Ronen Tzur (later acquired by Invincea, then Sophos).
May attempt to create a registry key under HKCU\Software\Microsoft\Windows\CurrentVersion\Run to ensure it starts with the system.
Downloaded from "warez" or "crack" forums as a compressed .zip or .rar archive. Indicators of Compromise (IOCs):
Sandboxie-4-14-full-patch «100% Newest»
Ronen Tzur (later acquired by Invincea, then Sophos).
May attempt to create a registry key under HKCU\Software\Microsoft\Windows\CurrentVersion\Run to ensure it starts with the system. sandboxie-4-14-full-patch
Downloaded from "warez" or "crack" forums as a compressed .zip or .rar archive. Indicators of Compromise (IOCs): Ronen Tzur (later acquired by Invincea, then Sophos)