Source: sj-pulse-ui.exe |
Static PE information: certificate valid |
Source: sj-pulse-ui.exe |
Static PE information: HIGH_ENTROPY_VA, DYNAMIC_BASE, NX_COMPAT, TERMINAL_SERVER_AWARE |
Source: |
Binary string: C:\GitLab-Runner\builds\ywNX1RjN\1\behavior\chuck-norrisk\sj-pulse-desktop\cmakebuild\Release\bin\sj-pulse-ui.pdb source: sj-pulse-ui.exe |
Source: C:\Users\user\Desktop\sj-pulse-ui.exe |
Code function: 0_2_00007FF7DFDFF588 GetFileAttributesExW,GetLastError,FindFirstFileW,GetLastError,FindClose,__std_fs_open_handle,CloseHandle,GetFileInformationByHandleEx,GetLastError,CloseHandle,abort,GetFileInformationByHandleEx,GetLastError,CloseHandle,abort,GetFileInformationByHandleEx,GetLastError,CloseHandle,abort,CloseHandle,CloseHandle,abort, |
0_2_00007FF7DFDFF588 |
Source: C:\Users\user\Desktop\sj-pulse-ui.exe |
Code function: 0_2_00007FF7DFDFF514 FindClose,abort,FindFirstFileExW,GetLastError, |
0_2_00007FF7DFDFF514 |
Source: sj-pulse-ui.exe |
String found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0E |
Source: sj-pulse-ui.exe |
String found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crt0 |
Source: sj-pulse-ui.exe |
String found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crt0 |
Source: sj-pulse-ui.exe |
String found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedRootG4.crt0C |
Source: sj-pulse-ui.exe |
String found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0 |
Source: sj-pulse-ui.exe |
String found in binary or memory: http://crl3.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crl0S |
Source: sj-pulse-ui.exe |
String found in binary or memory: http://crl3.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crl0 |
Source: sj-pulse-ui.exe |
String found in binary or memory: http://crl3.digicert.com/DigiCertTrustedRootG4.crl0 |
Source: sj-pulse-ui.exe |
String found in binary or memory: http://crl4.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crl0 |
Source: sj-pulse-ui.exe |
String found in binary or memory: http://iptc.org/std/Iptc4xmpExt/2008-02-29/ |
Source: sj-pulse-ui.exe |
String found in binary or memory: http://ns.useplus.org/ldf/xmp/1.0/ |
Source: sj-pulse-ui.exe |
String found in binary or memory: http://ocsp.digicert.com0 |
Source: sj-pulse-ui.exe |
String found in binary or memory: http://ocsp.digicert.com0A |
Source: sj-pulse-ui.exe |
String found in binary or memory: http://ocsp.digicert.com0C |
Source: sj-pulse-ui.exe |
String found in binary or memory: http://ocsp.digicert.com0X |
Source: sj-pulse-ui.exe |
String found in binary or memory: http://pixelspread.comThis |
Source: sj-pulse-ui.exe |
String found in binary or memory: http://scripts.sil.org/OFLhttp://sc |
Source: sj-pulse-ui.exe |
String found in binary or memory: http://scripts.sil.org/OFLhttp://scripts.sil.org/OFLOpen |
Source: sj-pulse-ui.exe |
String found in binary or memory: http://scripts.sil.org/OFLhttp://scripts.sil.org/OFLRalewayThinRalewayRomanWeightExtraLight |
Source: sj-pulse-ui.exe |
String found in binary or memory: http://scripts.sil.org/OFLhttp://scripts.sil.org/OFLRalewayThinRalewayRomanWeightExtraLightLightMedi |
Source: sj-pulse-ui.exe |
String found in binary or memory: http://theleagueofmoveabletype.comhttp://pixelspread.comThis |
Source: sj-pulse-ui.exe |
String found in binary or memory: http://www.digicert.com/CPS0 |
Source: sj-pulse-ui.exe |
String found in binary or memory: http://www.gimp.org/xmp/ |
Source: sj-pulse-ui.exe |
String found in binary or memory: https://github.com/rsms/inter)InterRegular3.019;RSMS;Inter-RegularInter |
Source: sj-pulse-ui.exe |
String found in binary or memory: https://rsms.me/This |
Source: C:\Users\user\Desktop\sj-pulse-ui.exe |
Code function: 0_2_00007FF7DFD920E0 |
0_2_00007FF7DFD920E0 |
Source: C:\Users\user\Desktop\sj-pulse-ui.exe |
Code function: 0_2_00007FF7DFD6F0C0 |
0_2_00007FF7DFD6F0C0 |
Source: C:\Users\user\Desktop\sj-pulse-ui.exe |
Code function: 0_2_00007FF7DFD83070 |
0_2_00007FF7DFD83070 |
Source: C:\Users\user\Desktop\sj-pulse-ui.exe |
Code function: 0_2_00007FF7DFD78070 |
0_2_00007FF7DFD78070 |
Source: C:\Users\user\Desktop\sj-pulse-ui.exe |
Code function: 0_2_00007FF7DFD75040 |
0_2_00007FF7DFD75040 |
Source: C:\Users\user\Desktop\sj-pulse-ui.exe |
Code function: 0_2_00007FF7DFD5EFA0 |
0_2_00007FF7DFD5EFA0 |
Source: C:\Users\user\Desktop\sj-pulse-ui.exe |
Code function: 0_2_00007FF7DFD9DE83 |
0_2_00007FF7DFD9DE83 |
Source: C:\Users\user\Desktop\sj-pulse-ui.exe |
Code function: 0_2_00007FF7DFD94E90 |
0_2_00007FF7DFD94E90 |
Source: C:\Users\user\Desktop\sj-pulse-ui.exe |
Code function: 0_2_00007FF7DFD4AE90 |
0_2_00007FF7DFD4AE90 |
Source: C:\Users\user\Desktop\sj-pulse-ui.exe |
Code function: 0_2_00007FF7DFDBDDA0 |
0_2_00007FF7DFDBDDA0 |
Source: C:\Users\user\Desktop\sj-pulse-ui.exe |
Code function: 0_2_00007FF7DFD99D90 |
0_2_00007FF7DFD99D90 |
Source: C:\Users\user\Desktop\sj-pulse-ui.exe |
Code function: 0_2_00007FF7DFD5ECE0 |
0_2_00007FF7DFD5ECE0 |
Source: C:\Users\user\Desktop\sj-pulse-ui.exe |
Code function: 0_2_00007FF7DFD7DCE0 |
0_2_00007FF7DFD7DCE0 |
Source: C:\Users\user\Desktop\sj-pulse-ui.exe |
Code function: 0_2_00007FF7DFD4BCF0 |
0_2_00007FF7DFD4BCF0 |
Source: C:\Users\user\Desktop\sj-pulse-ui.exe |
Code function: 0_2_00007FF7DFD91CB0 |
0_2_00007FF7DFD91CB0 |
Source: C:\Users\user\Desktop\sj-pulse-ui.exe |
Code function: 0_2_00007FF7DFD5DB50 |
0_2_00007FF7DFD5DB50 |
Source: C:\Users\user\Desktop\sj-pulse-ui.exe |
Code function: 0_2_00007FF7DFD979C0 |
0_2_00007FF7DFD979C0 |
Source: C:\Users\user\Desktop\sj-pulse-ui.exe |
Code function: 0_2_00007FF7DFDD69D0 |
0_2_00007FF7DFDD69D0 |
Source: C:\Users\user\Desktop\sj-pulse-ui.exe |
Code function: 0_2_00007FF7DFD4B9D0 |
0_2_00007FF7DFD4B9D0 |
Source: C:\Users\user\Desktop\sj-pulse-ui.exe |
Code function: 0_2_00007FF7DFD86860 |
0_2_00007FF7DFD86860 |
Source: C:\Users\user\Desktop\sj-pulse-ui.exe |
Code function: 0_2_00007FF7DFD587E0 |
0_2_00007FF7DFD587E0 |
Source: C:\Users\user\Desktop\sj-pulse-ui.exe |
Code function: 0_2_00007FF7DFD6F790 |
0_2_00007FF7DFD6F790 |
Source: C:\Users\user\Desktop\sj-pulse-ui.exe |
Code function: 0_2_00007FF7DFD41740 |
0_2_00007FF7DFD41740 |
Source: C:\Users\user\Desktop\sj-pulse-ui.exe |
Code function: 0_2_00007FF7DFDC6730 |
0_2_00007FF7DFDC6730 |
Source: C:\Users\user\Desktop\sj-pulse-ui.exe |
Code function: 0_2_00007FF7DFD63730 |
0_2_00007FF7DFD63730 |
Source: C:\Users\user\Desktop\sj-pulse-ui.exe |
Code function: 0_2_00007FF7DFD73710 |
0_2_00007FF7DFD73710 |
Source: C:\Users\user\Desktop\sj-pulse-ui.exe |
Code function: 0_2_00007FF7DFD91630 |
0_2_00007FF7DFD91630 |
Source: C:\Users\user\Desktop\sj-pulse-ui.exe |
Code function: 0_2_00007FF7DFDD6630 |
0_2_00007FF7DFDD6630 |
Source: C:\Users\user\Desktop\sj-pulse-ui.exe |
Code function: 0_2_00007FF7DFD6F600 |
0_2_00007FF7DFD6F600 |
Source: C:\Users\user\Desktop\sj-pulse-ui.exe |
Code function: 0_2_00007FF7DFD925C0 |
0_2_00007FF7DFD925C0 |
Source: C:\Users\user\Desktop\sj-pulse-ui.exe |
Code function: 0_2_00007FF7DFD835A0 |
0_2_00007FF7DFD835A0 |
Source: C:\Users\user\Desktop\sj-pulse-ui.exe |
Code function: 0_2_00007FF7DFDFF588 |
0_2_00007FF7DFDFF588 |
Source: C:\Users\user\Desktop\sj-pulse-ui.exe |
Code function: 0_2_00007FF7DFDA5530 |
0_2_00007FF7DFDA5530 |
Source: C:\Users\user\Desktop\sj-pulse-ui.exe |
Code function: 0_2_00007FF7DFD8F530 |
0_2_00007FF7DFD8F530 |
Source: C:\Users\user\Desktop\sj-pulse-ui.exe |
Code function: 0_2_00007FF7DFD4C4F0 |
0_2_00007FF7DFD4C4F0 |
Source: C:\Users\user\Desktop\sj-pulse-ui.exe |
Code function: 0_2_00007FF7DFD744F0 |
0_2_00007FF7DFD744F0 |
Source: C:\Users\user\Desktop\sj-pulse-ui.exe |
Code function: 0_2_00007FF7DFDCE460 |
0_2_00007FF7DFDCE460 |
Source: C:\Users\user\Desktop\sj-pulse-ui.exe |
Code function: 0_2_00007FF7DFDB6450 |
0_2_00007FF7DFDB6450 |
Source: C:\Users\user\Desktop\sj-pulse-ui.exe |
Code function: 0_2_00007FF7DFD4A450 |
0_2_00007FF7DFD4A450 |
Source: C:\Users\user\Desktop\sj-pulse-ui.exe |
Code function: 0_2_00007FF7DFD78450 |
0_2_00007FF7DFD78450 |
Source: C:\Users\user\Desktop\sj-pulse-ui.exe |
Code function: 0_2_00007FF7DFD6F450 |
0_2_00007FF7DFD6F450 |
Source: C:\Users\user\Desktop\sj-pulse-ui.exe |
Code function: 0_2_00007FF7DFD7B400 |
0_2_00007FF7DFD7B400 |
Source: C:\Users\user\Desktop\sj-pulse-ui.exe |
Code function: 0_2_00007FF7DFD553E0 |
0_2_00007FF7DFD553E0 |
Source: C:\Users\user\Desktop\sj-pulse-ui.exe |
Code function: 0_2_00007FF7DFD90320 |
0_2_00007FF7DFD90320 |
Source: C:\Users\user\Desktop\sj-pulse-ui.exe |
Code function: 0_2_00007FF7DFD43220 |
0_2_00007FF7DFD43220 |
Source: C:\Users\user\Desktop\sj-pulse-ui.exe |
Code function: 0_2_00007FF7DFDC21D0 |
0_2_00007FF7DFDC21D0 |
Source: C:\Users\user\Desktop\sj-pulse-ui.exe |
Code function: 0_2_00007FF7DFD801D0 |
0_2_00007FF7DFD801D0 |
Source: C:\Users\user\Desktop\sj-pulse-ui.exe |
Code function: 0_2_00007FF7DFD6C1D0 |
0_2_00007FF7DFD6C1D0 |
Source: C:\Users\user\Desktop\sj-pulse-ui.exe |
Code function: 0_2_00007FF7DFD671A0 |
0_2_00007FF7DFD671A0 |
Source: C:\Users\user\Desktop\sj-pulse-ui.exe |
Code function: 0_2_00007FF7DFD87166 |
0_2_00007FF7DFD87166 |
Source: C:\Users\user\Desktop\sj-pulse-ui.exe |
Code function: 0_2_00007FF7DFD4D140 |
0_2_00007FF7DFD4D140 |
Source: C:\Users\user\Desktop\sj-pulse-ui.exe |
Code function: String function: 00007FF7DFD44990 appears 91 times |
|
Source: sj-pulse-ui.exe |
Binary or memory string: OriginalFilename vs sj-pulse-ui.exe |
Source: classification engine |
Classification label: clean3.winEXE@1/0@0/0 |
Source: C:\Users\user\Desktop\sj-pulse-ui.exe |
Code function: 0_2_00007FF7DFDCE460 CoInitializeEx,CoInitializeSecurity,CoCreateInstance,#2,#6,CoSetProxyBlanket,#6,#6,#8,#2,#8,#12,#2,#9,#6,#9,#2,#8,#12,#2,#9,#6,#9,#9,_invalid_parameter_noinfo_noreturn,_invalid_parameter_noinfo_noreturn,CoUninitialize, |
0_2_00007FF7DFDCE460 |
Source: sj-pulse-ui.exe |
Static PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ |
Source: C:\Users\user\Desktop\sj-pulse-ui.exe |
Key opened: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers |
Jump to behavior |
Source: sj-pulse-ui.exe |
String found in binary or memory: Accept-Additions |
Source: sj-pulse-ui.exe |
String found in binary or memory: C:\DISQO-Dev\vcpkg\installed\x64-windows\include\boost/asio/ip/impl/address_v6.ipp |
Source: sj-pulse-ui.exe |
String found in binary or memory: C:\DISQO-Dev\vcpkg\installed\x64-windows\include\boost/asio/ip/impl/address_v4.ipp |
Source: sj-pulse-ui.exe |
String found in binary or memory: Originator-Return-Address |
Source: sj-pulse-ui.exe |
String found in binary or memory: MMHS-Exempted-Address |
Source: sj-pulse-ui.exe |
String found in binary or memory: List-Help |
Source: sj-pulse-ui.exe |
String found in binary or memory: C:\DISQO-Dev\vcpkg\installed\x64-windows\include\boost/asio/ip/impl/address_v4.ipp |
Source: sj-pulse-ui.exe |
String found in binary or memory: C:\DISQO-Dev\vcpkg\installed\x64-windows\include\boost/asio/detail/reactive_socket_send_op.hpp255.255.255.255to_stringC:\DISQO-Dev\vcpkg\installed\x64-windows\include\boost/asio/ip/impl/address_v4.ipp |
Source: sj-pulse-ui.exe |
String found in binary or memory: C:\DISQO-Dev\vcpkg\installed\x64-windows\include\boost/asio/ip/impl/address_v6.ipp |
Source: sj-pulse-ui.exe |
String found in binary or memory: bad address castC:\DISQO-Dev\vcpkg\installed\x64-windows\include\boost/asio/ip/impl/address_v6.ipp`c |
Source: sj-pulse-ui.exe |
String found in binary or memory: Accept-Additions |
Source: sj-pulse-ui.exe |
String found in binary or memory: List-Help |
Source: sj-pulse-ui.exe |
String found in binary or memory: MMHS-Exempted-Address |
Source: sj-pulse-ui.exe |
String found in binary or memory: Originator-Return-Address |
Source: sj-pulse-ui.exe |
String found in binary or memory: <unknown-field>A-IMAcceptAccept-AdditionsAccept-CharsetAccept-DatetimeAccept-EncodingAccept-FeaturesAccept-LanguageAccept-PatchAccept-PostAccept-RangesAccess-ControlAccess-Control-Allow-CredentialsAccess-Control-Allow-HeadersAccess-Control-Allow-MethodsAccess-Control-Allow-OriginAccess-Control-Expose-HeadersAccess-Control-Max-AgeAccess-Control-Request-HeadersAccess-Control-Request-MethodAgeAllowALPNAlso-ControlAlt-SvcAlt-UsedAlternate-RecipientAlternatesApparently-ToApply-To-Redirect-RefApprovedArchiveArchived-AtArticle-NamesArticle-UpdatesAuthentication-ControlAuthentication-InfoAuthentication-ResultsAuthorizationAuto-SubmittedAutoforwardedAutosubmittedBaseBccBodyC-ExtC-ManC-OptC-PEPC-PEP-InfoCache-ControlCalDAV-TimezonesCancel-KeyCancel-LockCcCloseCommentsComplianceConnectionContent-AlternativeContent-BaseContent-DescriptionContent-DispositionContent-DurationContent-EncodingContent-featuresContent-IDContent-IdentifierContent-LanguageContent-LengthContent-LocationContent-MD5Content-RangeContent-ReturnContent-Script-TypeContent-Style-TypeContent-Transfer-EncodingContent-TypeContent-VersionControlConversionConversion-With-LossCookieCookie2CostDASLDateDate-ReceivedDAVDefault-StyleDeferred-DeliveryDelivery-DateDelta-BaseDepthDerived-FromDestinationDifferential-IDDigestDiscarded-X400-IPMS-ExtensionsDiscarded-X400-MTS-ExtensionsDisclose-RecipientsDisposition-Notification-OptionsDisposition-Notification-ToDistributionDKIM-SignatureDL-Expansion-HistoryDowngraded-BccDowngraded-CcDowngraded-Disposition-Notification-ToDowngraded-Final-RecipientDowngraded-FromDowngraded-In-Reply-ToDowngraded-Mail-FromDowngraded-Message-IdDowngraded-Original-RecipientDowngraded-Rcpt-ToDowngraded-ReferencesDowngraded-Reply-ToDowngraded-Resent-BccDowngraded-Resent-CcDowngraded-Resent-FromDowngraded-Resent-Reply-ToDowngraded-Resent-SenderDowngraded-Resent-ToDowngraded-Return-PathDowngraded-SenderDowngraded-ToEDIINT-FeaturesEesst-VersionEncodingEncryptedErrors-ToETagExpectExpiresExpiry-DateExtFollowup-ToForwardedFromGenerate-Delivery-ReportGetProfileHobaregHostHTTP2-SettingsIfIf-MatchIf-Modified-SinceIf-None-MatchIf-RangeIf-Schedule-Tag-MatchIf-Unmodified-SinceIMImportanceIn-Reply-ToIncomplete-CopyInjection-DateInjection-InfoJabber-IDKeep-AliveKeywordsLabelLanguageLast-ModifiedLatest-Delivery-TimeLinesLinkList-ArchiveList-HelpList-IDList-OwnerList-PostList-SubscribeList-UnsubscribeList-Unsubscribe-PostLocationLock-TokenManMax-ForwardsMemen |