aljaz/securedorg.github.io
1
0
Fork 0
mirror of https://github.com/aljazceru/securedorg.github.io.git synced 2026-01-10 17:54:20 +01:00
Code Issues Packages Projects Releases Wiki Activity

finishing dynamic

Browse Source
This commit is contained in:
Amanda Rousseau
2017-03-26 23:34:06 -07:00
parent 2958479073
commit 7bef491864
1 changed files with 1 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
dynamic2.md
View File

@@ -67,6 +67,7 @@ RegQueryValue HKCU\Software\Microsoft\Windows\CurrentVersion\Run\dope
### Behavior & Control Flow
Processes Created dope.exe
1) Starts by decoding xor strings
2) Checks to see if dope.exe already exists in %APPDATA%