, and sensors that are installed on the system. Windows Management Instrumentation (WMI) is a Windows administration feature that provides a uniform environment for local and remote access to Windows system components.
0 Comments
Leave a Reply. |