| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
RDTSC instruction interceptor: First address: 202BEE4 second address: 202BF29 instructions: 0x00000000 rdtsc 0x00000002 lea esp, dword ptr [esp] 0x00000005 dec edi 0x00000006 adc edi, esp 0x00000008 ror dx, cl 0x0000000b jmp 00007FC408FFC964h 0x0000000d clc 0x0000000e mov al, byte ptr [esp+05h] 0x00000012 lea edi, dword ptr [00000000h+ecx*4] 0x00000019 add esp, 08h 0x0000001c lea edx, dword ptr [00000000h+eax*4] 0x00000023 jmp 00007FC408FFC964h 0x00000025 lea edx, dword ptr [ecx+esi] 0x00000028 cmc 0x00000029 sub esp, 0Bh 0x0000002c bsr ax, sp 0x00000030 neg dl 0x00000032 jmp 00007FC408FFC9C7h 0x00000034 mov dword ptr [esp+01h], esi 0x00000038 dec ah 0x0000003a mov dh, bl 0x0000003c lea esp, dword ptr [esp+0Bh] 0x00000040 pop dx 0x00000042 lea edi, dword ptr [00000000h+esi*4] 0x00000049 jmp 00007FC408FFC9E7h 0x0000004b mov al, dh 0x0000004d sub al, 1Ah 0x0000004f pushfd 0x00000050 mov ax, word ptr [esp+07h] 0x00000055 mov dh, 0Fh 0x00000057 bswap eax 0x00000059 jmp 00007FC408FFC956h 0x0000005b add esp, 03h 0x0000005e mov di, dx 0x00000061 stc 0x00000062 mov word ptr [esp+02h], si 0x00000067 mov dword ptr [esp], ecx 0x0000006a xchg dword ptr [esp], edx 0x0000006d jmp 00007FC408FFC968h 0x0000006f clc 0x00000070 mov ax, 26AAh 0x00000074 push dword ptr [esp+02h] 0x00000078 mov word ptr [esp+06h], si 0x0000007d rdtsc |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
RDTSC instruction interceptor: First address: 202BF29 second address: 202BF78 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC40850ADAAh 0x00000004 mov edi, dword ptr [esp+04h] 0x00000008 ror eax, cl 0x0000000a stc 0x0000000b xchg dl, ah 0x0000000d lea esp, dword ptr [esp+04h] 0x00000011 add esp, 05h 0x00000014 jmp 00007FC40850ADE0h 0x00000016 mov dl, byte ptr [esp] 0x00000019 btc di, dx 0x0000001d cld 0x0000001e sub esp, 0Dh 0x00000021 mov al, 0Ch 0x00000023 cmc 0x00000024 jmp 00007FC40850AD60h 0x00000026 mov word ptr [esp+06h], bx 0x0000002b mov ax, E973h 0x0000002f pop word ptr [esp+09h] 0x00000034 pop dword ptr [esp+02h] 0x00000038 xchg al, dl 0x0000003a mov eax, dword ptr [esp+07h] 0x0000003e jmp 00007FC40850AD62h 0x00000040 neg al 0x00000042 pop ax 0x00000044 mov edi, dword ptr [esp] 0x00000047 lea esp, dword ptr [esp+03h] 0x0000004b rdtsc |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
RDTSC instruction interceptor: First address: 202BF78 second address: 202BF7A instructions: 0x00000000 rdtsc 0x00000002 rdtsc |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
RDTSC instruction interceptor: First address: 202BF7A second address: 202C273 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC40850ADDFh 0x00000004 xchg word ptr [esp], dx 0x00000008 bsf edx, esi 0x0000000b mov al, byte ptr [esp] 0x0000000e xchg word ptr [esp], di 0x00000012 not ax 0x00000015 mov ah, bl 0x00000017 jmp 00007FC40850AD67h 0x00000019 mov ah, F4h 0x0000001b mov dx, word ptr [esp+01h] 0x00000020 mov ax, 70EEh 0x00000024 lea eax, dword ptr [esi+ebp] 0x00000027 jmp 00007FC40850ADADh 0x00000029 sub ax, si 0x0000002c lea edx, dword ptr [esi+12A880F2h] 0x00000032 sub ax, bp 0x00000035 mov edx, dword ptr [esp] 0x00000038 bsr di, bx 0x0000003c lea esp, dword ptr [esp] 0x0000003f jmp 00007FC40850C5DEh 0x00000044 neg di 0x00000047 lea edi, dword ptr [edi+ebp] 0x0000004a bsr edi, esi 0x0000004d sub esp, 04h 0x00000050 mov di, cx 0x00000053 mov eax, dword ptr [esp+03h] 0x00000057 jmp 00007FC40850A3E5h 0x0000005c mov dword ptr [esp], edx 0x0000005f mov word ptr [esp+03h], ax 0x00000064 btr edi, ebx 0x00000067 lea edi, dword ptr [esp+000000C2h] 0x0000006e setno dl 0x00000071 mov di, word ptr [esp+05h] 0x00000076 jmp 00007FC40850A135h 0x0000007b mov al, dl 0x0000007d xchg edi, edx 0x0000007f mov edi, dword ptr [esp+05h] 0x00000083 rdtsc |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
RDTSC instruction interceptor: First address: 202C17F second address: 202C233 instructions: 0x00000000 rdtsc 0x00000002 xchg dh, ah 0x00000004 mov word ptr [esp], di 0x00000008 rcr di, 0000h 0x0000000c jmp 00007FC408FFC9D8h 0x0000000e lea eax, dword ptr [00000000h+ebx*4] 0x00000015 push dword ptr [esp+0Dh] 0x00000019 cld 0x0000001a pop edx 0x0000001b jmp 00007FC408FFC9DFh 0x0000001d xchg byte ptr [esp+08h], dh 0x00000021 rdtsc |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
RDTSC instruction interceptor: First address: 202C233 second address: 202C52F instructions: 0x00000000 rdtsc 0x00000002 cld 0x00000003 mov dx, di 0x00000006 clc 0x00000007 mov dword ptr [esp+03h], esp 0x0000000b jmp 00007FC40850AD57h 0x0000000d dec dx 0x0000000f cmc 0x00000010 lea edi, dword ptr [esp-4Eh] 0x00000014 pop eax 0x00000015 xor dl, FFFFFFDAh 0x00000018 mov edx, 0C2319A1h 0x0000001d jmp 00007FC40850ADBBh 0x0000001f add esp, 03h 0x00000022 inc di 0x00000024 cld 0x00000025 push dword ptr [esp+03h] 0x00000029 mov dword ptr [esp+02h], edi 0x0000002d call 00007FC40850AD59h 0x00000032 not edx 0x00000034 jmp 00007FC40850ADCAh 0x00000036 mov di, 5708h 0x0000003a mov dx, D50Dh 0x0000003e mov di, 218Dh 0x00000042 bsf ax, cx 0x00000046 pop edi 0x00000047 cld 0x00000048 jmp 00007FC40850B04Ch 0x0000004d neg dl 0x0000004f push word ptr [esp] 0x00000053 neg al 0x00000055 inc edi 0x00000056 push word ptr [esp+0Dh] 0x0000005b rdtsc |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
RDTSC instruction interceptor: First address: 202C52F second address: 202C2A5 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC408FFC724h 0x00000007 mov ah, E4h 0x00000009 pop dword ptr [esp+06h] 0x0000000d push word ptr [esp+09h] 0x00000012 neg ax 0x00000015 xchg word ptr [esp+02h], di 0x0000001a cmc 0x0000001b jmp 00007FC408FFC94Bh 0x0000001d xchg byte ptr [esp+02h], al 0x00000021 mov edi, esi 0x00000023 push word ptr [esp] 0x00000027 mov edi, 912CC6F7h 0x0000002c xchg edx, eax 0x0000002e rdtsc |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
RDTSC instruction interceptor: First address: 202C9E2 second address: 202C68A instructions: 0x00000000 rdtsc 0x00000002 mov dl, byte ptr [esp] 0x00000005 xchg dx, ax 0x00000008 bsr dx, di 0x0000000c mov eax, dword ptr [esp] 0x0000000f lea eax, dword ptr [edx+edi] 0x00000012 jmp 00007FC40850ACFBh 0x00000017 adc di, B7E0h 0x0000001c lea eax, dword ptr [esi+000024F4h] 0x00000022 lea edx, dword ptr [00000000h+ebx*4] 0x00000029 xchg byte ptr [esp], dl 0x0000002c bsf edx, eax 0x0000002f mov ax, dx 0x00000032 jmp 00007FC40850AA9Eh 0x00000037 pop di 0x00000039 rdtsc |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
RDTSC instruction interceptor: First address: 202C68A second address: 202C622 instructions: 0x00000000 rdtsc 0x00000002 bsf dx, sp 0x00000006 neg dl 0x00000008 bswap eax 0x0000000a not edx 0x0000000c jmp 00007FC408FFC91Bh 0x0000000e std 0x0000000f rdtsc |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
RDTSC instruction interceptor: First address: 202C79E second address: 202C7E1 instructions: 0x00000000 rdtsc 0x00000002 cld 0x00000003 bts edx, eax 0x00000006 bswap eax 0x00000008 jmp 00007FC40850ADF0h 0x0000000a bsr ax, di 0x0000000e pushad 0x0000000f lea esp, dword ptr [esp+5Ch] 0x00000013 mov dh, 08h 0x00000015 mov edx, 0D1EF17Dh 0x0000001a mov ax, 5A05h 0x0000001e call 00007FC40850AD65h 0x00000023 jmp 00007FC40850AD7Ah 0x00000025 pop eax 0x00000026 setl ah 0x00000029 btc ax, bp 0x0000002d rdtsc |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
RDTSC instruction interceptor: First address: 202C7E1 second address: 202C839 instructions: 0x00000000 rdtsc 0x00000002 setb dl 0x00000005 call 00007FC408FFC9F8h 0x0000000a bt di, bp 0x0000000e jmp 00007FC408FFC973h 0x00000010 xchg word ptr [esp], ax 0x00000014 rdtsc |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
RDTSC instruction interceptor: First address: 202C912 second address: 202CA62 instructions: 0x00000000 rdtsc 0x00000002 mov edi, esp 0x00000004 mov edx, edi 0x00000006 lea esp, dword ptr [esp] 0x00000009 cmc 0x0000000a call 00007FC40850ADB3h 0x0000000f jmp 00007FC40850ADE6h 0x00000011 mov dword ptr [esp], edi 0x00000014 push dword ptr [esp+02h] 0x00000018 mov edx, esp 0x0000001a shr dx, 000Bh 0x0000001e rcl dx, cl 0x00000021 sub esp, 0Dh 0x00000024 jmp 00007FC40850AD29h 0x00000026 mov ah, byte ptr [esp+04h] 0x0000002a not ah 0x0000002c mov edx, dword ptr [esp+10h] 0x00000030 call 00007FC40850ADC4h 0x00000035 bswap eax 0x00000037 mov byte ptr [esp+16h], ch 0x0000003b add ax, ax 0x0000003e jmp 00007FC40850ADC8h 0x00000040 mov dx, ax 0x00000043 xchg word ptr [esp+09h], di 0x00000048 xchg eax, edx 0x00000049 mov byte ptr [esp+0Bh], ch 0x0000004d lea edx, dword ptr [eax+ecx] 0x00000050 pop ax 0x00000052 jmp 00007FC40850AD68h 0x00000054 pushfd 0x00000055 lea edi, dword ptr [00000000h+esi*4] 0x0000005c neg di 0x0000005f jmp 00007FC40850AE35h 0x00000064 cmp edx, CF69AA57h 0x0000006a mov dh, 87h 0x0000006c rdtsc |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
RDTSC instruction interceptor: First address: 1FA8D27 second address: 1FA8D5D instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC408FFC970h 0x00000004 mov eax, edi 0x00000006 call 00007FC408FFC9CAh 0x0000000b xchg dx, ax 0x0000000e mov ax, si 0x00000011 xchg ecx, edx 0x00000013 pushad 0x00000014 xchg dword ptr [esp+20h], eax 0x00000018 jmp 00007FC408FFC969h 0x0000001a mov dx, 8EE9h 0x0000001e pushfd 0x0000001f mov dh, BBh 0x00000021 xchg dword ptr [esp], ecx 0x00000024 mov dx, 47ECh 0x00000028 lea eax, dword ptr [eax-00006640h] 0x0000002e call 00007FC408FFC9BBh 0x00000033 jmp 00007FC408FFC97Ah 0x00000035 mov byte ptr [esp], al 0x00000038 mov dh, ch 0x0000003a xchg dword ptr [esp+28h], eax 0x0000003e rdtsc |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
RDTSC instruction interceptor: First address: 1F9DB2E second address: 1F9DB36 instructions: 0x00000000 rdtsc 0x00000002 call 00007FC40850AD96h 0x00000007 rdtsc |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
RDTSC instruction interceptor: First address: 1F9DB36 second address: 1F9DC67 instructions: 0x00000000 rdtsc 0x00000002 mov eax, dword ptr [esp+02h] 0x00000006 jmp 00007FC408FFC996h 0x00000008 sete cl 0x0000000b call 00007FC408FFCAA7h 0x00000010 btr edx, ebp 0x00000013 mov ah, byte ptr [esp] 0x00000016 mov esi, 87D39950h 0x0000001b rdtsc |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
RDTSC instruction interceptor: First address: 1F9DC67 second address: 1F9DC3B instructions: 0x00000000 rdtsc 0x00000002 xchg bl, dh 0x00000004 jmp 00007FC40850AD34h 0x00000006 xchg dword ptr [esp], edi 0x00000009 bswap edx 0x0000000b btc ebx, ecx 0x0000000e xchg dh, dl 0x00000010 not ah 0x00000012 mov dh, byte ptr [esp] 0x00000015 jmp 00007FC40850AD03h 0x0000001a lea edi, dword ptr [edi+000001DCh] 0x00000020 sub esp, 01h 0x00000023 neg bl 0x00000025 mov dx, sp 0x00000028 mov dx, 2953h 0x0000002c lea esp, dword ptr [esp+01h] 0x00000030 jmp 00007FC40850AD63h 0x00000032 xchg dword ptr [esp], edi 0x00000035 xor ecx, 2D1A05F5h 0x0000003b mov ebp, dword ptr [esp] 0x0000003e mov dh, ah 0x00000040 mov bh, byte ptr [esp] 0x00000043 jmp 00007FC40850AD69h 0x00000045 push dword ptr [esp] 0x00000048 retn 0004h 0x0000004b add esp, 08h 0x0000004e jnl 00007FC40850AC26h 0x00000054 pop esi 0x00000055 mov dl, byte ptr [esp] 0x00000058 call 00007FC40850ADACh 0x0000005d xor eax, BFDCF547h 0x00000062 not edx 0x00000064 push dx 0x00000066 lea esp, dword ptr [esp+02h] 0x0000006a xchg dword ptr [esp], ecx 0x0000006d jmp 00007FC40850AD6Ah 0x0000006f cmc 0x00000070 cmc 0x00000071 call 00007FC40850ADB6h 0x00000076 push dword ptr [esp+03h] 0x0000007a mov bl, byte ptr [esp] 0x0000007d lea ecx, dword ptr [ecx-0000001Fh] 0x00000083 cmp ax, 0000244Fh 0x00000087 jmp 00007FC40850ADC7h 0x00000089 mov dl, bl 0x0000008b rdtsc |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
RDTSC instruction interceptor: First address: 1F9EAA1 second address: 1F9EAA5 instructions: 0x00000000 rdtsc 0x00000002 xchg ebp, edx 0x00000004 rdtsc |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
RDTSC instruction interceptor: First address: 1FD853C second address: 1FD854D instructions: 0x00000000 rdtsc 0x00000002 call 00007FC40850AD96h 0x00000007 lea edx, dword ptr [eax+edi] 0x0000000a clc 0x0000000b mov eax, E4ABA4C0h 0x00000010 rdtsc |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
RDTSC instruction interceptor: First address: 1FD5AF7 second address: 1FD5AF9 instructions: 0x00000000 rdtsc 0x00000002 rdtsc |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
RDTSC instruction interceptor: First address: 1FE7F5A second address: 1FE7F5C instructions: 0x00000000 rdtsc 0x00000002 rdtsc |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
RDTSC instruction interceptor: First address: 202BEE4 second address: 202BF29 instructions: 0x00000000 rdtsc 0x00000002 lea esp, dword ptr [esp] 0x00000005 dec edi 0x00000006 adc edi, esp 0x00000008 ror dx, cl 0x0000000b jmp 00007FC408FFC964h 0x0000000d clc 0x0000000e mov al, byte ptr [esp+05h] 0x00000012 lea edi, dword ptr [00000000h+ecx*4] 0x00000019 add esp, 08h 0x0000001c lea edx, dword ptr [00000000h+eax*4] 0x00000023 jmp 00007FC408FFC964h 0x00000025 lea edx, dword ptr [ecx+esi] 0x00000028 cmc 0x00000029 sub esp, 0Bh 0x0000002c bsr ax, sp 0x00000030 neg dl 0x00000032 jmp 00007FC408FFC9C7h 0x00000034 mov dword ptr [esp+01h], esi 0x00000038 dec ah 0x0000003a mov dh, bl 0x0000003c lea esp, dword ptr [esp+0Bh] 0x00000040 pop dx 0x00000042 lea edi, dword ptr [00000000h+esi*4] 0x00000049 jmp 00007FC408FFC9E7h 0x0000004b mov al, dh 0x0000004d sub al, 1Ah 0x0000004f pushfd 0x00000050 mov ax, word ptr [esp+07h] 0x00000055 mov dh, 0Fh 0x00000057 bswap eax 0x00000059 jmp 00007FC408FFC956h 0x0000005b add esp, 03h 0x0000005e mov di, dx 0x00000061 stc 0x00000062 mov word ptr [esp+02h], si 0x00000067 mov dword ptr [esp], ecx 0x0000006a xchg dword ptr [esp], edx 0x0000006d jmp 00007FC408FFC968h 0x0000006f clc 0x00000070 mov ax, 26AAh 0x00000074 push dword ptr [esp+02h] 0x00000078 mov word ptr [esp+06h], si 0x0000007d rdtsc |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
RDTSC instruction interceptor: First address: 202BF29 second address: 202BF78 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC40850ADAAh 0x00000004 mov edi, dword ptr [esp+04h] 0x00000008 ror eax, cl 0x0000000a stc 0x0000000b xchg dl, ah 0x0000000d lea esp, dword ptr [esp+04h] 0x00000011 add esp, 05h 0x00000014 jmp 00007FC40850ADE0h 0x00000016 mov dl, byte ptr [esp] 0x00000019 btc di, dx 0x0000001d cld 0x0000001e sub esp, 0Dh 0x00000021 mov al, 0Ch 0x00000023 cmc 0x00000024 jmp 00007FC40850AD60h 0x00000026 mov word ptr [esp+06h], bx 0x0000002b mov ax, E973h 0x0000002f pop word ptr [esp+09h] 0x00000034 pop dword ptr [esp+02h] 0x00000038 xchg al, dl 0x0000003a mov eax, dword ptr [esp+07h] 0x0000003e jmp 00007FC40850AD62h 0x00000040 neg al 0x00000042 pop ax 0x00000044 mov edi, dword ptr [esp] 0x00000047 lea esp, dword ptr [esp+03h] 0x0000004b rdtsc |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
RDTSC instruction interceptor: First address: 202BF78 second address: 202BF7A instructions: 0x00000000 rdtsc 0x00000002 rdtsc |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
RDTSC instruction interceptor: First address: 202BF7A second address: 202C273 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC40850ADDFh 0x00000004 xchg word ptr [esp], dx 0x00000008 bsf edx, esi 0x0000000b mov al, byte ptr [esp] 0x0000000e xchg word ptr [esp], di 0x00000012 not ax 0x00000015 mov ah, bl 0x00000017 jmp 00007FC40850AD67h 0x00000019 mov ah, F4h 0x0000001b mov dx, word ptr [esp+01h] 0x00000020 mov ax, 70EEh 0x00000024 lea eax, dword ptr [esi+ebp] 0x00000027 jmp 00007FC40850ADADh 0x00000029 sub ax, si 0x0000002c lea edx, dword ptr [esi+12A880F2h] 0x00000032 sub ax, bp 0x00000035 mov edx, dword ptr [esp] 0x00000038 bsr di, bx 0x0000003c lea esp, dword ptr [esp] 0x0000003f jmp 00007FC40850C5DEh 0x00000044 neg di 0x00000047 lea edi, dword ptr [edi+ebp] 0x0000004a bsr edi, esi 0x0000004d sub esp, 04h 0x00000050 mov di, cx 0x00000053 mov eax, dword ptr [esp+03h] 0x00000057 jmp 00007FC40850A3E5h 0x0000005c mov dword ptr [esp], edx 0x0000005f mov word ptr [esp+03h], ax 0x00000064 btr edi, ebx 0x00000067 lea edi, dword ptr [esp+000000C2h] 0x0000006e setno dl 0x00000071 mov di, word ptr [esp+05h] 0x00000076 jmp 00007FC40850A135h 0x0000007b mov al, dl 0x0000007d xchg edi, edx 0x0000007f mov edi, dword ptr [esp+05h] 0x00000083 rdtsc |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
RDTSC instruction interceptor: First address: 202C17F second address: 202C233 instructions: 0x00000000 rdtsc 0x00000002 xchg dh, ah 0x00000004 mov word ptr [esp], di 0x00000008 rcr di, 0000h 0x0000000c jmp 00007FC408FFC9D8h 0x0000000e lea eax, dword ptr [00000000h+ebx*4] 0x00000015 push dword ptr [esp+0Dh] 0x00000019 cld 0x0000001a pop edx 0x0000001b jmp 00007FC408FFC9DFh 0x0000001d xchg byte ptr [esp+08h], dh 0x00000021 rdtsc |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
RDTSC instruction interceptor: First address: 202C233 second address: 202C52F instructions: 0x00000000 rdtsc 0x00000002 cld 0x00000003 mov dx, di 0x00000006 clc 0x00000007 mov dword ptr [esp+03h], esp 0x0000000b jmp 00007FC40850AD57h 0x0000000d dec dx 0x0000000f cmc 0x00000010 lea edi, dword ptr [esp-4Eh] 0x00000014 pop eax 0x00000015 xor dl, FFFFFFDAh 0x00000018 mov edx, 0C2319A1h 0x0000001d jmp 00007FC40850ADBBh 0x0000001f add esp, 03h 0x00000022 inc di 0x00000024 cld 0x00000025 push dword ptr [esp+03h] 0x00000029 mov dword ptr [esp+02h], edi 0x0000002d call 00007FC40850AD59h 0x00000032 not edx 0x00000034 jmp 00007FC40850ADCAh 0x00000036 mov di, 5708h 0x0000003a mov dx, D50Dh 0x0000003e mov di, 218Dh 0x00000042 bsf ax, cx 0x00000046 pop edi 0x00000047 cld 0x00000048 jmp 00007FC40850B04Ch 0x0000004d neg dl 0x0000004f push word ptr [esp] 0x00000053 neg al 0x00000055 inc edi 0x00000056 push word ptr [esp+0Dh] 0x0000005b rdtsc |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
RDTSC instruction interceptor: First address: 202C52F second address: 202C2A5 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC408FFC724h 0x00000007 mov ah, E4h 0x00000009 pop dword ptr [esp+06h] 0x0000000d push word ptr [esp+09h] 0x00000012 neg ax 0x00000015 xchg word ptr [esp+02h], di 0x0000001a cmc 0x0000001b jmp 00007FC408FFC94Bh 0x0000001d xchg byte ptr [esp+02h], al 0x00000021 mov edi, esi 0x00000023 push word ptr [esp] 0x00000027 mov edi, 912CC6F7h 0x0000002c xchg edx, eax 0x0000002e rdtsc |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
RDTSC instruction interceptor: First address: 202C9E2 second address: 202C68A instructions: 0x00000000 rdtsc 0x00000002 mov dl, byte ptr [esp] 0x00000005 xchg dx, ax 0x00000008 bsr dx, di 0x0000000c mov eax, dword ptr [esp] 0x0000000f lea eax, dword ptr [edx+edi] 0x00000012 jmp 00007FC40850ACFBh 0x00000017 adc di, B7E0h 0x0000001c lea eax, dword ptr [esi+000024F4h] 0x00000022 lea edx, dword ptr [00000000h+ebx*4] 0x00000029 xchg byte ptr [esp], dl 0x0000002c bsf edx, eax 0x0000002f mov ax, dx 0x00000032 jmp 00007FC40850AA9Eh 0x00000037 pop di 0x00000039 rdtsc |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
RDTSC instruction interceptor: First address: 202C68A second address: 202C622 instructions: 0x00000000 rdtsc 0x00000002 bsf dx, sp 0x00000006 neg dl 0x00000008 bswap eax 0x0000000a not edx 0x0000000c jmp 00007FC408FFC91Bh 0x0000000e std 0x0000000f rdtsc |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
RDTSC instruction interceptor: First address: 202C79E second address: 202C7E1 instructions: 0x00000000 rdtsc 0x00000002 cld 0x00000003 bts edx, eax 0x00000006 bswap eax 0x00000008 jmp 00007FC40850ADF0h 0x0000000a bsr ax, di 0x0000000e pushad 0x0000000f lea esp, dword ptr [esp+5Ch] 0x00000013 mov dh, 08h 0x00000015 mov edx, 0D1EF17Dh 0x0000001a mov ax, 5A05h 0x0000001e call 00007FC40850AD65h 0x00000023 jmp 00007FC40850AD7Ah 0x00000025 pop eax 0x00000026 setl ah 0x00000029 btc ax, bp 0x0000002d rdtsc |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
RDTSC instruction interceptor: First address: 202C7E1 second address: 202C839 instructions: 0x00000000 rdtsc 0x00000002 setb dl 0x00000005 call 00007FC408FFC9F8h 0x0000000a bt di, bp 0x0000000e jmp 00007FC408FFC973h 0x00000010 xchg word ptr [esp], ax 0x00000014 rdtsc |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
RDTSC instruction interceptor: First address: 202C912 second address: 202CA62 instructions: 0x00000000 rdtsc 0x00000002 mov edi, esp 0x00000004 mov edx, edi 0x00000006 lea esp, dword ptr [esp] 0x00000009 cmc 0x0000000a call 00007FC40850ADB3h 0x0000000f jmp 00007FC40850ADE6h 0x00000011 mov dword ptr [esp], edi 0x00000014 push dword ptr [esp+02h] 0x00000018 mov edx, esp 0x0000001a shr dx, 000Bh 0x0000001e rcl dx, cl 0x00000021 sub esp, 0Dh 0x00000024 jmp 00007FC40850AD29h 0x00000026 mov ah, byte ptr [esp+04h] 0x0000002a not ah 0x0000002c mov edx, dword ptr [esp+10h] 0x00000030 call 00007FC40850ADC4h 0x00000035 bswap eax 0x00000037 mov byte ptr [esp+16h], ch 0x0000003b add ax, ax 0x0000003e jmp 00007FC40850ADC8h 0x00000040 mov dx, ax 0x00000043 xchg word ptr [esp+09h], di 0x00000048 xchg eax, edx 0x00000049 mov byte ptr [esp+0Bh], ch 0x0000004d lea edx, dword ptr [eax+ecx] 0x00000050 pop ax 0x00000052 jmp 00007FC40850AD68h 0x00000054 pushfd 0x00000055 lea edi, dword ptr [00000000h+esi*4] 0x0000005c neg di 0x0000005f jmp 00007FC40850AE35h 0x00000064 cmp edx, CF69AA57h 0x0000006a mov dh, 87h 0x0000006c rdtsc |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
RDTSC instruction interceptor: First address: 1FA8D27 second address: 1FA8D5D instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC408FFC970h 0x00000004 mov eax, edi 0x00000006 call 00007FC408FFC9CAh 0x0000000b xchg dx, ax 0x0000000e mov ax, si 0x00000011 xchg ecx, edx 0x00000013 pushad 0x00000014 xchg dword ptr [esp+20h], eax 0x00000018 jmp 00007FC408FFC969h 0x0000001a mov dx, 8EE9h 0x0000001e pushfd 0x0000001f mov dh, BBh 0x00000021 xchg dword ptr [esp], ecx 0x00000024 mov dx, 47ECh 0x00000028 lea eax, dword ptr [eax-00006640h] 0x0000002e call 00007FC408FFC9BBh 0x00000033 jmp 00007FC408FFC97Ah 0x00000035 mov byte ptr [esp], al 0x00000038 mov dh, ch 0x0000003a xchg dword ptr [esp+28h], eax 0x0000003e rdtsc |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
RDTSC instruction interceptor: First address: 1F9DB2E second address: 1F9DB36 instructions: 0x00000000 rdtsc 0x00000002 call 00007FC40850AD96h 0x00000007 rdtsc |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
RDTSC instruction interceptor: First address: 1F9DB36 second address: 1F9DC67 instructions: 0x00000000 rdtsc 0x00000002 mov eax, dword ptr [esp+02h] 0x00000006 jmp 00007FC408FFC996h 0x00000008 sete cl 0x0000000b call 00007FC408FFCAA7h 0x00000010 btr edx, ebp 0x00000013 mov ah, byte ptr [esp] 0x00000016 mov esi, 87D39950h 0x0000001b rdtsc |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
RDTSC instruction interceptor: First address: 1F9DC67 second address: 1F9DC3B instructions: 0x00000000 rdtsc 0x00000002 xchg bl, dh 0x00000004 jmp 00007FC40850AD34h 0x00000006 xchg dword ptr [esp], edi 0x00000009 bswap edx 0x0000000b btc ebx, ecx 0x0000000e xchg dh, dl 0x00000010 not ah 0x00000012 mov dh, byte ptr [esp] 0x00000015 jmp 00007FC40850AD03h 0x0000001a lea edi, dword ptr [edi+000001DCh] 0x00000020 sub esp, 01h 0x00000023 neg bl 0x00000025 mov dx, sp 0x00000028 mov dx, 2953h 0x0000002c lea esp, dword ptr [esp+01h] 0x00000030 jmp 00007FC40850AD63h 0x00000032 xchg dword ptr [esp], edi 0x00000035 xor ecx, 2D1A05F5h 0x0000003b mov ebp, dword ptr [esp] 0x0000003e mov dh, ah 0x00000040 mov bh, byte ptr [esp] 0x00000043 jmp 00007FC40850AD69h 0x00000045 push dword ptr [esp] 0x00000048 retn 0004h 0x0000004b add esp, 08h 0x0000004e jnl 00007FC40850AC26h 0x00000054 pop esi 0x00000055 mov dl, byte ptr [esp] 0x00000058 call 00007FC40850ADACh 0x0000005d xor eax, BFDCF547h 0x00000062 not edx 0x00000064 push dx 0x00000066 lea esp, dword ptr [esp+02h] 0x0000006a xchg dword ptr [esp], ecx 0x0000006d jmp 00007FC40850AD6Ah 0x0000006f cmc 0x00000070 cmc 0x00000071 call 00007FC40850ADB6h 0x00000076 push dword ptr [esp+03h] 0x0000007a mov bl, byte ptr [esp] 0x0000007d lea ecx, dword ptr [ecx-0000001Fh] 0x00000083 cmp ax, 0000244Fh 0x00000087 jmp 00007FC40850ADC7h 0x00000089 mov dl, bl 0x0000008b rdtsc |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
RDTSC instruction interceptor: First address: 1F9EAA1 second address: 1F9EAA5 instructions: 0x00000000 rdtsc 0x00000002 xchg ebp, edx 0x00000004 rdtsc |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
RDTSC instruction interceptor: First address: 1FD853C second address: 1FD854D instructions: 0x00000000 rdtsc 0x00000002 call 00007FC40850AD96h 0x00000007 lea edx, dword ptr [eax+edi] 0x0000000a clc 0x0000000b mov eax, E4ABA4C0h 0x00000010 rdtsc |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
RDTSC instruction interceptor: First address: 1FD5AF7 second address: 1FD5AF9 instructions: 0x00000000 rdtsc 0x00000002 rdtsc |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
RDTSC instruction interceptor: First address: 1FE7F5A second address: 1FE7F5C instructions: 0x00000000 rdtsc 0x00000002 rdtsc |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EB23C5 mov eax, dword ptr fs:[00000030h] |
0_2_03EB23C5 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EB23C5 mov eax, dword ptr fs:[00000030h] |
0_2_03EB23C5 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EB23C5 mov eax, dword ptr fs:[00000030h] |
0_2_03EB23C5 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03E953C6 mov eax, dword ptr fs:[00000030h] |
0_2_03E953C6 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03E953C6 mov eax, dword ptr fs:[00000030h] |
0_2_03E953C6 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03E953C6 mov eax, dword ptr fs:[00000030h] |
0_2_03E953C6 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EC53A1 mov eax, dword ptr fs:[00000030h] |
0_2_03EC53A1 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EC53A1 mov eax, dword ptr fs:[00000030h] |
0_2_03EC53A1 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EA03A5 mov ecx, dword ptr fs:[00000030h] |
0_2_03EA03A5 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EEA3B0 mov eax, dword ptr fs:[00000030h] |
0_2_03EEA3B0 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03ED3389 mov eax, dword ptr fs:[00000030h] |
0_2_03ED3389 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03ED3389 mov ecx, dword ptr fs:[00000030h] |
0_2_03ED3389 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EDC389 mov eax, dword ptr fs:[00000030h] |
0_2_03EDC389 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EDC389 mov eax, dword ptr fs:[00000030h] |
0_2_03EDC389 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EDC389 mov eax, dword ptr fs:[00000030h] |
0_2_03EDC389 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EDC389 mov eax, dword ptr fs:[00000030h] |
0_2_03EDC389 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EDC389 mov eax, dword ptr fs:[00000030h] |
0_2_03EDC389 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EDC389 mov eax, dword ptr fs:[00000030h] |
0_2_03EDC389 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EDC389 mov ecx, dword ptr fs:[00000030h] |
0_2_03EDC389 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EDC389 mov eax, dword ptr fs:[00000030h] |
0_2_03EDC389 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EC0382 mov eax, dword ptr fs:[00000030h] |
0_2_03EC0382 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EC0382 mov eax, dword ptr fs:[00000030h] |
0_2_03EC0382 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EC0382 mov ecx, dword ptr fs:[00000030h] |
0_2_03EC0382 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EBB362 mov eax, dword ptr fs:[00000030h] |
0_2_03EBB362 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03ED737B mov eax, dword ptr fs:[00000030h] |
0_2_03ED737B |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03ED737B mov eax, dword ptr fs:[00000030h] |
0_2_03ED737B |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03ED737B mov eax, dword ptr fs:[00000030h] |
0_2_03ED737B |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EB7373 mov eax, dword ptr fs:[00000030h] |
0_2_03EB7373 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EE1355 mov eax, dword ptr fs:[00000030h] |
0_2_03EE1355 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EEF324 mov eax, dword ptr fs:[00000030h] |
0_2_03EEF324 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EC033C mov eax, dword ptr fs:[00000030h] |
0_2_03EC033C |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EC033C mov eax, dword ptr fs:[00000030h] |
0_2_03EC033C |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EE833F mov eax, dword ptr fs:[00000030h] |
0_2_03EE833F |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03ED8335 mov eax, dword ptr fs:[00000030h] |
0_2_03ED8335 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03ED8335 mov ecx, dword ptr fs:[00000030h] |
0_2_03ED8335 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EDD2FF mov eax, dword ptr fs:[00000030h] |
0_2_03EDD2FF |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EDD2FF mov eax, dword ptr fs:[00000030h] |
0_2_03EDD2FF |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EDD2FF mov eax, dword ptr fs:[00000030h] |
0_2_03EDD2FF |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EDD2FF mov eax, dword ptr fs:[00000030h] |
0_2_03EDD2FF |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EDD2FF mov ecx, dword ptr fs:[00000030h] |
0_2_03EDD2FF |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EC02D4 mov eax, dword ptr fs:[00000030h] |
0_2_03EC02D4 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EC02D4 mov eax, dword ptr fs:[00000030h] |
0_2_03EC02D4 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EC02D4 mov eax, dword ptr fs:[00000030h] |
0_2_03EC02D4 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EC02D4 mov eax, dword ptr fs:[00000030h] |
0_2_03EC02D4 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EEA2D6 mov eax, dword ptr fs:[00000030h] |
0_2_03EEA2D6 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EDF249 mov eax, dword ptr fs:[00000030h] |
0_2_03EDF249 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EDF249 mov eax, dword ptr fs:[00000030h] |
0_2_03EDF249 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EDF249 mov eax, dword ptr fs:[00000030h] |
0_2_03EDF249 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EDF249 mov eax, dword ptr fs:[00000030h] |
0_2_03EDF249 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EDF249 mov ecx, dword ptr fs:[00000030h] |
0_2_03EDF249 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EB1256 mov eax, dword ptr fs:[00000030h] |
0_2_03EB1256 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EB1256 mov eax, dword ptr fs:[00000030h] |
0_2_03EB1256 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EB1256 mov eax, dword ptr fs:[00000030h] |
0_2_03EB1256 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EC5205 mov eax, dword ptr fs:[00000030h] |
0_2_03EC5205 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EC5205 mov eax, dword ptr fs:[00000030h] |
0_2_03EC5205 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EC5205 mov eax, dword ptr fs:[00000030h] |
0_2_03EC5205 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EC5205 mov eax, dword ptr fs:[00000030h] |
0_2_03EC5205 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EC71E3 mov eax, dword ptr fs:[00000030h] |
0_2_03EC71E3 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EC71E3 mov eax, dword ptr fs:[00000030h] |
0_2_03EC71E3 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EEA1FC mov eax, dword ptr fs:[00000030h] |
0_2_03EEA1FC |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EDA1A5 mov ecx, dword ptr fs:[00000030h] |
0_2_03EDA1A5 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EBF1BC mov ecx, dword ptr fs:[00000030h] |
0_2_03EBF1BC |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EBF1BC mov eax, dword ptr fs:[00000030h] |
0_2_03EBF1BC |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EEA18E mov eax, dword ptr fs:[00000030h] |
0_2_03EEA18E |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EEA18E mov eax, dword ptr fs:[00000030h] |
0_2_03EEA18E |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EEA18E mov eax, dword ptr fs:[00000030h] |
0_2_03EEA18E |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03ED3183 mov eax, dword ptr fs:[00000030h] |
0_2_03ED3183 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03ED3183 mov ecx, dword ptr fs:[00000030h] |
0_2_03ED3183 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03E94195 mov eax, dword ptr fs:[00000030h] |
0_2_03E94195 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03E94195 mov eax, dword ptr fs:[00000030h] |
0_2_03E94195 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EE816F mov eax, dword ptr fs:[00000030h] |
0_2_03EE816F |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EE816F mov eax, dword ptr fs:[00000030h] |
0_2_03EE816F |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EE816F mov eax, dword ptr fs:[00000030h] |
0_2_03EE816F |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03ED5166 mov eax, dword ptr fs:[00000030h] |
0_2_03ED5166 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03E9417B mov eax, dword ptr fs:[00000030h] |
0_2_03E9417B |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03E9417B mov eax, dword ptr fs:[00000030h] |
0_2_03E9417B |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EDF155 mov eax, dword ptr fs:[00000030h] |
0_2_03EDF155 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03E99156 mov esi, dword ptr fs:[00000030h] |
0_2_03E99156 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03ED4135 mov eax, dword ptr fs:[00000030h] |
0_2_03ED4135 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03ED4135 mov eax, dword ptr fs:[00000030h] |
0_2_03ED4135 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03ED4135 mov eax, dword ptr fs:[00000030h] |
0_2_03ED4135 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03ED4135 mov eax, dword ptr fs:[00000030h] |
0_2_03ED4135 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03ED4135 mov eax, dword ptr fs:[00000030h] |
0_2_03ED4135 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03ED4135 mov eax, dword ptr fs:[00000030h] |
0_2_03ED4135 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03ED4135 mov eax, dword ptr fs:[00000030h] |
0_2_03ED4135 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03ED4135 mov eax, dword ptr fs:[00000030h] |
0_2_03ED4135 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03ED4135 mov eax, dword ptr fs:[00000030h] |
0_2_03ED4135 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03ED4135 mov eax, dword ptr fs:[00000030h] |
0_2_03ED4135 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03ED5100 mov eax, dword ptr fs:[00000030h] |
0_2_03ED5100 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EEB0E9 mov eax, dword ptr fs:[00000030h] |
0_2_03EEB0E9 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EEB0E9 mov eax, dword ptr fs:[00000030h] |
0_2_03EEB0E9 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03E940FC mov eax, dword ptr fs:[00000030h] |
0_2_03E940FC |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03ED40D5 mov eax, dword ptr fs:[00000030h] |
0_2_03ED40D5 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EEB0A5 mov eax, dword ptr fs:[00000030h] |
0_2_03EEB0A5 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03ED8091 mov eax, dword ptr fs:[00000030h] |
0_2_03ED8091 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03ED8091 mov eax, dword ptr fs:[00000030h] |
0_2_03ED8091 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EF3044 mov eax, dword ptr fs:[00000030h] |
0_2_03EF3044 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EF3044 mov ecx, dword ptr fs:[00000030h] |
0_2_03EF3044 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EDF035 mov eax, dword ptr fs:[00000030h] |
0_2_03EDF035 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EDF035 mov ecx, dword ptr fs:[00000030h] |
0_2_03EDF035 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EF1007 mov eax, dword ptr fs:[00000030h] |
0_2_03EF1007 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EF1007 mov eax, dword ptr fs:[00000030h] |
0_2_03EF1007 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03ED3003 mov eax, dword ptr fs:[00000030h] |
0_2_03ED3003 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03ED3003 mov eax, dword ptr fs:[00000030h] |
0_2_03ED3003 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EBF018 mov ecx, dword ptr fs:[00000030h] |
0_2_03EBF018 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EBF018 mov eax, dword ptr fs:[00000030h] |
0_2_03EBF018 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03E917E3 mov eax, dword ptr fs:[00000030h] |
0_2_03E917E3 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EDC7F5 mov ecx, dword ptr fs:[00000030h] |
0_2_03EDC7F5 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EC47F5 mov eax, dword ptr fs:[00000030h] |
0_2_03EC47F5 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EC47F5 mov eax, dword ptr fs:[00000030h] |
0_2_03EC47F5 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EC97F5 mov eax, dword ptr fs:[00000030h] |
0_2_03EC97F5 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EBB7C3 mov eax, dword ptr fs:[00000030h] |
0_2_03EBB7C3 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EBB7C3 mov eax, dword ptr fs:[00000030h] |
0_2_03EBB7C3 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EEA7DD mov eax, dword ptr fs:[00000030h] |
0_2_03EEA7DD |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EEA7DD mov eax, dword ptr fs:[00000030h] |
0_2_03EEA7DD |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03E9F7D0 mov eax, dword ptr fs:[00000030h] |
0_2_03E9F7D0 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03ECD769 mov eax, dword ptr fs:[00000030h] |
0_2_03ECD769 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03ECD769 mov ecx, dword ptr fs:[00000030h] |
0_2_03ECD769 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EE1775 mov eax, dword ptr fs:[00000030h] |
0_2_03EE1775 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03ED3747 mov eax, dword ptr fs:[00000030h] |
0_2_03ED3747 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03ED3747 mov eax, dword ptr fs:[00000030h] |
0_2_03ED3747 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EF4758 mov eax, dword ptr fs:[00000030h] |
0_2_03EF4758 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EF4758 mov eax, dword ptr fs:[00000030h] |
0_2_03EF4758 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03ED172A mov eax, dword ptr fs:[00000030h] |
0_2_03ED172A |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03ED172A mov ecx, dword ptr fs:[00000030h] |
0_2_03ED172A |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EE0724 mov eax, dword ptr fs:[00000030h] |
0_2_03EE0724 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EF0739 mov eax, dword ptr fs:[00000030h] |
0_2_03EF0739 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EF0739 mov eax, dword ptr fs:[00000030h] |
0_2_03EF0739 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EF0739 mov eax, dword ptr fs:[00000030h] |
0_2_03EF0739 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EF0739 mov eax, dword ptr fs:[00000030h] |
0_2_03EF0739 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03ED8705 mov eax, dword ptr fs:[00000030h] |
0_2_03ED8705 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03ED8705 mov ecx, dword ptr fs:[00000030h] |
0_2_03ED8705 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EA06F2 mov eax, dword ptr fs:[00000030h] |
0_2_03EA06F2 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EA06F2 mov ecx, dword ptr fs:[00000030h] |
0_2_03EA06F2 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EA06F2 mov eax, dword ptr fs:[00000030h] |
0_2_03EA06F2 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EF36C4 mov eax, dword ptr fs:[00000030h] |
0_2_03EF36C4 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EF36C4 mov eax, dword ptr fs:[00000030h] |
0_2_03EF36C4 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03E986D5 mov eax, dword ptr fs:[00000030h] |
0_2_03E986D5 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03E986D5 mov ecx, dword ptr fs:[00000030h] |
0_2_03E986D5 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03ED168B mov eax, dword ptr fs:[00000030h] |
0_2_03ED168B |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03ED3669 mov eax, dword ptr fs:[00000030h] |
0_2_03ED3669 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03ED2662 mov eax, dword ptr fs:[00000030h] |
0_2_03ED2662 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03ED2662 mov eax, dword ptr fs:[00000030h] |
0_2_03ED2662 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EB2635 mov eax, dword ptr fs:[00000030h] |
0_2_03EB2635 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EB2635 mov ecx, dword ptr fs:[00000030h] |
0_2_03EB2635 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EB2635 mov eax, dword ptr fs:[00000030h] |
0_2_03EB2635 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EEA61F mov eax, dword ptr fs:[00000030h] |
0_2_03EEA61F |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03ED35E4 mov eax, dword ptr fs:[00000030h] |
0_2_03ED35E4 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EC55C5 mov eax, dword ptr fs:[00000030h] |
0_2_03EC55C5 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EF45C2 mov eax, dword ptr fs:[00000030h] |
0_2_03EF45C2 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EF45C2 mov eax, dword ptr fs:[00000030h] |
0_2_03EF45C2 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EF45C2 mov eax, dword ptr fs:[00000030h] |
0_2_03EF45C2 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EF45C2 mov eax, dword ptr fs:[00000030h] |
0_2_03EF45C2 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03E9A5B5 mov eax, dword ptr fs:[00000030h] |
0_2_03E9A5B5 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EC4575 mov eax, dword ptr fs:[00000030h] |
0_2_03EC4575 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EC4575 mov eax, dword ptr fs:[00000030h] |
0_2_03EC4575 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EC4575 mov eax, dword ptr fs:[00000030h] |
0_2_03EC4575 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EC4575 mov eax, dword ptr fs:[00000030h] |
0_2_03EC4575 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EEA571 mov eax, dword ptr fs:[00000030h] |
0_2_03EEA571 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EEA571 mov eax, dword ptr fs:[00000030h] |
0_2_03EEA571 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03ED154F mov eax, dword ptr fs:[00000030h] |
0_2_03ED154F |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EE1545 mov eax, dword ptr fs:[00000030h] |
0_2_03EE1545 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EB8526 mov eax, dword ptr fs:[00000030h] |
0_2_03EB8526 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EB8526 mov eax, dword ptr fs:[00000030h] |
0_2_03EB8526 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EB8526 mov eax, dword ptr fs:[00000030h] |
0_2_03EB8526 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EB8526 mov eax, dword ptr fs:[00000030h] |
0_2_03EB8526 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EB8526 mov eax, dword ptr fs:[00000030h] |
0_2_03EB8526 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EB3535 mov eax, dword ptr fs:[00000030h] |
0_2_03EB3535 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03ED1515 mov eax, dword ptr fs:[00000030h] |
0_2_03ED1515 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EC5515 mov eax, dword ptr fs:[00000030h] |
0_2_03EC5515 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EF34E2 mov eax, dword ptr fs:[00000030h] |
0_2_03EF34E2 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EF44D5 mov eax, dword ptr fs:[00000030h] |
0_2_03EF44D5 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EF44D5 mov eax, dword ptr fs:[00000030h] |
0_2_03EF44D5 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EE14D5 mov eax, dword ptr fs:[00000030h] |
0_2_03EE14D5 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EF24A5 mov ecx, dword ptr fs:[00000030h] |
0_2_03EF24A5 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EE848E mov eax, dword ptr fs:[00000030h] |
0_2_03EE848E |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EEF48D mov eax, dword ptr fs:[00000030h] |
0_2_03EEF48D |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03ED8485 mov eax, dword ptr fs:[00000030h] |
0_2_03ED8485 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03ED8485 mov ecx, dword ptr fs:[00000030h] |
0_2_03ED8485 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EB7492 mov eax, dword ptr fs:[00000030h] |
0_2_03EB7492 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EB7492 mov ecx, dword ptr fs:[00000030h] |
0_2_03EB7492 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EB7492 mov eax, dword ptr fs:[00000030h] |
0_2_03EB7492 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EB7492 mov eax, dword ptr fs:[00000030h] |
0_2_03EB7492 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EB7492 mov eax, dword ptr fs:[00000030h] |
0_2_03EB7492 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EB7492 mov eax, dword ptr fs:[00000030h] |
0_2_03EB7492 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EB1465 mov eax, dword ptr fs:[00000030h] |
0_2_03EB1465 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EB1465 mov ecx, dword ptr fs:[00000030h] |
0_2_03EB1465 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EB1465 mov eax, dword ptr fs:[00000030h] |
0_2_03EB1465 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EBB455 mov eax, dword ptr fs:[00000030h] |
0_2_03EBB455 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EBB455 mov eax, dword ptr fs:[00000030h] |
0_2_03EBB455 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03ED3435 mov eax, dword ptr fs:[00000030h] |
0_2_03ED3435 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03ED3435 mov eax, dword ptr fs:[00000030h] |
0_2_03ED3435 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03ED3435 mov eax, dword ptr fs:[00000030h] |
0_2_03ED3435 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03ED3435 mov ecx, dword ptr fs:[00000030h] |
0_2_03ED3435 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EC8408 mov eax, dword ptr fs:[00000030h] |
0_2_03EC8408 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EC8408 mov eax, dword ptr fs:[00000030h] |
0_2_03EC8408 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03E99401 mov eax, dword ptr fs:[00000030h] |
0_2_03E99401 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03E99401 mov ecx, dword ptr fs:[00000030h] |
0_2_03E99401 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03ED7406 mov eax, dword ptr fs:[00000030h] |
0_2_03ED7406 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EB1BE5 mov eax, dword ptr fs:[00000030h] |
0_2_03EB1BE5 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EB1BE5 mov ecx, dword ptr fs:[00000030h] |
0_2_03EB1BE5 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EE1BF1 mov eax, dword ptr fs:[00000030h] |
0_2_03EE1BF1 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EC5BC5 mov eax, dword ptr fs:[00000030h] |
0_2_03EC5BC5 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03ED3BD5 mov eax, dword ptr fs:[00000030h] |
0_2_03ED3BD5 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03ED3BD5 mov eax, dword ptr fs:[00000030h] |
0_2_03ED3BD5 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EC1B65 mov eax, dword ptr fs:[00000030h] |
0_2_03EC1B65 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EC1B65 mov eax, dword ptr fs:[00000030h] |
0_2_03EC1B65 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EC1B65 mov eax, dword ptr fs:[00000030h] |
0_2_03EC1B65 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EEBB49 mov eax, dword ptr fs:[00000030h] |
0_2_03EEBB49 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EEEB43 mov eax, dword ptr fs:[00000030h] |
0_2_03EEEB43 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EC2B55 mov eax, dword ptr fs:[00000030h] |
0_2_03EC2B55 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EC2B55 mov ecx, dword ptr fs:[00000030h] |
0_2_03EC2B55 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EE6B2C mov eax, dword ptr fs:[00000030h] |
0_2_03EE6B2C |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EE6B2C mov ecx, dword ptr fs:[00000030h] |
0_2_03EE6B2C |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EF0B3C mov eax, dword ptr fs:[00000030h] |
0_2_03EF0B3C |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EDBB35 mov eax, dword ptr fs:[00000030h] |
0_2_03EDBB35 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EDBB35 mov eax, dword ptr fs:[00000030h] |
0_2_03EDBB35 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EF3AFF mov eax, dword ptr fs:[00000030h] |
0_2_03EF3AFF |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EC0AAC mov eax, dword ptr fs:[00000030h] |
0_2_03EC0AAC |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EC0AAC mov eax, dword ptr fs:[00000030h] |
0_2_03EC0AAC |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EC0AAC mov eax, dword ptr fs:[00000030h] |
0_2_03EC0AAC |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EF4AAB mov eax, dword ptr fs:[00000030h] |
0_2_03EF4AAB |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EF4AAB mov eax, dword ptr fs:[00000030h] |
0_2_03EF4AAB |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EF4AAB mov eax, dword ptr fs:[00000030h] |
0_2_03EF4AAB |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EF4AAB mov eax, dword ptr fs:[00000030h] |
0_2_03EF4AAB |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EF1A67 mov eax, dword ptr fs:[00000030h] |
0_2_03EF1A67 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03ED2A25 mov eax, dword ptr fs:[00000030h] |
0_2_03ED2A25 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03ED29E5 mov eax, dword ptr fs:[00000030h] |
0_2_03ED29E5 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EC49C5 mov eax, dword ptr fs:[00000030h] |
0_2_03EC49C5 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EC49C5 mov eax, dword ptr fs:[00000030h] |
0_2_03EC49C5 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EC49C5 mov eax, dword ptr fs:[00000030h] |
0_2_03EC49C5 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EC49C5 mov ecx, dword ptr fs:[00000030h] |
0_2_03EC49C5 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EC49C5 mov eax, dword ptr fs:[00000030h] |
0_2_03EC49C5 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EC49C5 mov eax, dword ptr fs:[00000030h] |
0_2_03EC49C5 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EC49C5 mov eax, dword ptr fs:[00000030h] |
0_2_03EC49C5 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EC49C5 mov eax, dword ptr fs:[00000030h] |
0_2_03EC49C5 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EC49C5 mov eax, dword ptr fs:[00000030h] |
0_2_03EC49C5 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EE09DD mov eax, dword ptr fs:[00000030h] |
0_2_03EE09DD |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EE09DD mov eax, dword ptr fs:[00000030h] |
0_2_03EE09DD |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EE09DD mov eax, dword ptr fs:[00000030h] |
0_2_03EE09DD |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EE09DD mov eax, dword ptr fs:[00000030h] |
0_2_03EE09DD |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EE09DD mov eax, dword ptr fs:[00000030h] |
0_2_03EE09DD |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EE09DD mov eax, dword ptr fs:[00000030h] |
0_2_03EE09DD |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EE09DD mov eax, dword ptr fs:[00000030h] |
0_2_03EE09DD |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EE09DD mov eax, dword ptr fs:[00000030h] |
0_2_03EE09DD |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EE09DD mov eax, dword ptr fs:[00000030h] |
0_2_03EE09DD |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EF098B mov eax, dword ptr fs:[00000030h] |
0_2_03EF098B |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EF098B mov eax, dword ptr fs:[00000030h] |
0_2_03EF098B |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EDD985 mov ecx, dword ptr fs:[00000030h] |
0_2_03EDD985 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EE799A mov eax, dword ptr fs:[00000030h] |
0_2_03EE799A |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EE799A mov eax, dword ptr fs:[00000030h] |
0_2_03EE799A |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EC0922 mov eax, dword ptr fs:[00000030h] |
0_2_03EC0922 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EC0922 mov eax, dword ptr fs:[00000030h] |
0_2_03EC0922 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EC0922 mov ecx, dword ptr fs:[00000030h] |
0_2_03EC0922 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EC1935 mov eax, dword ptr fs:[00000030h] |
0_2_03EC1935 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EC1935 mov eax, dword ptr fs:[00000030h] |
0_2_03EC1935 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EC1935 mov eax, dword ptr fs:[00000030h] |
0_2_03EC1935 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EC1935 mov eax, dword ptr fs:[00000030h] |
0_2_03EC1935 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03E91935 mov eax, dword ptr fs:[00000030h] |
0_2_03E91935 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03E91935 mov eax, dword ptr fs:[00000030h] |
0_2_03E91935 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03E91935 mov eax, dword ptr fs:[00000030h] |
0_2_03E91935 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03E91935 mov eax, dword ptr fs:[00000030h] |
0_2_03E91935 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03ED28E5 mov eax, dword ptr fs:[00000030h] |
0_2_03ED28E5 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EDD8F5 mov eax, dword ptr fs:[00000030h] |
0_2_03EDD8F5 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EF28C5 mov eax, dword ptr fs:[00000030h] |
0_2_03EF28C5 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EF28C5 mov ecx, dword ptr fs:[00000030h] |
0_2_03EF28C5 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EDD8B5 mov ecx, dword ptr fs:[00000030h] |
0_2_03EDD8B5 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EE18B5 mov eax, dword ptr fs:[00000030h] |
0_2_03EE18B5 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EA088F mov eax, dword ptr fs:[00000030h] |
0_2_03EA088F |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EC286A mov eax, dword ptr fs:[00000030h] |
0_2_03EC286A |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EEC866 mov eax, dword ptr fs:[00000030h] |
0_2_03EEC866 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03ED8855 mov eax, dword ptr fs:[00000030h] |
0_2_03ED8855 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03ED8855 mov ecx, dword ptr fs:[00000030h] |
0_2_03ED8855 |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EF482E mov eax, dword ptr fs:[00000030h] |
0_2_03EF482E |
| Source: C:\Users\user\Desktop\01vwXiyQ8K.exe |
Code function: 0_2_03EF482E mov eax, dword ptr fs:[00000030h] |
0_2_03EF482E |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E993F4 mov eax, dword ptr fs:[00000030h] |
6_2_03E993F4 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E693D0 mov eax, dword ptr fs:[00000030h] |
6_2_03E693D0 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E693D0 mov eax, dword ptr fs:[00000030h] |
6_2_03E693D0 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E693D0 mov eax, dword ptr fs:[00000030h] |
6_2_03E693D0 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E693D0 mov eax, dword ptr fs:[00000030h] |
6_2_03E693D0 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E6A3A7 mov eax, dword ptr fs:[00000030h] |
6_2_03E6A3A7 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E78360 mov eax, dword ptr fs:[00000030h] |
6_2_03E78360 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E78360 mov eax, dword ptr fs:[00000030h] |
6_2_03E78360 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E5D36F mov ecx, dword ptr fs:[00000030h] |
6_2_03E5D36F |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E5D36F mov eax, dword ptr fs:[00000030h] |
6_2_03E5D36F |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E8F373 mov eax, dword ptr fs:[00000030h] |
6_2_03E8F373 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E8F373 mov eax, dword ptr fs:[00000030h] |
6_2_03E8F373 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E7C342 mov eax, dword ptr fs:[00000030h] |
6_2_03E7C342 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E7C342 mov eax, dword ptr fs:[00000030h] |
6_2_03E7C342 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E7C342 mov eax, dword ptr fs:[00000030h] |
6_2_03E7C342 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E98308 mov eax, dword ptr fs:[00000030h] |
6_2_03E98308 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E98308 mov eax, dword ptr fs:[00000030h] |
6_2_03E98308 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E452E7 mov eax, dword ptr fs:[00000030h] |
6_2_03E452E7 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E452E7 mov eax, dword ptr fs:[00000030h] |
6_2_03E452E7 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E952F9 mov eax, dword ptr fs:[00000030h] |
6_2_03E952F9 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E842F9 mov eax, dword ptr fs:[00000030h] |
6_2_03E842F9 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E842F9 mov eax, dword ptr fs:[00000030h] |
6_2_03E842F9 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E842F9 mov eax, dword ptr fs:[00000030h] |
6_2_03E842F9 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E842F9 mov eax, dword ptr fs:[00000030h] |
6_2_03E842F9 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E842F9 mov ecx, dword ptr fs:[00000030h] |
6_2_03E842F9 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E5B2F0 mov eax, dword ptr fs:[00000030h] |
6_2_03E5B2F0 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E812F1 mov eax, dword ptr fs:[00000030h] |
6_2_03E812F1 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E812F1 mov ecx, dword ptr fs:[00000030h] |
6_2_03E812F1 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E862CC mov eax, dword ptr fs:[00000030h] |
6_2_03E862CC |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E562C0 mov eax, dword ptr fs:[00000030h] |
6_2_03E562C0 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E562C0 mov ecx, dword ptr fs:[00000030h] |
6_2_03E562C0 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E6A2A0 mov eax, dword ptr fs:[00000030h] |
6_2_03E6A2A0 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E782B0 mov eax, dword ptr fs:[00000030h] |
6_2_03E782B0 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E782B0 mov eax, dword ptr fs:[00000030h] |
6_2_03E782B0 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E66240 mov eax, dword ptr fs:[00000030h] |
6_2_03E66240 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E66240 mov eax, dword ptr fs:[00000030h] |
6_2_03E66240 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E66240 mov eax, dword ptr fs:[00000030h] |
6_2_03E66240 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E90224 mov eax, dword ptr fs:[00000030h] |
6_2_03E90224 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E67230 mov eax, dword ptr fs:[00000030h] |
6_2_03E67230 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E67230 mov ecx, dword ptr fs:[00000030h] |
6_2_03E67230 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E8B207 mov eax, dword ptr fs:[00000030h] |
6_2_03E8B207 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E8B207 mov ecx, dword ptr fs:[00000030h] |
6_2_03E8B207 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E9321E mov eax, dword ptr fs:[00000030h] |
6_2_03E9321E |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E80210 mov eax, dword ptr fs:[00000030h] |
6_2_03E80210 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E80210 mov eax, dword ptr fs:[00000030h] |
6_2_03E80210 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E95217 mov eax, dword ptr fs:[00000030h] |
6_2_03E95217 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E981DA mov eax, dword ptr fs:[00000030h] |
6_2_03E981DA |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E65187 mov eax, dword ptr fs:[00000030h] |
6_2_03E65187 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E65187 mov eax, dword ptr fs:[00000030h] |
6_2_03E65187 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E65187 mov eax, dword ptr fs:[00000030h] |
6_2_03E65187 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E99186 mov eax, dword ptr fs:[00000030h] |
6_2_03E99186 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E99186 mov eax, dword ptr fs:[00000030h] |
6_2_03E99186 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E99186 mov eax, dword ptr fs:[00000030h] |
6_2_03E99186 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E99186 mov eax, dword ptr fs:[00000030h] |
6_2_03E99186 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E96142 mov eax, dword ptr fs:[00000030h] |
6_2_03E96142 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E77100 mov eax, dword ptr fs:[00000030h] |
6_2_03E77100 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E770C0 mov eax, dword ptr fs:[00000030h] |
6_2_03E770C0 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E690A0 mov eax, dword ptr fs:[00000030h] |
6_2_03E690A0 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E690A0 mov eax, dword ptr fs:[00000030h] |
6_2_03E690A0 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E690A0 mov eax, dword ptr fs:[00000030h] |
6_2_03E690A0 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E690A0 mov ecx, dword ptr fs:[00000030h] |
6_2_03E690A0 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E690A0 mov eax, dword ptr fs:[00000030h] |
6_2_03E690A0 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E690A0 mov eax, dword ptr fs:[00000030h] |
6_2_03E690A0 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E690A0 mov eax, dword ptr fs:[00000030h] |
6_2_03E690A0 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E690A0 mov eax, dword ptr fs:[00000030h] |
6_2_03E690A0 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E690A0 mov eax, dword ptr fs:[00000030h] |
6_2_03E690A0 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E850B8 mov eax, dword ptr fs:[00000030h] |
6_2_03E850B8 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E850B8 mov eax, dword ptr fs:[00000030h] |
6_2_03E850B8 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E850B8 mov eax, dword ptr fs:[00000030h] |
6_2_03E850B8 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E850B8 mov eax, dword ptr fs:[00000030h] |
6_2_03E850B8 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E850B8 mov eax, dword ptr fs:[00000030h] |
6_2_03E850B8 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E850B8 mov eax, dword ptr fs:[00000030h] |
6_2_03E850B8 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E850B8 mov eax, dword ptr fs:[00000030h] |
6_2_03E850B8 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E850B8 mov eax, dword ptr fs:[00000030h] |
6_2_03E850B8 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E850B8 mov eax, dword ptr fs:[00000030h] |
6_2_03E850B8 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E82060 mov ecx, dword ptr fs:[00000030h] |
6_2_03E82060 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E95066 mov eax, dword ptr fs:[00000030h] |
6_2_03E95066 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E95066 mov eax, dword ptr fs:[00000030h] |
6_2_03E95066 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E8C075 mov eax, dword ptr fs:[00000030h] |
6_2_03E8C075 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E8C075 mov eax, dword ptr fs:[00000030h] |
6_2_03E8C075 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E36010 mov eax, dword ptr fs:[00000030h] |
6_2_03E36010 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E36010 mov eax, dword ptr fs:[00000030h] |
6_2_03E36010 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E36010 mov eax, dword ptr fs:[00000030h] |
6_2_03E36010 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E36010 mov eax, dword ptr fs:[00000030h] |
6_2_03E36010 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E66010 mov eax, dword ptr fs:[00000030h] |
6_2_03E66010 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E66010 mov eax, dword ptr fs:[00000030h] |
6_2_03E66010 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E66010 mov eax, dword ptr fs:[00000030h] |
6_2_03E66010 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E66010 mov eax, dword ptr fs:[00000030h] |
6_2_03E66010 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E8F7C4 mov eax, dword ptr fs:[00000030h] |
6_2_03E8F7C4 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E8F7C4 mov eax, dword ptr fs:[00000030h] |
6_2_03E8F7C4 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E387D7 mov eax, dword ptr fs:[00000030h] |
6_2_03E387D7 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E797DB mov eax, dword ptr fs:[00000030h] |
6_2_03E797DB |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E787B0 mov eax, dword ptr fs:[00000030h] |
6_2_03E787B0 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E8F780 mov eax, dword ptr fs:[00000030h] |
6_2_03E8F780 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E7C76C mov eax, dword ptr fs:[00000030h] |
6_2_03E7C76C |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E7C76C mov eax, dword ptr fs:[00000030h] |
6_2_03E7C76C |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E9771F mov eax, dword ptr fs:[00000030h] |
6_2_03E9771F |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E9771F mov ecx, dword ptr fs:[00000030h] |
6_2_03E9771F |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E83710 mov eax, dword ptr fs:[00000030h] |
6_2_03E83710 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E83710 mov ecx, dword ptr fs:[00000030h] |
6_2_03E83710 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E956E2 mov eax, dword ptr fs:[00000030h] |
6_2_03E956E2 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E956E2 mov eax, dword ptr fs:[00000030h] |
6_2_03E956E2 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E636F3 mov ecx, dword ptr fs:[00000030h] |
6_2_03E636F3 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E636F3 mov eax, dword ptr fs:[00000030h] |
6_2_03E636F3 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E7D6D0 mov eax, dword ptr fs:[00000030h] |
6_2_03E7D6D0 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E7D6D0 mov eax, dword ptr fs:[00000030h] |
6_2_03E7D6D0 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E776DE mov eax, dword ptr fs:[00000030h] |
6_2_03E776DE |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E776DE mov eax, dword ptr fs:[00000030h] |
6_2_03E776DE |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E646A0 mov eax, dword ptr fs:[00000030h] |
6_2_03E646A0 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E646A0 mov eax, dword ptr fs:[00000030h] |
6_2_03E646A0 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E646A0 mov eax, dword ptr fs:[00000030h] |
6_2_03E646A0 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E646A0 mov eax, dword ptr fs:[00000030h] |
6_2_03E646A0 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E786B0 mov eax, dword ptr fs:[00000030h] |
6_2_03E786B0 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E786B0 mov eax, dword ptr fs:[00000030h] |
6_2_03E786B0 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E35657 mov eax, dword ptr fs:[00000030h] |
6_2_03E35657 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E35657 mov ecx, dword ptr fs:[00000030h] |
6_2_03E35657 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E78650 mov eax, dword ptr fs:[00000030h] |
6_2_03E78650 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E69610 mov eax, dword ptr fs:[00000030h] |
6_2_03E69610 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E69610 mov eax, dword ptr fs:[00000030h] |
6_2_03E69610 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E69610 mov ecx, dword ptr fs:[00000030h] |
6_2_03E69610 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E69610 mov eax, dword ptr fs:[00000030h] |
6_2_03E69610 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E69610 mov eax, dword ptr fs:[00000030h] |
6_2_03E69610 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E69610 mov eax, dword ptr fs:[00000030h] |
6_2_03E69610 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E69610 mov eax, dword ptr fs:[00000030h] |
6_2_03E69610 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E775F0 mov eax, dword ptr fs:[00000030h] |
6_2_03E775F0 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E775F0 mov eax, dword ptr fs:[00000030h] |
6_2_03E775F0 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E9958E mov eax, dword ptr fs:[00000030h] |
6_2_03E9958E |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E9958E mov eax, dword ptr fs:[00000030h] |
6_2_03E9958E |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E9958E mov eax, dword ptr fs:[00000030h] |
6_2_03E9958E |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E4558C mov eax, dword ptr fs:[00000030h] |
6_2_03E4558C |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E4558C mov eax, dword ptr fs:[00000030h] |
6_2_03E4558C |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E77590 mov eax, dword ptr fs:[00000030h] |
6_2_03E77590 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E6451E mov eax, dword ptr fs:[00000030h] |
6_2_03E6451E |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E6451E mov eax, dword ptr fs:[00000030h] |
6_2_03E6451E |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E994C1 mov eax, dword ptr fs:[00000030h] |
6_2_03E994C1 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E814C0 mov eax, dword ptr fs:[00000030h] |
6_2_03E814C0 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E814C0 mov ecx, dword ptr fs:[00000030h] |
6_2_03E814C0 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E674B0 mov eax, dword ptr fs:[00000030h] |
6_2_03E674B0 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E674B0 mov ecx, dword ptr fs:[00000030h] |
6_2_03E674B0 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E9548A mov eax, dword ptr fs:[00000030h] |
6_2_03E9548A |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E9548A mov eax, dword ptr fs:[00000030h] |
6_2_03E9548A |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E98491 mov eax, dword ptr fs:[00000030h] |
6_2_03E98491 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E98491 mov eax, dword ptr fs:[00000030h] |
6_2_03E98491 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E7D444 mov eax, dword ptr fs:[00000030h] |
6_2_03E7D444 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E3A448 mov eax, dword ptr fs:[00000030h] |
6_2_03E3A448 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E8C45E mov eax, dword ptr fs:[00000030h] |
6_2_03E8C45E |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E8C45E mov eax, dword ptr fs:[00000030h] |
6_2_03E8C45E |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E8C45E mov eax, dword ptr fs:[00000030h] |
6_2_03E8C45E |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E8C45E mov ecx, dword ptr fs:[00000030h] |
6_2_03E8C45E |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E8C45E mov eax, dword ptr fs:[00000030h] |
6_2_03E8C45E |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E8C45E mov ecx, dword ptr fs:[00000030h] |
6_2_03E8C45E |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E8F452 mov eax, dword ptr fs:[00000030h] |
6_2_03E8F452 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E8F452 mov eax, dword ptr fs:[00000030h] |
6_2_03E8F452 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E7B42C mov ecx, dword ptr fs:[00000030h] |
6_2_03E7B42C |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E90416 mov eax, dword ptr fs:[00000030h] |
6_2_03E90416 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E90416 mov eax, dword ptr fs:[00000030h] |
6_2_03E90416 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E90416 mov eax, dword ptr fs:[00000030h] |
6_2_03E90416 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E69BF0 mov eax, dword ptr fs:[00000030h] |
6_2_03E69BF0 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E75BF0 mov eax, dword ptr fs:[00000030h] |
6_2_03E75BF0 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E97BBD mov eax, dword ptr fs:[00000030h] |
6_2_03E97BBD |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E85BB0 mov eax, dword ptr fs:[00000030h] |
6_2_03E85BB0 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E98BB0 mov eax, dword ptr fs:[00000030h] |
6_2_03E98BB0 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E98BB0 mov eax, dword ptr fs:[00000030h] |
6_2_03E98BB0 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E96B80 mov ecx, dword ptr fs:[00000030h] |
6_2_03E96B80 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E8CB69 mov eax, dword ptr fs:[00000030h] |
6_2_03E8CB69 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E93B68 mov eax, dword ptr fs:[00000030h] |
6_2_03E93B68 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E7CB60 mov eax, dword ptr fs:[00000030h] |
6_2_03E7CB60 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E7CB60 mov ecx, dword ptr fs:[00000030h] |
6_2_03E7CB60 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E5BB6D mov eax, dword ptr fs:[00000030h] |
6_2_03E5BB6D |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E5BB6D mov ecx, dword ptr fs:[00000030h] |
6_2_03E5BB6D |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E5BB6D mov eax, dword ptr fs:[00000030h] |
6_2_03E5BB6D |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E5BB6D mov eax, dword ptr fs:[00000030h] |
6_2_03E5BB6D |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E5BB6D mov eax, dword ptr fs:[00000030h] |
6_2_03E5BB6D |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E5BB6D mov eax, dword ptr fs:[00000030h] |
6_2_03E5BB6D |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E55B40 mov eax, dword ptr fs:[00000030h] |
6_2_03E55B40 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E55B40 mov ecx, dword ptr fs:[00000030h] |
6_2_03E55B40 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E55B40 mov eax, dword ptr fs:[00000030h] |
6_2_03E55B40 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E5FB30 mov eax, dword ptr fs:[00000030h] |
6_2_03E5FB30 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E5FB30 mov eax, dword ptr fs:[00000030h] |
6_2_03E5FB30 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E77B10 mov eax, dword ptr fs:[00000030h] |
6_2_03E77B10 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E77B10 mov eax, dword ptr fs:[00000030h] |
6_2_03E77B10 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E77B10 mov eax, dword ptr fs:[00000030h] |
6_2_03E77B10 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E77B10 mov ecx, dword ptr fs:[00000030h] |
6_2_03E77B10 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E6CAE3 mov eax, dword ptr fs:[00000030h] |
6_2_03E6CAE3 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E6CAE3 mov eax, dword ptr fs:[00000030h] |
6_2_03E6CAE3 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E7BAE1 mov eax, dword ptr fs:[00000030h] |
6_2_03E7BAE1 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E3DADC mov eax, dword ptr fs:[00000030h] |
6_2_03E3DADC |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E3DADC mov ecx, dword ptr fs:[00000030h] |
6_2_03E3DADC |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E39AA1 mov eax, dword ptr fs:[00000030h] |
6_2_03E39AA1 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E39AA1 mov eax, dword ptr fs:[00000030h] |
6_2_03E39AA1 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E39AA1 mov eax, dword ptr fs:[00000030h] |
6_2_03E39AA1 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E56AA0 mov eax, dword ptr fs:[00000030h] |
6_2_03E56AA0 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E56AA0 mov eax, dword ptr fs:[00000030h] |
6_2_03E56AA0 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E56AA0 mov eax, dword ptr fs:[00000030h] |
6_2_03E56AA0 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E8EA8B mov eax, dword ptr fs:[00000030h] |
6_2_03E8EA8B |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E44A80 mov ecx, dword ptr fs:[00000030h] |
6_2_03E44A80 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E77A64 mov eax, dword ptr fs:[00000030h] |
6_2_03E77A64 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E77A64 mov ecx, dword ptr fs:[00000030h] |
6_2_03E77A64 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E80A64 mov eax, dword ptr fs:[00000030h] |
6_2_03E80A64 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E80A64 mov eax, dword ptr fs:[00000030h] |
6_2_03E80A64 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E80A64 mov eax, dword ptr fs:[00000030h] |
6_2_03E80A64 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E80A64 mov eax, dword ptr fs:[00000030h] |
6_2_03E80A64 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E80A64 mov eax, dword ptr fs:[00000030h] |
6_2_03E80A64 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E80A64 mov eax, dword ptr fs:[00000030h] |
6_2_03E80A64 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E80A64 mov ecx, dword ptr fs:[00000030h] |
6_2_03E80A64 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E80A64 mov eax, dword ptr fs:[00000030h] |
6_2_03E80A64 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E69A7C mov eax, dword ptr fs:[00000030h] |
6_2_03E69A7C |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E69A7C mov eax, dword ptr fs:[00000030h] |
6_2_03E69A7C |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E5BA4E mov eax, dword ptr fs:[00000030h] |
6_2_03E5BA4E |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E7BA56 mov eax, dword ptr fs:[00000030h] |
6_2_03E7BA56 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E7BA56 mov eax, dword ptr fs:[00000030h] |
6_2_03E7BA56 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E7BA56 mov eax, dword ptr fs:[00000030h] |
6_2_03E7BA56 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E64A5D mov eax, dword ptr fs:[00000030h] |
6_2_03E64A5D |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E64A5D mov eax, dword ptr fs:[00000030h] |
6_2_03E64A5D |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E64A5D mov ecx, dword ptr fs:[00000030h] |
6_2_03E64A5D |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E5FA3D mov eax, dword ptr fs:[00000030h] |
6_2_03E5FA3D |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E85A30 mov eax, dword ptr fs:[00000030h] |
6_2_03E85A30 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E64A17 mov eax, dword ptr fs:[00000030h] |
6_2_03E64A17 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E64A17 mov eax, dword ptr fs:[00000030h] |
6_2_03E64A17 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E8CA1A mov eax, dword ptr fs:[00000030h] |
6_2_03E8CA1A |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E7CA10 mov eax, dword ptr fs:[00000030h] |
6_2_03E7CA10 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E7CA10 mov ecx, dword ptr fs:[00000030h] |
6_2_03E7CA10 |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E939FF mov eax, dword ptr fs:[00000030h] |
6_2_03E939FF |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E819DA mov eax, dword ptr fs:[00000030h] |
6_2_03E819DA |
| Source: C:\Users\user\AppData\Roaming\COM Surrogates\COM Services.exe |
Code function: 6_2_03E819DA mov eax, dword ptr fs:[00000030h] |
6_2_03E819DA |
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet