![]() ![]() The input sample is signed with a certificate issued by "CN=DigiCert Assured ID Root CA, OU=O=DigiCert Inc, C=US" (SHA1: 92:C1:58:8E:85:AF:22:01:CE:79:15:E8:53:8B:49:2F:60:5B:80:C6 see report for more information) Process "DUC40.exe" ( Show Process) was launched with modified environment variables: "TMP, PROCESSOR_ARCHITECTURE, USERNAME, TEMP" Process "DUC40.exe" ( Show Process) was launched with new environment variables: "ALLUSERSPROFILE="%ALLUSERSPROFILE%\, ProgramData="C:\ProgramData", HOMEPATH="\Users\TmU4bCc", PUBLIC="C:\Users\%USERNAME%\\HAPUBWS-PC", LOCALAPPDATA="C:\Users\%USERNAME%\AppData\Local", USERDOMAIN="WLx3x0oLN8", COMPUTERNAME="WLx3x0oLN8", USERPROFILE="C:\Users\%USERNAME%\Program Files (x86)", PROCESSOR_ARCHITEW6432="AMD64", CommonProgramFiles="C:\Program Files (x86)\Common Files", ProgramW6432="C:\Program Files", ProgramFiles="C:\Program Files (x86)", HOMEDRIVE="C:", CommonProgramW6432="C:\Program Files\Common Files", CommonProgramFiles(x86)="C:\Program Files (x86)\Common Files", APPDATA="C:\Users\%USERNAME%\AppData\Roaming"" Process "conhost.exe" ( Show Process) was launched with missing environment variables: "ALLUSERSPROFILE, ProgramData, HOMEPATH, PUBLIC, PROMPT, LOGONSERVER, LOCALAPPDATA, USERDOMAIN, COMPUTERNAME, USERPROFILE, ProgramFiles(x86), PROCESSOR_ARCHITEW6432, CommonProgramFiles, ProgramW6432, ProgramFiles, HOMEDRIVE, CommonProgramW6432, CommonProgramFiles(x86), APPDATA" Process "conhost.exe" ( Show Process) was launched with modified environment variables: "TMP, PROCESSOR_ARCHITECTURE, USERNAME, TEMP" Queries volume information of an entire harddrive
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |