SonicALERT
Search

Sonicwall Signatures

 

Go to All Categories list.


  Adwind.J1
Malformed.doc_77 is an Exploit. An Exploit is a piece of software or sequence of commands that takes advantage of a bug, glitch or vulnerability in order to cause unintended or unanticipated behaviour to occur on computer software. Attackers usually use an exploit to deliver a payload on the victims system.

Mutexes created
  • Nothing to report


Directory level activity
    • Nothing to report


    File level activity
      • Nothing to report


      Registry level activity
        • Nothing to report


        Library level activity
        • load - library - KERNEL32.DLL
        • load - library - ADVAPI32.dll
        • load - library - KERNEL32.DLL


        Process API calls used
        • CreateProcessInternalW


        Registry API calls used
        • RegOpenKeyExW
        • RegQueryValueExW
        • RegCloseKey
        • NtOpenKey
        • NtQueryValueKey
        • NtQueryValueKey


        System API calls used
        • LdrGetDllHandle
        • LdrGetProcedureAddress
        • LdrLoadDll
        • LdrGetProcedureAddress


        Filesystem API calls used
        • FindFirstFileExW
        • FindFirstFileExW

        Network

        UDP source >> destination
        • 192.168.30.1 >> 192.168.30.255
        • 192.168.30.254 >> 192.168.30.1


        TCP source >> destination
        • 192.168.30.1 >> 192.168.30.254



        Domains:
        • NA

        DNS Request:
        • NA

        HTTP Request:
        • NA

        DLL related data
        Number of DLL's imported = 0
        • Nothing to report

        Relevant Information


        © SonicWall 2020 | Privacy Policy | Conditions for use Version: 10.0