Edit tour

Windows Analysis Report
http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/abbcdcdd-340a-4d63-b6de-95a5d7f5dfb7?P1=1720477403&P2=404&P3=2&P4=KzF0KR2NKtePAbf/3uEtbLI5JYY2pz4+mkh9ovT9quutHbVkXqAzFZGhahYOY+4FAhsVP2soG51FNx6OnmZn0Q==

Overview

General Information

Sample URL:http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/abbcdcdd-340a-4d63-b6de-95a5d7f5dfb7?P1=1720477403&P2=404&P3=2&P4=KzF0KR2NKtePAbf/3uEtbLI5JYY2pz4+mkh9ovT9quutHbVkXqAzFZGhah
Analysis ID:1466422
Infos:
Errors
  • URL not reachable

Detection

Score:0
Range:0 - 100
Whitelisted:false
Confidence:60%

Signatures

Detected non-DNS traffic on DNS port

Classification

RansomwareSpreadingPhishingBankerTrojan / BotAdwareSpywareExploiterEvaderMinercleansuspiciousmalicious
  • System is w10x64
  • chrome.exe (PID: 1436 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 6092 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2252 --field-trial-handle=2196,i,10072630782128911325,741038665974086272,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • chrome.exe (PID: 6552 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/abbcdcdd-340a-4d63-b6de-95a5d7f5dfb7?P1=1720477403&P2=404&P3=2&P4=KzF0KR2NKtePAbf/3uEtbLI5JYY2pz4+mkh9ovT9quutHbVkXqAzFZGhahYOY+4FAhsVP2soG51FNx6OnmZn0Q==" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • cleanup
No configs have been found
No yara matches
No Sigma rule has matched
No Snort rule has matched

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: global trafficTCP traffic: 192.168.2.4:49760 -> 1.1.1.1:53
Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: global trafficDNS traffic detected: DNS query: google.com
Source: unknownNetwork traffic detected: HTTP traffic on port 49675 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49748 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49747 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49748
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49747
Source: classification engineClassification label: unknown0.win@18/0@4/3
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2252 --field-trial-handle=2196,i,10072630782128911325,741038665974086272,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/abbcdcdd-340a-4d63-b6de-95a5d7f5dfb7?P1=1720477403&P2=404&P3=2&P4=KzF0KR2NKtePAbf/3uEtbLI5JYY2pz4+mkh9ovT9quutHbVkXqAzFZGhahYOY+4FAhsVP2soG51FNx6OnmZn0Q=="
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2252 --field-trial-handle=2196,i,10072630782128911325,741038665974086272,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: Window RecorderWindow detected: More than 3 window changes detected
ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management InstrumentationPath Interception1
Process Injection
1
Process Injection
OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System2
Encrypted Channel
Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization ScriptsRootkitLSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media1
Non-Application Layer Protocol
Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive2
Application Layer Protocol
Automated ExfiltrationData Encrypted for Impact
Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 process2 2 Behavior Graph ID: 1466422 URL: http://msedge.b.tlu.dl.deli... Startdate: 02/07/2024 Architecture: WINDOWS Score: 0 5 chrome.exe 2->5         started        8 chrome.exe 2->8         started        dnsIp3 13 192.168.2.4, 138, 443, 49747 unknown unknown 5->13 15 239.255.255.250 unknown Reserved 5->15 10 chrome.exe 5->10         started        process4 dnsIp5 17 www.google.com 216.58.206.36, 443, 49747, 49748 GOOGLEUS United States 10->17 19 google.com 10->19 21 fg.microsoft.map.fastly.net 10->21

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand
SourceDetectionScannerLabelLink
http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/abbcdcdd-340a-4d63-b6de-95a5d7f5dfb7?P1=1720477403&P2=404&P3=2&P4=KzF0KR2NKtePAbf/3uEtbLI5JYY2pz4+mkh9ovT9quutHbVkXqAzFZGhahYOY+4FAhsVP2soG51FNx6OnmZn0Q==0%Avira URL Cloudsafe
No Antivirus matches
No Antivirus matches
No Antivirus matches
No Antivirus matches

Download Network PCAP: filteredfull

NameIPActiveMaliciousAntivirus DetectionReputation
fg.microsoft.map.fastly.net
199.232.214.172
truefalse
    unknown
    google.com
    142.250.181.238
    truefalse
      unknown
      www.google.com
      216.58.206.36
      truefalse
        unknown
        • No. of IPs < 25%
        • 25% < No. of IPs < 50%
        • 50% < No. of IPs < 75%
        • 75% < No. of IPs
        IPDomainCountryFlagASNASN NameMalicious
        239.255.255.250
        unknownReserved
        unknownunknownfalse
        216.58.206.36
        www.google.comUnited States
        15169GOOGLEUSfalse
        IP
        192.168.2.4
        Joe Sandbox version:40.0.0 Tourmaline
        Analysis ID:1466422
        Start date and time:2024-07-02 22:27:58 +02:00
        Joe Sandbox product:CloudBasic
        Overall analysis duration:0h 2m 4s
        Hypervisor based Inspection enabled:false
        Report type:full
        Cookbook file name:browseurl.jbs
        Sample URL:http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/abbcdcdd-340a-4d63-b6de-95a5d7f5dfb7?P1=1720477403&P2=404&P3=2&P4=KzF0KR2NKtePAbf/3uEtbLI5JYY2pz4+mkh9ovT9quutHbVkXqAzFZGhahYOY+4FAhsVP2soG51FNx6OnmZn0Q==
        Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
        Number of analysed new started processes analysed:7
        Number of new started drivers analysed:0
        Number of existing processes analysed:0
        Number of existing drivers analysed:0
        Number of injected processes analysed:0
        Technologies:
        • HCA enabled
        • EGA enabled
        • AMSI enabled
        Analysis Mode:default
        Analysis stop reason:Timeout
        Detection:UNKNOWN
        Classification:unknown0.win@18/0@4/3
        EGA Information:Failed
        HCA Information:
        • Successful, ratio: 100%
        • Number of executed functions: 0
        • Number of non-executed functions: 0
        Cookbook Comments:
        • URL browsing timeout or error
        • URL not reachable
        • Exclude process from analysis (whitelisted): MpCmdRun.exe, SIHClient.exe, conhost.exe, svchost.exe
        • Excluded IPs from analysis (whitelisted): 216.58.206.67, 142.250.185.78, 74.125.133.84, 152.199.19.161, 34.104.35.123, 184.28.90.27, 20.114.59.183, 52.165.164.15, 2.19.126.157, 2.19.126.155, 40.68.123.157, 20.242.39.171
        • Not all processes where analyzed, report is missing behavior information
        • Report size getting too big, too many NtSetInformationFile calls found.
        • VT rate limit hit for: http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/abbcdcdd-340a-4d63-b6de-95a5d7f5dfb7?P1=1720477403&amp;P2=404&amp;P3=2&amp;P4=KzF0KR2NKtePAbf/3uEtbLI5JYY2pz4+mkh9ovT9quutHbVkXqAzFZGhahYOY+4FAhsVP2soG51FNx6OnmZn0Q==
        No simulations
        No context
        No context
        No context
        No context
        No context
        No created / dropped files found
        No static file info

        Download Network PCAP: filteredfull

        • Total Packets: 16
        • 443 (HTTPS)
        • 53 (DNS)
        TimestampSource PortDest PortSource IPDest IP
        Jul 2, 2024 22:28:45.712497950 CEST49675443192.168.2.4173.222.162.32
        Jul 2, 2024 22:28:54.999089956 CEST49747443192.168.2.4216.58.206.36
        Jul 2, 2024 22:28:54.999118090 CEST44349747216.58.206.36192.168.2.4
        Jul 2, 2024 22:28:54.999193907 CEST49747443192.168.2.4216.58.206.36
        Jul 2, 2024 22:28:54.999468088 CEST49747443192.168.2.4216.58.206.36
        Jul 2, 2024 22:28:54.999483109 CEST44349747216.58.206.36192.168.2.4
        Jul 2, 2024 22:28:55.011096001 CEST44349747216.58.206.36192.168.2.4
        Jul 2, 2024 22:28:55.011564016 CEST49748443192.168.2.4216.58.206.36
        Jul 2, 2024 22:28:55.011593103 CEST44349748216.58.206.36192.168.2.4
        Jul 2, 2024 22:28:55.011789083 CEST49748443192.168.2.4216.58.206.36
        Jul 2, 2024 22:28:55.011822939 CEST49748443192.168.2.4216.58.206.36
        Jul 2, 2024 22:28:55.011837006 CEST44349748216.58.206.36192.168.2.4
        Jul 2, 2024 22:28:55.023458004 CEST44349748216.58.206.36192.168.2.4
        Jul 2, 2024 22:28:55.315294981 CEST49675443192.168.2.4173.222.162.32
        Jul 2, 2024 22:29:11.991116047 CEST4976053192.168.2.41.1.1.1
        Jul 2, 2024 22:29:12.019777060 CEST53497601.1.1.1192.168.2.4
        Jul 2, 2024 22:29:12.019887924 CEST4976053192.168.2.41.1.1.1
        Jul 2, 2024 22:29:12.019999027 CEST4976053192.168.2.41.1.1.1
        Jul 2, 2024 22:29:12.020018101 CEST4976053192.168.2.41.1.1.1
        Jul 2, 2024 22:29:12.070949078 CEST53497601.1.1.1192.168.2.4
        Jul 2, 2024 22:29:12.071052074 CEST53497601.1.1.1192.168.2.4
        Jul 2, 2024 22:29:12.073704958 CEST53497601.1.1.1192.168.2.4
        TimestampSource PortDest PortSource IPDest IP
        Jul 2, 2024 22:28:51.971838951 CEST53559691.1.1.1192.168.2.4
        Jul 2, 2024 22:28:52.117661953 CEST53557061.1.1.1192.168.2.4
        Jul 2, 2024 22:28:54.978853941 CEST5356553192.168.2.41.1.1.1
        Jul 2, 2024 22:28:54.979202986 CEST5704853192.168.2.41.1.1.1
        Jul 2, 2024 22:28:54.997983932 CEST53535651.1.1.1192.168.2.4
        Jul 2, 2024 22:28:54.997999907 CEST53570481.1.1.1192.168.2.4
        Jul 2, 2024 22:28:55.089754105 CEST53577331.1.1.1192.168.2.4
        Jul 2, 2024 22:29:08.981751919 CEST5969953192.168.2.48.8.8.8
        Jul 2, 2024 22:29:08.982042074 CEST5099453192.168.2.41.1.1.1
        Jul 2, 2024 22:29:08.989351034 CEST53509941.1.1.1192.168.2.4
        Jul 2, 2024 22:29:08.991249084 CEST53596998.8.8.8192.168.2.4
        Jul 2, 2024 22:29:11.330271006 CEST138138192.168.2.4192.168.2.255
        Jul 2, 2024 22:29:11.990499973 CEST53555081.1.1.1192.168.2.4
        Jul 2, 2024 22:29:12.099914074 CEST53598051.1.1.1192.168.2.4
        TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
        Jul 2, 2024 22:28:54.978853941 CEST192.168.2.41.1.1.10x8888Standard query (0)www.google.comA (IP address)IN (0x0001)false
        Jul 2, 2024 22:28:54.979202986 CEST192.168.2.41.1.1.10x33baStandard query (0)www.google.com65IN (0x0001)false
        Jul 2, 2024 22:29:08.981751919 CEST192.168.2.48.8.8.80x723Standard query (0)google.comA (IP address)IN (0x0001)false
        Jul 2, 2024 22:29:08.982042074 CEST192.168.2.41.1.1.10xbb82Standard query (0)google.comA (IP address)IN (0x0001)false
        TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
        Jul 2, 2024 22:28:53.809633970 CEST1.1.1.1192.168.2.40x898cNo error (0)fg.microsoft.map.fastly.net199.232.214.172A (IP address)IN (0x0001)false
        Jul 2, 2024 22:28:53.809633970 CEST1.1.1.1192.168.2.40x898cNo error (0)fg.microsoft.map.fastly.net199.232.210.172A (IP address)IN (0x0001)false
        Jul 2, 2024 22:28:54.997983932 CEST1.1.1.1192.168.2.40x8888No error (0)www.google.com216.58.206.36A (IP address)IN (0x0001)false
        Jul 2, 2024 22:28:54.997999907 CEST1.1.1.1192.168.2.40x33baNo error (0)www.google.com65IN (0x0001)false
        Jul 2, 2024 22:28:56.839936972 CEST1.1.1.1192.168.2.40x83e5No error (0)fg.microsoft.map.fastly.net199.232.214.172A (IP address)IN (0x0001)false
        Jul 2, 2024 22:28:56.839936972 CEST1.1.1.1192.168.2.40x83e5No error (0)fg.microsoft.map.fastly.net199.232.210.172A (IP address)IN (0x0001)false
        Jul 2, 2024 22:28:57.849072933 CEST1.1.1.1192.168.2.40x83e5No error (0)fg.microsoft.map.fastly.net199.232.210.172A (IP address)IN (0x0001)false
        Jul 2, 2024 22:28:57.849072933 CEST1.1.1.1192.168.2.40x83e5No error (0)fg.microsoft.map.fastly.net199.232.214.172A (IP address)IN (0x0001)false
        Jul 2, 2024 22:28:58.852760077 CEST1.1.1.1192.168.2.40x83e5No error (0)fg.microsoft.map.fastly.net199.232.210.172A (IP address)IN (0x0001)false
        Jul 2, 2024 22:28:58.852760077 CEST1.1.1.1192.168.2.40x83e5No error (0)fg.microsoft.map.fastly.net199.232.214.172A (IP address)IN (0x0001)false
        Jul 2, 2024 22:29:00.907653093 CEST1.1.1.1192.168.2.40x83e5No error (0)fg.microsoft.map.fastly.net199.232.210.172A (IP address)IN (0x0001)false
        Jul 2, 2024 22:29:00.907653093 CEST1.1.1.1192.168.2.40x83e5No error (0)fg.microsoft.map.fastly.net199.232.214.172A (IP address)IN (0x0001)false
        Jul 2, 2024 22:29:05.070477009 CEST1.1.1.1192.168.2.40x83e5No error (0)fg.microsoft.map.fastly.net199.232.214.172A (IP address)IN (0x0001)false
        Jul 2, 2024 22:29:05.070477009 CEST1.1.1.1192.168.2.40x83e5No error (0)fg.microsoft.map.fastly.net199.232.210.172A (IP address)IN (0x0001)false
        Jul 2, 2024 22:29:08.989351034 CEST1.1.1.1192.168.2.40xbb82No error (0)google.com142.250.181.238A (IP address)IN (0x0001)false
        Jul 2, 2024 22:29:08.991249084 CEST8.8.8.8192.168.2.40x723No error (0)google.com172.217.168.78A (IP address)IN (0x0001)false
        Jul 2, 2024 22:29:11.998459101 CEST1.1.1.1192.168.2.40x129aNo error (0)fg.microsoft.map.fastly.net199.232.210.172A (IP address)IN (0x0001)false
        Jul 2, 2024 22:29:11.998459101 CEST1.1.1.1192.168.2.40x129aNo error (0)fg.microsoft.map.fastly.net199.232.214.172A (IP address)IN (0x0001)false
        0102030s020406080100

        Click to jump to process

        0102030s0.0020406080100MB

        Click to jump to process

        Target ID:0
        Start time:16:28:48
        Start date:02/07/2024
        Path:C:\Program Files\Google\Chrome\Application\chrome.exe
        Wow64 process (32bit):false
        Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
        Imagebase:0x7ff76e190000
        File size:3'242'272 bytes
        MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
        Has elevated privileges:true
        Has administrator privileges:true
        Programmed in:C, C++ or other language
        Reputation:low
        Has exited:false

        Target ID:2
        Start time:16:28:49
        Start date:02/07/2024
        Path:C:\Program Files\Google\Chrome\Application\chrome.exe
        Wow64 process (32bit):false
        Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2252 --field-trial-handle=2196,i,10072630782128911325,741038665974086272,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
        Imagebase:0x7ff76e190000
        File size:3'242'272 bytes
        MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
        Has elevated privileges:true
        Has administrator privileges:true
        Programmed in:C, C++ or other language
        Reputation:low
        Has exited:false

        Target ID:3
        Start time:16:28:53
        Start date:02/07/2024
        Path:C:\Program Files\Google\Chrome\Application\chrome.exe
        Wow64 process (32bit):false
        Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" "http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/abbcdcdd-340a-4d63-b6de-95a5d7f5dfb7?P1=1720477403&P2=404&P3=2&P4=KzF0KR2NKtePAbf/3uEtbLI5JYY2pz4+mkh9ovT9quutHbVkXqAzFZGhahYOY+4FAhsVP2soG51FNx6OnmZn0Q=="
        Imagebase:0x7ff76e190000
        File size:3'242'272 bytes
        MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
        Has elevated privileges:true
        Has administrator privileges:true
        Programmed in:C, C++ or other language
        Reputation:low
        Has exited:true
        There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
        There is hidden Windows Behavior. Click on Show Windows Behavior to show it.

        No disassembly