Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\Common Files\FireDaemon Pro |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\Common Files\FireDaemon Pro\ServiceDefinitions |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\FireDaemonUI.exe |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\FireDaemon.exe |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\Core.dll |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\VisualLayer.dll |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\Skin |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\Skin\Graphics |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\Skin\Graphics\add-service-hover.emf |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\Skin\Graphics\add-service.emf |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\Skin\Graphics\additional-menu-horizontal-hover.emf |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\Skin\Graphics\additional-menu-horizontal.emf |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\Skin\Graphics\branding.emf |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\Skin\Graphics\delete-quick-hover.emf |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\Skin\Graphics\delete-quick.emf |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\Skin\Graphics\delete-service-hover.emf |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\Skin\Graphics\delete-service.emf |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\Skin\Graphics\done-hover.emf |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\Skin\Graphics\done.emf |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\Skin\Graphics\edit-quick-hover.emf |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\Skin\Graphics\edit-quick.emf |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\Skin\Graphics\erase-hover.emf |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\Skin\Graphics\erase.emf |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\Skin\Graphics\hamburger-menu-hover.emf |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\Skin\Graphics\hamburger-menu.emf |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\Skin\Graphics\logo.emf |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\Skin\Graphics\managed-services-hover.emf |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\Skin\Graphics\managed-services-selected.emf |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\Skin\Graphics\managed-services.emf |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\Skin\Graphics\open-log-hover.emf |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\Skin\Graphics\open-log.emf |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\Skin\Graphics\pause-grey-hover.emf |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\Skin\Graphics\pause-grey.emf |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\Skin\Graphics\pause-quick-hover.emf |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\Skin\Graphics\pause-quick.emf |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\Skin\Graphics\refresh-hover.emf |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\Skin\Graphics\refresh.emf |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\Skin\Graphics\restart-all-hover.emf |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\Skin\Graphics\restart-all.emf |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\Skin\Graphics\restart-blue-hover.emf |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\Skin\Graphics\restart-blue.emf |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\Skin\Graphics\restart-quick-hover.emf |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\Skin\Graphics\restart-quick.emf |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\Skin\Graphics\resume-grey-hover.emf |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\Skin\Graphics\resume-grey.emf |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\Skin\Graphics\resume-quick-hover.emf |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\Skin\Graphics\resume-quick.emf |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\Skin\Graphics\save-hover.emf |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\Skin\Graphics\save-log-hover.emf |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\Skin\Graphics\save-log.emf |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\Skin\Graphics\save.emf |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\Skin\Graphics\scheduling-quick-hover.emf |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\Skin\Graphics\scheduling-quick.emf |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\Skin\Graphics\show-log-hover.emf |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\Skin\Graphics\show-log.emf |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\Skin\Graphics\simple-arrow-down-hover.emf |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\Skin\Graphics\simple-arrow-down.emf |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\Skin\Graphics\simple-arrow-left-hover.emf |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\Skin\Graphics\simple-arrow-left.emf |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\Skin\Graphics\simple-arrow-up-hover.emf |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\Skin\Graphics\simple-arrow-up.emf |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\Skin\Graphics\splash-screen.emf |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\Skin\Graphics\start-all-hover.emf |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\Skin\Graphics\start-all.emf |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\Skin\Graphics\start-green-hover.emf |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\Skin\Graphics\start-green.emf |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\Skin\Graphics\start-quick-hover.emf |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\Skin\Graphics\start-quick.emf |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\Skin\Graphics\stop-all-hover.emf |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\Skin\Graphics\stop-all.emf |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\Skin\Graphics\stop-quick-hover.emf |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\Skin\Graphics\stop-quick.emf |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\Skin\Graphics\stop-red-hover.emf |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\Skin\Graphics\stop-red.emf |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\Skin\Graphics\support-hover.emf |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\Skin\Graphics\support.emf |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\Skin\Graphics\switch-session0-hover.emf |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\Skin\Graphics\switch-session0.emf |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\Skin\Graphics\sysinfo-hover.emf |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\Skin\Graphics\sysinfo-selected.emf |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\Skin\Graphics\sysinfo.emf |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\Skin\Graphics\winservices-hover.emf |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\Skin\Graphics\winservices-selected.emf |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\Skin\Graphics\winservices.emf |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\Skin\skin.xml |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\FireDaemonCLI.exe |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\license.txt |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\version.txt |
Jump to behavior |
Source: C:\Windows\System32\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\Core-0ccfb35b.dll |
Jump to behavior |
Source: C:\Windows\SysWOW64\msiexec.exe |
Directory created: C:\Program Files\FireDaemon Pro\regid.2000-01.com.firedaemon_29758F0E-2FC0-46EF-A3D7-0CECCDC6FB35.swidtag |
|
Source: C:\Program Files\FireDaemon Pro\FireDaemonCLI.exe |
Directory created: C:\Program Files\FireDaemon Pro\Core-0ccfb35b.dll:{4498064F-515A180A-A7D546EE-2EB1D8EE} |
|
Source: C:\Program Files\FireDaemon Pro\FireDaemonUI.exe |
Directory created: C:\Program Files\FireDaemon Pro\Core-0ccfb35b.dll:{4498064F-515A180A-A7D546EE-2EB1D8EE} |
|
Source: |
Binary string: C:\projects\firedaemon\product-suite\FDPro\build-target\x64\Release\FireDaemonCLI.pdb source: FireDaemonCLI.exe, 0000000F.00000000.2314751372.00007FF7ED2A8000.00000002.00000001.01000000.0000000C.sdmp, FireDaemonCLI.exe, 0000000F.00000002.2376444407.00007FF7ED2A8000.00000002.00000001.01000000.0000000C.sdmp |
Source: |
Binary string: wininet.pdb source: FireDaemon-Pro-x64-5.4.10.exe, 00000000.00000003.2038575791.0000000009C56000.00000004.00000020.00020000.00000000.sdmp, FireDaemon-Pro-x64-5.4.10.exe, 00000006.00000003.2210182830.000000000777A000.00000004.00000020.00020000.00000000.sdmp |
Source: |
Binary string: C:\ReleaseAI\win\Release\custact\x86\tempFiles.pdb- source: FireDaemon-Pro-x64-5.4.10.exe, 00000000.00000003.2028862611.0000000009A40000.00000004.00001000.00020000.00000000.sdmp |
Source: |
Binary string: C:\ReleaseAI\win\Release\custact\x86\XmlCfg.pdb source: FireDaemon-Pro-x64-5.4.10.exe, 00000000.00000003.2028862611.0000000009A40000.00000004.00001000.00020000.00000000.sdmp |
Source: |
Binary string: C:\ReleaseAI\win\Release\custact\x86\ExternalUICleaner.pdb source: FireDaemon-Pro-x64-5.4.10.exe, 00000000.00000003.2028862611.0000000009A40000.00000004.00001000.00020000.00000000.sdmp, ExternalUICleaner.dll.0.dr |
Source: |
Binary string: C:\ReleaseAI\win\Release\custact\x86\ExternalUICleaner.pdb7 source: FireDaemon-Pro-x64-5.4.10.exe, 00000000.00000003.2028862611.0000000009A40000.00000004.00001000.00020000.00000000.sdmp, ExternalUICleaner.dll.0.dr |
Source: |
Binary string: C:\ReleaseAI\win\Release\custact\x64\viewer.pdb source: FireDaemon-Pro-x64-5.4.10.exe, 00000000.00000003.2028862611.0000000009A40000.00000004.00001000.00020000.00000000.sdmp, MSI4A8B.tmp, 00000009.00000000.2297198192.00007FF7B9AF2000.00000002.00000001.01000000.0000000B.sdmp, MSI4A8B.tmp, 00000009.00000002.2311397548.00007FF7B9AF2000.00000002.00000001.01000000.0000000B.sdmp |
Source: |
Binary string: C:\projects\firedaemon\product-suite\FDPro\build-target\x64\Release\VisualLayer.pdb::8GCTL source: FireDaemonUI.exe, 00000013.00000002.3278082816.00007FF8B8CCD000.00000002.00000001.01000000.00000010.sdmp |
Source: |
Binary string: C:\ReleaseAI\win\Release\custact\x64\viewer.pdbA source: FireDaemon-Pro-x64-5.4.10.exe, 00000000.00000003.2028862611.0000000009A40000.00000004.00001000.00020000.00000000.sdmp, MSI4A8B.tmp, 00000009.00000000.2297198192.00007FF7B9AF2000.00000002.00000001.01000000.0000000B.sdmp, MSI4A8B.tmp, 00000009.00000002.2311397548.00007FF7B9AF2000.00000002.00000001.01000000.0000000B.sdmp |
Source: |
Binary string: C:\projects\firedaemon\product-suite\FDPro\build-target\x64\Release\wicustomactions.pdb source: FireDaemon-Pro-x64-5.4.10.exe, 00000000.00000003.2028862611.0000000009A40000.00000004.00001000.00020000.00000000.sdmp |
Source: |
Binary string: C:\projects\firedaemon\product-suite\FDPro\build-target\x64\Release\Core.pdb source: FireDaemonCLI.exe, 0000000F.00000002.2377347366.00007FF8A7AFB000.00000002.00000001.01000000.0000000D.sdmp, FireDaemonUI.exe, 00000012.00000002.2450039135.00007FF8A7AFB000.00000002.00000001.01000000.0000000D.sdmp, FireDaemonUI.exe, 00000013.00000002.3277133863.00007FF8A7AFB000.00000002.00000001.01000000.0000000D.sdmp |
Source: |
Binary string: C:\ReleaseAI\win\Release\custact\x86\Prereq.pdb source: FireDaemon-Pro-x64-5.4.10.exe, 00000000.00000003.2028862611.0000000009A40000.00000004.00001000.00020000.00000000.sdmp |
Source: |
Binary string: wininet.pdbUGP source: FireDaemon-Pro-x64-5.4.10.exe, 00000000.00000003.2038575791.0000000009C56000.00000004.00000020.00020000.00000000.sdmp, FireDaemon-Pro-x64-5.4.10.exe, 00000006.00000003.2210182830.000000000777A000.00000004.00000020.00020000.00000000.sdmp |
Source: |
Binary string: C:\projects\firedaemon\product-suite\FDPro\build-target\x64\Release\VisualLayer.pdb source: FireDaemonUI.exe, 00000013.00000002.3278082816.00007FF8B8CCD000.00000002.00000001.01000000.00000010.sdmp |
Source: |
Binary string: C:\ReleaseAI\win\Release\custact\x86\XmlCfg.pdbg source: FireDaemon-Pro-x64-5.4.10.exe, 00000000.00000003.2028862611.0000000009A40000.00000004.00001000.00020000.00000000.sdmp |
Source: |
Binary string: C:\ReleaseAI\win\Release\custact\x86\lzmaextractor.pdb source: FireDaemon-Pro-x64-5.4.10.exe, 00000000.00000003.2028862611.0000000009A40000.00000004.00001000.00020000.00000000.sdmp |
Source: |
Binary string: C:\projects\firedaemon\product-suite\FDPro\build-target\x64\Release\FireDaemonUI.pdb source: FireDaemonUI.exe, 00000012.00000000.2437318973.00007FF79E3F2000.00000002.00000001.01000000.0000000F.sdmp, FireDaemonUI.exe, 00000012.00000002.2445808824.00007FF79E3F2000.00000002.00000001.01000000.0000000F.sdmp, FireDaemonUI.exe, 00000013.00000000.2441671152.00007FF79E3F2000.00000002.00000001.01000000.0000000F.sdmp, FireDaemonUI.exe, 00000013.00000002.3274630585.00007FF79E3F2000.00000002.00000001.01000000.0000000F.sdmp, FireDaemonUI.exe.0.dr |
Source: |
Binary string: C:\ReleaseAI\win\Release\custact\x86\AICustAct.pdb source: FireDaemon-Pro-x64-5.4.10.exe, 00000000.00000003.2028862611.0000000009A40000.00000004.00001000.00020000.00000000.sdmp |
Source: |
Binary string: C:\ReleaseAI\win\Release\stubs\x86\ExternalUi.pdb source: FireDaemon-Pro-x64-5.4.10.exe |
Source: |
Binary string: C:\ReleaseAI\win\Release\custact\x86\tempFiles.pdb source: FireDaemon-Pro-x64-5.4.10.exe, 00000000.00000003.2028862611.0000000009A40000.00000004.00001000.00020000.00000000.sdmp |
Source: |
Binary string: C:\projects\firedaemon\product-suite\FDPro\build-target\x64\Release\wicustomactions.pdbmm`GCTL source: FireDaemon-Pro-x64-5.4.10.exe, 00000000.00000003.2028862611.0000000009A40000.00000004.00001000.00020000.00000000.sdmp |
Source: C:\Users\user\Desktop\FireDaemon-Pro-x64-5.4.10.exe |
File opened: z: |
Jump to behavior |
Source: C:\Users\user\Desktop\FireDaemon-Pro-x64-5.4.10.exe |
File opened: x: |
Jump to behavior |
Source: C:\Users\user\Desktop\FireDaemon-Pro-x64-5.4.10.exe |
File opened: v: |
Jump to behavior |
Source: C:\Users\user\Desktop\FireDaemon-Pro-x64-5.4.10.exe |
File opened: t: |
Jump to behavior |
Source: C:\Users\user\Desktop\FireDaemon-Pro-x64-5.4.10.exe |
File opened: r: |
Jump to behavior |
Source: C:\Users\user\Desktop\FireDaemon-Pro-x64-5.4.10.exe |
File opened: p: |
Jump to behavior |
Source: C:\Users\user\Desktop\FireDaemon-Pro-x64-5.4.10.exe |
File opened: n: |
Jump to behavior |
Source: C:\Users\user\Desktop\FireDaemon-Pro-x64-5.4.10.exe |
File opened: l: |
Jump to behavior |
Source: C:\Users\user\Desktop\FireDaemon-Pro-x64-5.4.10.exe |
File opened: j: |
Jump to behavior |
Source: C:\Users\user\Desktop\FireDaemon-Pro-x64-5.4.10.exe |
File opened: h: |
Jump to behavior |
Source: C:\Users\user\Desktop\FireDaemon-Pro-x64-5.4.10.exe |
File opened: f: |
Jump to behavior |
Source: C:\Users\user\Desktop\FireDaemon-Pro-x64-5.4.10.exe |
File opened: b: |
Jump to behavior |
Source: C:\Users\user\Desktop\FireDaemon-Pro-x64-5.4.10.exe |
File opened: y: |
Jump to behavior |
Source: C:\Users\user\Desktop\FireDaemon-Pro-x64-5.4.10.exe |
File opened: w: |
Jump to behavior |
Source: C:\Users\user\Desktop\FireDaemon-Pro-x64-5.4.10.exe |
File opened: u: |
Jump to behavior |
Source: C:\Users\user\Desktop\FireDaemon-Pro-x64-5.4.10.exe |
File opened: s: |
Jump to behavior |
Source: C:\Users\user\Desktop\FireDaemon-Pro-x64-5.4.10.exe |
File opened: q: |
Jump to behavior |
Source: C:\Users\user\Desktop\FireDaemon-Pro-x64-5.4.10.exe |
File opened: o: |
Jump to behavior |
Source: C:\Users\user\Desktop\FireDaemon-Pro-x64-5.4.10.exe |
File opened: m: |
Jump to behavior |
Source: C:\Users\user\Desktop\FireDaemon-Pro-x64-5.4.10.exe |
File opened: k: |
Jump to behavior |
Source: C:\Users\user\Desktop\FireDaemon-Pro-x64-5.4.10.exe |
File opened: i: |
Jump to behavior |
Source: C:\Users\user\Desktop\FireDaemon-Pro-x64-5.4.10.exe |
File opened: g: |
Jump to behavior |
Source: C:\Users\user\Desktop\FireDaemon-Pro-x64-5.4.10.exe |
File opened: e: |
Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
File opened: c: |
|
Source: C:\Users\user\Desktop\FireDaemon-Pro-x64-5.4.10.exe |
File opened: a: |
Jump to behavior |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.1.237.91 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.1.237.91 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.1.237.91 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.1.237.91 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.1.237.91 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.1.237.91 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.1.237.91 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 20.114.59.183 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 20.114.59.183 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 20.114.59.183 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 20.114.59.183 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 20.114.59.183 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 20.114.59.183 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 20.114.59.183 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 20.114.59.183 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 20.114.59.183 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 20.114.59.183 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 20.114.59.183 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 20.114.59.183 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 20.114.59.183 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 20.114.59.183 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 172.64.149.23 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 104.18.38.233 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 172.64.149.23 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 172.64.149.23 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 104.18.38.233 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 172.64.149.23 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.1.237.91 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.1.237.91 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.1.237.91 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.1.237.91 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.1.237.91 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.1.237.91 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: global traffic |
HTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=fDoofKTR9ZkapHv&MD=aO1Z537k HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com |
Source: global traffic |
HTTP traffic detected: GET /firedaemon-pro-version.txt HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: FireDaemon Pro/5.4.10Host: update.firedaemon.com |
Source: global traffic |
HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com |
Source: global traffic |
HTTP traffic detected: GET /download-firedaemon-pro HTTP/1.1Host: www.firedaemon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic |
HTTP traffic detected: GET /services/wix-thunderbolt/dist/originTrials.41d7301a.bundle.min.js HTTP/1.1Host: static.parastorage.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.firedaemon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic |
HTTP traffic detected: GET /services/third-party/fonts/user-site-fonts/fonts/open-source/opensans-bold-webfont.woff HTTP/1.1Host: static.parastorage.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.firedaemon.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.firedaemon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic |
HTTP traffic detected: GET /_api/v2/dynamicmodel HTTP/1.1Host: www.firedaemon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.firedaemon.com/download-firedaemon-proAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ssr-caching=cache#desc=hit#varnish=hit_miss#dc#desc=fastly_42_g |
Source: global traffic |
HTTP traffic detected: GET /pages/pages/thunderbolt?appDefinitionIdToSiteRevision=%7B%2214271d6f-ba62-d045-549b-ab972ae1f70e%22%3A%2225%22%2C%2214bcded7-0066-7c35-14d7-466cb3f09103%22%3A%221216%22%2C%221522827f-c56c-a5c9-2ac9-00f9e6ae12d3%22%3A%221806%22%7D&beckyExperiments=specs.thunderbolt.compCssMappers_catharsis%3Atrue%2Cspecs.thunderbolt.supportSpxInEEMappers%3Atrue%2Cspecs.thunderbolt.one_cell_grid_display_flex%3Atrue%2Cspecs.thunderbolt.MediaContainerAndPageBackgroundMapper%3Atrue%2Cspecs.thunderbolt.minWidthFromLayout%3Atrue%2Cspecs.thunderbolt.root_components_carmi%3Atrue%2Cspecs.thunderbolt.edixIsInFirstFold%3Atrue%2Cspecs.thunderbolt.proGalleryMasterInfo%3Atrue%2Cspecs.thunderbolt.app_reflow_with_lightboxes%3Atrue%2Cspecs.thunderbolt.DatePickerPortal%3Atrue%2Cspecs.thunderbolt.wixSitesFontDisplaySwap%3Atrue%2Cspecs.thunderbolt.facebookVideoPlayerDimensions%3Atrue%2Cspecs.thunderbolt.useElementoryRelativePath%3Atrue%2Cspecs.thunderbolt.fixVectorImageShouldScaleStroke%3Atrue%2Cspecs.thunderbolt.render_all_tabs%3Atrue%2Cspecs.thunderbolt.opacityTransition%3Atrue%2Cspecs.thunderbolt.mesh_css_catharsis%3Atrue%2Cspecs.thunderbolt.DDMenuMigrateCssCarmiMapper%3Atrue%2Cspecs.thunderbolt.FontDisplaySwap%3Atrue%2Cspecs.thunderbolt.UseWixDataItemService%3Atrue%2Cspecs.thunderbolt.fiveGridLineStudioSkins%3Atrue%2Cspecs.thunderbolt.TPA3DGalleryEEUrl%3Atrue%2Cspecs.thunderbolt.allowWEBPTransformation%3Atrue%2Cspecs.thunderbolt.carouselGalleryImageFitting%3Atrue%2Cspecs.thunderbolt.useNewImageParallax%3Atrue%2Cspecs.thunderbolt.accordionHeightAuto%3Atrue%2Cspecs.thunderbolt.fixResponsiveBoxContainerLayoutClass%3Atrue%2Cspecs.thunderbolt.fetch_widget_iteratively%3Atrue%2Cspecs.thunderbolt.TextInputAutoFillFix%3Atrue&contentType=application%2Fjson&cssPerBreakpointWidgetIds=a63a5215-8aa6-42af-96b1-583bfd74cff5%2C13afb094-84f9-739f-44fd-78d036adb028%2C139a41fd-0b1d-975f-6f67-e8cbdf8ccc82%2C1380bba0-253e-a800-a235-88821cf3f8a4%2Cbda15dc1-816d-4ff3-8dcb-1172d5343cce%2C44c66af6-4d25-485a-ad9d-385f5460deef%2C80a3bd56-82b4-4193-8bb4-b7cb0f3f1830%2C15293875-09d7-6913-a093-084a9b6ae7f4%2C14cefc05-d163-dbb7-e4ec-cd4f2c4d6ddd%2C14dd1af6-3e02-63db-0ef2-72fbc7cc3136%2C14dbefb9-3b7b-c4e9-53e8-766defd30587&deviceType=Desktop&dfCk=6&dfVersion=1.3436.0&disableStaticPagesUrlHierarchy=false&editorName=Unknown&experiments=bv_remove_add_chat_viewer_fixer%2Cdm_migrateResponsiveSectionStyleItemToDesign%2Cdm_onlyRerunWhenFixerRequiresReruns%2Cdm_screenInBehavi |