Malware Analysis System Evasion
Possible date expiration check, exits too soon after checking local time Show sources
| api_process_name | 198808e07a5ff1f81792f5d8ad348117d57331ee.exe, PID 2460 |
Network activity detected but not expressed in API logs
Hooking and other Techniques for Hiding Protection
Creates RWX memory Show sources
| injection_rwx_memory | 0x00000040, NtAllocateVirtualMemory or VirtualProtectEx |