Behaviors
List of software behaviors discovered with static code analysis.
Deletes files in Windows system directories. (x1)
file
Uses a Python script interpreter. (x1)
execution
Detects VMWare related virtualized environments. (x2)
evasion
Decrypts data using the Windows Cryptography API. (x1)
packer
Encrypts or encodes files and other data using the Windows Cryptography API. (x2)
file
Detects presence of debuggers. (x3)
evasion
Encrypts or encodes data in memory using the Windows Cryptography API. (x2)
file
Writes to files in Windows system directories. (x1)
file
Contains a reference to an environment variable that holds an Amazon Web Services (AWS) secret access key. (x1)
settings
Contains a reference to an environment variable that holds an Amazon Web Services (AWS) session token. (x1)
settings