Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Code function: 6_2_004065C5 FindFirstFileW,FindClose, |
6_2_004065C5 |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Code function: 6_2_00405990 GetTempPathW,DeleteFileW,lstrcatW,lstrcatW,lstrlenW,FindFirstFileW,FindNextFileW,FindClose, |
6_2_00405990 |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Code function: 6_2_00402862 FindFirstFileW, |
6_2_00402862 |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Code function: 8_2_00402862 FindFirstFileW, |
8_2_00402862 |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Code function: 8_2_004065C5 FindFirstFileW,FindClose, |
8_2_004065C5 |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Code function: 8_2_00405990 GetTempPathW,DeleteFileW,lstrcatW,lstrcatW,lstrlenW,FindFirstFileW,FindNextFileW,FindClose, |
8_2_00405990 |
Source: Inventory_list.img.exe, 00000008.00000002.95675212784.000000003885E000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: http://crl.comodoca.com/AAACertificateServices.crl06 |
Source: Inventory_list.img.exe, 00000008.00000002.95675212784.000000003885E000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: http://crl.globalsign.net/root-r2.crl0 |
Source: Inventory_list.img.exe, 00000006.00000002.91209728992.000000000040A000.00000004.00000001.01000000.00000003.sdmp, Inventory_list.img.exe, 00000006.00000000.90558447101.000000000040A000.00000008.00000001.01000000.00000003.sdmp, Inventory_list.img.exe, 00000008.00000000.91036716567.000000000040A000.00000008.00000001.01000000.00000003.sdmp |
String found in binary or memory: http://nsis.sf.net/NSIS_ErrorError |
Source: Inventory_list.img.exe, 00000008.00000002.95673327948.0000000036281000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name |
Source: Inventory_list.img.exe, 00000008.00000002.95659936798.0000000005A27000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: http://studentzindagi.za.com/bxbPiwfERAZWdsgPWBtUv3.bin.v_ |
Source: Inventory_list.img.exe, 00000008.00000002.95659936798.0000000005A27000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: http://studentzindagi.za.com/bxbPiwfERAZWdsgPWBtUv3.binSv2 |
Source: Inventory_list.img.exe, 00000008.00000002.95673327948.0000000036281000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: https://api.ipify.org |
Source: Inventory_list.img.exe, 00000008.00000002.95673327948.0000000036281000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: https://api.ipify.org/ |
Source: Inventory_list.img.exe, 00000008.00000002.95673327948.0000000036281000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: https://api.ipify.org/t |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Code function: 6_2_00405425 GetDlgItem,GetDlgItem,GetDlgItem,GetDlgItem,GetClientRect,GetSystemMetrics,SendMessageW,SendMessageW,SendMessageW,SendMessageW,SendMessageW,SendMessageW,ShowWindow,ShowWindow,GetDlgItem,SendMessageW,SendMessageW,SendMessageW,GetDlgItem,CreateThread,FindCloseChangeNotification,ShowWindow,ShowWindow,ShowWindow,ShowWindow,SendMessageW,CreatePopupMenu,AppendMenuW,GetWindowRect,TrackPopupMenu,SendMessageW,OpenClipboard,EmptyClipboard,GlobalAlloc,GlobalLock,SendMessageW,GlobalUnlock,SetClipboardData,CloseClipboard, |
6_2_00405425 |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Code function: 6_2_00403373 EntryPoint,SetErrorMode,GetVersion,lstrlenA,#17,OleInitialize,SHGetFileInfoW,GetCommandLineW,GetModuleHandleW,CharNextW,GetTempPathW,GetTempPathW,GetWindowsDirectoryW,lstrcatW,GetTempPathW,lstrcatW,SetEnvironmentVariableW,SetEnvironmentVariableW,SetEnvironmentVariableW,DeleteFileW,OleUninitialize,ExitProcess,lstrcatW,lstrcatW,lstrcatW,lstrcmpiW,SetCurrentDirectoryW,DeleteFileW,CopyFileW,CloseHandle,GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,ExitWindowsEx,ExitProcess, |
6_2_00403373 |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Code function: 8_2_00403373 EntryPoint,SetErrorMode,GetVersion,lstrlenA,#17,OleInitialize,SHGetFileInfoW,GetCommandLineW,GetModuleHandleW,CharNextW,GetTempPathW,GetTempPathW,GetWindowsDirectoryW,lstrcatW,GetTempPathW,lstrcatW,SetEnvironmentVariableW,SetEnvironmentVariableW,SetEnvironmentVariableW,DeleteFileW,OleUninitialize,ExitProcess,lstrcatW,lstrcatW,lstrcatW,lstrcmpiW,SetCurrentDirectoryW,DeleteFileW,CopyFileW,CloseHandle,GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,ExitWindowsEx,ExitProcess, |
8_2_00403373 |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Code function: 6_2_00404C62 |
6_2_00404C62 |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Code function: 6_2_00406ADD |
6_2_00406ADD |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Code function: 6_2_004072B4 |
6_2_004072B4 |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Code function: 8_2_00404C62 |
8_2_00404C62 |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Code function: 8_2_00406ADD |
8_2_00406ADD |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Code function: 8_2_004072B4 |
8_2_004072B4 |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Code function: 8_2_00153900 |
8_2_00153900 |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Code function: 8_2_00158C10 |
8_2_00158C10 |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Code function: 8_2_0015F430 |
8_2_0015F430 |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Code function: 8_2_00154518 |
8_2_00154518 |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Code function: 8_2_0015BF50 |
8_2_0015BF50 |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Code function: 8_2_00153C48 |
8_2_00153C48 |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Code function: 8_2_36061A30 |
8_2_36061A30 |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Code function: 8_2_36067050 |
8_2_36067050 |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Code function: 8_2_36067FB0 |
8_2_36067FB0 |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Code function: 8_2_360634A0 |
8_2_360634A0 |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Code function: 8_2_3606A1E8 |
8_2_3606A1E8 |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Code function: 6_2_00403373 EntryPoint,SetErrorMode,GetVersion,lstrlenA,#17,OleInitialize,SHGetFileInfoW,GetCommandLineW,GetModuleHandleW,CharNextW,GetTempPathW,GetTempPathW,GetWindowsDirectoryW,lstrcatW,GetTempPathW,lstrcatW,SetEnvironmentVariableW,SetEnvironmentVariableW,SetEnvironmentVariableW,DeleteFileW,OleUninitialize,ExitProcess,lstrcatW,lstrcatW,lstrcatW,lstrcmpiW,SetCurrentDirectoryW,DeleteFileW,CopyFileW,CloseHandle,GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,ExitWindowsEx,ExitProcess, |
6_2_00403373 |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Code function: 8_2_00403373 EntryPoint,SetErrorMode,GetVersion,lstrlenA,#17,OleInitialize,SHGetFileInfoW,GetCommandLineW,GetModuleHandleW,CharNextW,GetTempPathW,GetTempPathW,GetWindowsDirectoryW,lstrcatW,GetTempPathW,lstrcatW,SetEnvironmentVariableW,SetEnvironmentVariableW,SetEnvironmentVariableW,DeleteFileW,OleUninitialize,ExitProcess,lstrcatW,lstrcatW,lstrcatW,lstrcmpiW,SetCurrentDirectoryW,DeleteFileW,CopyFileW,CloseHandle,GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,ExitWindowsEx,ExitProcess, |
8_2_00403373 |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Section loaded: edgegdi.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Section loaded: uxtheme.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Section loaded: userenv.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Section loaded: apphelp.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Section loaded: propsys.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Section loaded: dwmapi.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Section loaded: cryptbase.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Section loaded: oleacc.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Section loaded: version.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Section loaded: shfolder.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Section loaded: kernel.appcore.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Section loaded: windows.storage.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Section loaded: wldp.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Section loaded: riched20.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Section loaded: usp10.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Section loaded: msls31.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Section loaded: textinputframework.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Section loaded: coreuicomponents.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Section loaded: coremessaging.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Section loaded: ntmarta.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Section loaded: wintypes.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Section loaded: wintypes.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Section loaded: wintypes.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Section loaded: textshaping.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Section loaded: profapi.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Section loaded: edgegdi.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Section loaded: wininet.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Section loaded: iertutil.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Section loaded: sspicli.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Section loaded: windows.storage.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Section loaded: wldp.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Section loaded: profapi.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Section loaded: kernel.appcore.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Section loaded: ondemandconnroutehelper.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Section loaded: winhttp.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Section loaded: mswsock.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Section loaded: iphlpapi.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Section loaded: winnsi.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Section loaded: urlmon.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Section loaded: srvcli.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Section loaded: netutils.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Section loaded: dnsapi.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Section loaded: rasadhlp.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Section loaded: fwpuclnt.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Section loaded: mscoree.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Section loaded: version.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Section loaded: vcruntime140_clr0400.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Section loaded: ucrtbase_clr0400.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Section loaded: uxtheme.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Section loaded: cryptsp.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Section loaded: rsaenh.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Section loaded: cryptbase.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Section loaded: wbemcomn.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Section loaded: amsi.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Section loaded: userenv.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Section loaded: rasapi32.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Section loaded: rasman.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Section loaded: rtutils.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Section loaded: dhcpcsvc6.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Section loaded: dhcpcsvc.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Section loaded: secur32.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Section loaded: schannel.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Section loaded: mskeyprotect.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Section loaded: ntasn1.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Section loaded: ncrypt.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Section loaded: ncryptsslp.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Section loaded: msasn1.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Section loaded: gpapi.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Section loaded: vaultcli.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Section loaded: wintypes.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Code function: 6_2_10001B18 GlobalAlloc,lstrcpyW,lstrcpyW,GlobalFree,GlobalFree,GlobalFree,GlobalFree,GlobalFree,GlobalFree,lstrcpyW,GetModuleHandleW,LoadLibraryW,GetProcAddress,lstrlenW, |
6_2_10001B18 |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Code function: 6_2_004065C5 FindFirstFileW,FindClose, |
6_2_004065C5 |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Code function: 6_2_00405990 GetTempPathW,DeleteFileW,lstrcatW,lstrcatW,lstrlenW,FindFirstFileW,FindNextFileW,FindClose, |
6_2_00405990 |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Code function: 6_2_00402862 FindFirstFileW, |
6_2_00402862 |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Code function: 8_2_00402862 FindFirstFileW, |
8_2_00402862 |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Code function: 8_2_004065C5 FindFirstFileW,FindClose, |
8_2_004065C5 |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Code function: 8_2_00405990 GetTempPathW,DeleteFileW,lstrcatW,lstrcatW,lstrlenW,FindFirstFileW,FindNextFileW,FindClose, |
8_2_00405990 |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Code function: 6_2_10001B18 GlobalAlloc,lstrcpyW,lstrcpyW,GlobalFree,GlobalFree,GlobalFree,GlobalFree,GlobalFree,GlobalFree,lstrcpyW,GetModuleHandleW,LoadLibraryW,GetProcAddress,lstrlenW, |
6_2_10001B18 |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Code function: 6_2_00403373 EntryPoint,SetErrorMode,GetVersion,lstrlenA,#17,OleInitialize,SHGetFileInfoW,GetCommandLineW,GetModuleHandleW,CharNextW,GetTempPathW,GetTempPathW,GetWindowsDirectoryW,lstrcatW,GetTempPathW,lstrcatW,SetEnvironmentVariableW,SetEnvironmentVariableW,SetEnvironmentVariableW,DeleteFileW,OleUninitialize,ExitProcess,lstrcatW,lstrcatW,lstrcatW,lstrcmpiW,SetCurrentDirectoryW,DeleteFileW,CopyFileW,CloseHandle,GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,ExitWindowsEx,ExitProcess, |
6_2_00403373 |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
File opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\profiles.ini |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login Data |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
File opened: C:\Users\user\AppData\Roaming\8pecxstudios\Cyberfox\profiles.ini |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
File opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Login Data |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
File opened: C:\Users\user\AppData\Roaming\NETGATE Technologies\BlackHawk\profiles.ini |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
File opened: C:\Users\user\AppData\Roaming\Thunderbird\profiles.ini |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
File opened: C:\Users\user\AppData\Roaming\Thunderbird\profiles.ini |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
File opened: C:\Users\user\AppData\Roaming\Thunderbird\profiles.ini |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Key opened: HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles |
Jump to behavior |
Source: C:\Users\user\Desktop\Inventory_list.img.exe |
Key opened: HKEY_CURRENT_USER\Software\IncrediMail\Identities |
Jump to behavior |