![]() Name RT_STRING RVA 0x28a50 Size 0x1a8 Type data Language English Name RT_STRING RVA 0x28418 Size 0圆32 Type data Language English Name RT_DIALOG RVA 0x18b80 Size 0圆2 Type data Language English Name RT_DIALOG RVA 0x18be8 Size 0xb2 Type data Language English Name RT_DIALOG RVA 0x18540 Size 0xe2 Type data Language English Name RT_DIALOG RVA 0x18628 Size 0x272 Type data Language English Name RT_DIALOG RVA 0x189f8 Size 0xae Type data Language English Name RT_DIALOG RVA 0x18aa8 Size 0xd6 Type data Language English Name RT_DIALOG RVA 0x18938 Size 0xbe Type data Language English Name RT_DIALOG RVA 0x188a0 Size 0x92 Type data Language English Name RT_DIALOG RVA 0x28278 Size 0x19a Type data Language English Name RT_ICON RVA 0x19618 Size 0x8a8 Type data Language English Name RT_ICON RVA 0x19330 Size 0x2e8 Type data Language English Name RT_ICON RVA 0x18dc8 Size 0x568 Type GLS_BINARY_LSB_FIRST Language English Name RT_ICON RVA 0x18ca0 Size 0x128 Type GLS_BINARY_LSB_FIRST Language English Name RT_BITMAP RVA 0x272b8 Size 0xfc0 Type data Language English Name RT_BITMAP RVA 0x1a568 Size 0xcd50 Type data Language English Possibly tries to detect the presence of a debugger Source Hybrid Analysis Technology relevance 10/10 from IKernel.exe (PID: 3236) ( Show Stream) Which is directly followed by "cmp esi, FFFFFFFFh" and "jne 00449D27h". Which is directly followed by "cmp dword ptr, 01h" and "jne 0044295Ah". Which is directly followed by "cmp eax, ebx" and "jne 004058A8h". "npores32.dll" claims program is from Tue Sep 21 20:34:34 1999 "npores32.dll" claims program is from Tue Sep 21 20:34:45 1999 "npores32.dll" claims program is from Tue Sep 21 20:08:48 1999 "npores32.dll" claims program is from Tue Sep 21 20:34:07 1999 "npores32.dll" claims program is from Tue Sep 21 20:35:08 1999 "npores32.dll" claims program is from Tue Sep 21 20:34:39 1999 "npores32.dll" claims program is from Tue Sep 21 20:34:29 1999 "npores32.dll" claims program is from Tue Sep 21 20:34:51 1999 "npores32.dll" claims program is from Tue Sep 21 20:34:12 1999 "npores32.dll" claims program is from Tue Sep 21 20:35:18 1999 "npores32.dll" claims program is from Tue Sep 21 20:35:02 1999 "npores32.dll" claims program is from Tue Sep 21 20:34:18 1999 ![]() "npores32.dll" claims program is from Tue Sep 21 20:34:57 1999 "npores32.dll" claims program is from Tue Sep 21 20:35:13 1999 ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
January 2023
Categories |