Behaviors
List of software behaviors discovered with static code analysis.
Uses a Python script interpreter. (x2)
execution
Decrypts data using the Windows Cryptography API. (x1)
packer
Opens a TCP connection to a remote server. (x1)
network
Opens a UDP connection to a remote server. (x2)
network
Converts binary data to its string representation, commonly used in obfuscation. (x5)
packer
Issues DNS queries. (x1)
network
Detects/enumerates running processes. (x1)
monitor
Terminates a process/thread. (x2)
execution
Detects presence of debuggers. (x2)
evasion
Contains reference to kernel32.dll which is Windows NT BASE API Client DLL. (x1)
execution