Pattern match: "Heuristic match: "nT|#W `rl.dPQ2QCh=j Y&ZcALLUSERSARPPRODUCTICON.exeARPPRODUCTICONThe wizard was interrupted before could be completely installed.ARPURLINFOABOUT30DWUSINTERVALCEDCA02FA9FB905FAEACF7FFDE8C978FCE0C978FFE0BF0FFCE9C878F6E2C87F89EBCA7EFC9ACDWUSLINKExpressDefaultDefaultUIFontInstallShield for Windows InstallerDialogCaption1234-5678DiskSerialMinimalDisplayNameCustomCosting COM+ application: DisplayNameMinimalAlways InstallDisplayNameTypicalSetupErrorErrorDialog200INSTALLLEVELISVROOT_PORT_NOInstalling COM+ application: IS_COMPLUS_PROGRESSTEXT_COSTUninstalling COM+ application: IS_COMPLUS_PROGRESSTEXT_INSTALLA newer version of this application is already installed on this computer. Pattern match: " Pattern match: "\hich\af1\dbch\af13\loch\f1" Sample was identified as clean by Antivirus engines
Source Hybrid Analysis Technology relevance 10/10 Which is directly followed by "cmp dword ptr, 05h" and "jne 00428107h". Which is directly followed by "cmp word ptr, 0001h" and "jnc 00424A10h". Which is directly followed by "cmp ecx, eax" and "ret ".
Source Hybrid Analysis Technology relevance 1/10Ĭontains ability to query the system localeįound API call (Target: "lenovo_smart_assistant_v2.0.0_201607.exe" Stream UID: "00034654-00003356-27661-1143-0045BBC4")
0 kommentar(er)
