Possibly tries to implement anti-virtualization techniques Tries to identify its external IP address Queries the internet cache settings (often used to hide footprints in index.dat or internet cache) Queries the display settings of system associated file extensions Queries firmware table information (may be used to fingerprint/evade) Scans for artifacts that may help identify the target Reads terminal service related keys (often RDP related)
0 Comments
Leave a Reply. |