Mohit Bhatt
Mohit Bhatt
[FILETRACER] TIME:1641454692.405028 VCPU:0 CR3:0x877F2000 "\Device\HarddiskVolume2\Users\John\Downloads\malware-samples-master\malware-samples-master\Ransomware\Wannacry\Wannacry\ed01ebfbc9eb5bbea545af4d01bf5f1071661840480439c6e5babe8e080e41aa.bin\wannacry.exe":NtQueryAttributesFile SessionID:1 PID:3296 PPID:1860 FileName:"\??\C:\Users\John\Downloads\malware-samples-master\malware-samples-master\Ransomware\Wannacry\Wannacry\ed01ebfbc9eb5bbea545af4d01bf5f1071661840480439c6e5babe8e080e41aa.bin\taskdl.exe" FileHandle:0x0 ObjectAttributes:"OBJ_CASE_INSENSITIVE" SecurityDescriptor: **Please provide the description and unit of the feature "TIME" in filetracer plugin ?**
Dear Tamas K. Lengyel Sir, We are undergraduate students and working on a project on malware analysis. Following your blog, we have successfully setup drakvuf tool and it is giving...
Dear Tamas K. Lengyel Sir, From previous instructions by you, we have successfully generated some logs. In logs we found some extra features like - 1) Syscall Time 2) Sysret...
**Error:** ``` pc-03@pc03-HP-280-Pro-G6-Microtower-PC:~/drakvuf$ sudo ./src/drakvuf -r /root/windows7-sp1.json -d 8 -i 1620 --write-file /home/pc-03/Desktop/test/npp.exe E: 1690794354.237244 DRAKVUF v1.1-git20230705105744+875b959-1 Copyright (C) 2014-2023 Tamas K Lengyel Couldn't open guest file [INJECT] TIME:1690794358.770616 METHOD:WriteFile...