"hi_h264dec_w.dll" has type "PE32 executable (DLL) (console) Intel 80386 for MS Windows" "HiDvrNet.dll" has type "PE32 executable (DLL) (GUI) Intel 80386 for MS Windows" "lib_VoiceEngine_dll.dll" has type "PE32 executable (DLL) (GUI) Intel 80386 for MS Windows" "AudioPlayer.dll" has type "PE32 executable (DLL) (GUI) Intel 80386 for MS Windows" "HiDvrMedia.dll" has type "PE32 executable (DLL) (GUI) Intel 80386 for MS Windows" "Local\Feeds Store Mutex S-1-5-21-4162757579-3804539371-4239455898-1000"Īntivirus vendors marked dropped file "HiDvrMedia.dll" as clean (type is "PE32 executable (DLL) (GUI) Intel 80386 for MS Windows"), Antivirus vendors marked dropped file "AudioPlayer.dll" as clean (type is "PE32 executable (DLL) (GUI) Intel 80386 for MS Windows"), Antivirus vendors marked dropped file "HiDvrNet.dll" as clean (type is "PE32 executable (DLL) (GUI) Intel 80386 for MS Windows"), Antivirus vendors marked dropped file "hi_h264dec_w.dll" as clean (type is "PE32 executable (DLL) (console) Intel 80386 for MS Windows"), Antivirus vendors marked dropped file "HiDvrOcx.inf" as clean (type is "Windows setup INFormation ASCII text with CRLF line terminators"), Antivirus vendors marked dropped file "FileUpdate.dll" as clean (type is "PE32 executable (DLL) (GUI) Intel 80386 for MS Windows"), Antivirus vendors marked dropped file "AmrDll.dll" as clean (type is "PE32 executable (DLL) (GUI) Intel 80386 for MS Windows"), Antivirus vendors marked dropped file "HiDvrOcx.ocx" as clean (type is "PE32 executable (DLL) (GUI) Intel 80386 for MS Windows") "\Sessions\1\BaseNamedObjects\Local\Feed Arbitration Shared Memory Mutex " "\Sessions\1\BaseNamedObjects\Local\RSS Eventing Connection Database Mutex 00000a48" "\Sessions\1\BaseNamedObjects\Local\c:!users!%OSUSER%!appdata!roaming!microsoft!windows!ietldcache!" "\Sessions\1\BaseNamedObjects\Local\!IETld!Mutex" "\Sessions\1\BaseNamedObjects\Local\ZonesCounterMutex"
#DVROCX WINDOWS 10 KEYGEN#
"\Sessions\1\BaseNamedObjects\ConnHashTable_HashTable_Mutex" "\Sessions\1\BaseNamedObjects\Local\ZonesLockedCacheCounterMutex" "\Sessions\1\BaseNamedObjects\Local\ZonesCacheCounterMutex" "\Sessions\1\BaseNamedObjects\Local\ZoneAttributeCacheCounterMutex"
"\Sessions\1\BaseNamedObjects\Local\WininetProxyRegistryMutex"
"\Sessions\1\BaseNamedObjects\Local\WininetConnectionMutex" "\Sessions\1\BaseNamedObjects\Local\WininetStartupMutex" Installs hooks/patches the running processįile type "PE32 executable (DLL) (GUI) Intel 80386 for MS Windows" was dropped at "%WINDIR%\System32\HiDvrMedia.dll"įile type "PE32 executable (DLL) (GUI) Intel 80386 for MS Windows" was dropped at "%WINDIR%\System32\AudioPlayer.dll"įile type "PE32 executable (DLL) (GUI) Intel 80386 for MS Windows" was dropped at "%WINDIR%\System32\lib_VoiceEngine_dll.dll"įile type "PE32 executable (DLL) (GUI) Intel 80386 for MS Windows" was dropped at "%WINDIR%\System32\HiDvrNet.dll"įile type "PE32 executable (DLL) (console) Intel 80386 for MS Windows" was dropped at "%WINDIR%\System32\hi_h264dec_w.dll"įile type "PE32 executable (DLL) (GUI) Intel 80386 for MS Windows" was dropped at "%WINDIR%\System32\FileUpdate.dll"įile type "PE32 executable (DLL) (GUI) Intel 80386 for MS Windows" was dropped at "%WINDIR%\System32\AmrDll.dll"įile type "PE32 executable (DLL) (GUI) Intel 80386 for MS Windows" was dropped at "%WINDIR%\System32\HiDvrOcx.ocx"
Windows processes often leverage application programming interface (API) functions to perform tasks that require reusable system resources. Adversaries may execute a binary, command, or script via a method that interacts with Windows services, such as the Service Control Manager.
0 kommentar(er)
