Source: Amcache.hve.0.dr |
String found in binary or memory: http://upx.sf.net |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://api.github.com/_private/browser/errors |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://api.github.com/_private/browser/stats |
Source: SecuriteInfo.com.FileRepMalware.1111.23697.exe, 00000000.00000002.1759190988.0000000000499000.00000002.00000001.01000000.00000003.sdmp |
String found in binary or memory: https://autohotkey.com |
Source: SecuriteInfo.com.FileRepMalware.1111.23697.exe, 00000000.00000002.1759190988.0000000000499000.00000002.00000001.01000000.00000003.sdmp |
String found in binary or memory: https://autohotkey.comCould |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://avatars.githubusercontent.com |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://cli.github.com |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://collector.github.com/github/collect |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://desktop.github.com |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://docs.github.com |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://docs.github.com/get-started/accessibility/keyboard-shortcuts |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://docs.github.com/get-started/exploring-integrations/about-building-integrations |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://docs.github.com/search-github/github-code-search/understanding-github-code-search-syntax |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://docs.github.com/site-policy/github-terms/github-terms-of-service |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://docs.github.com/site-policy/privacy-policies/github-privacy-statement |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github-cloud.s3.amazonaws.com |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.blog |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.careers |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.com |
Source: SecuriteInfo.com.FileRepMalware.1111.23697.exe, 00000000.00000002.1760199708.00000000013C3000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.FileRepMalware.1111.23697.exe, 00000000.00000003.1758902429.00000000013C3000.00000004.00000020.00020000.00000000.sdmp, netcomp.exe.0.dr |
String found in binary or memory: https://github.com/ |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.com/about |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.com/abuzgreksi/456/releases/download/456/123.exe |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.com/abuzgreksi/456/releases/download/456/123.exe" |
Source: SecuriteInfo.com.FileRepMalware.1111.23697.exe, 00000000.00000002.1760146944.0000000001360000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://github.com/abuzgreksi/456/releases/download/456/123.exenetcomp.exe? |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.com/collections |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.com/customer-stories |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.com/edu |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.com/enterprise |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.com/enterprise/advanced-security |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.com/enterprise/startups |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.com/features |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.com/features/actions |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.com/features/code-review |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.com/features/codespaces |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.com/features/copilot |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.com/features/discussions |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.com/features/issues |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.com/features/packages |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.com/features/security |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.com/fluidicon.png |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.com/github |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.com/github/roadmap |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.com/github/site-policy/pull/582 |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.com/mobile |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.com/notifications/beta/shelf |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.com/pricing |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.com/readme |
Source: SecuriteInfo.com.FileRepMalware.1111.23697.exe, 00000000.00000002.1760199708.00000000013C3000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.FileRepMalware.1111.23697.exe, 00000000.00000003.1758902429.00000000013C3000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://github.com/s |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.com/solutions/ci-cd |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.com/solutions/devops |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.com/solutions/devsecops |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.com/solutions/industries/financial-services |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.com/solutions/industries/healthcare |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.com/solutions/industries/manufacturing |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.com/team |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.com/topics |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.com/trending |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.community |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.githubassets.com |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.githubassets.com/ |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.githubassets.com/assets/app_assets_modules_github_behaviors_ajax-error_ts-app_assets_ |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.githubassets.com/assets/app_assets_modules_github_behaviors_commenting_edit_ts-app_as |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.githubassets.com/assets/app_assets_modules_github_behaviors_task-list_ts-app_assets_m |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.githubassets.com/assets/app_assets_modules_github_blob-anchor_ts-app_assets_modules_g |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.githubassets.com/assets/app_assets_modules_github_onfocus_ts-ui_packages_trusted-type |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.githubassets.com/assets/app_assets_modules_github_sticky-scroll-into-view_ts-4dd22d95 |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.githubassets.com/assets/app_assets_modules_github_updatable-content_ts-fd68b41b03a0.j |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.githubassets.com/assets/behaviors-ac844bd01e4d.js |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.githubassets.com/assets/dark-6b1e37da2254.css |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.githubassets.com/assets/dark_colorblind-a4629b2e906b.css |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.githubassets.com/assets/dark_dimmed-aa16bfa90fb8.css |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.githubassets.com/assets/dark_high_contrast-f4daad25d8cf.css |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.githubassets.com/assets/dark_tritanopia-1911f0cf0db4.css |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.githubassets.com/assets/element-registry-cebd41dde8aa.js |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.githubassets.com/assets/environment-a36e9a1c67ad.js |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.githubassets.com/assets/error-add24e2c1056.css |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.githubassets.com/assets/github-0c7b5281bcc9.css |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.githubassets.com/assets/github-elements-a7dc71cd6e4e.js |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.githubassets.com/assets/github-logo-55c5b9a1fe52.png |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.githubassets.com/assets/github-mark-57519b92ca4e.png |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.githubassets.com/assets/github-octocat-13c86b8b336d.png |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.githubassets.com/assets/global-526475a50099.css |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.githubassets.com/assets/keyboard-shortcuts-dialog-f6d4ee842c1e.js |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.githubassets.com/assets/light-efd2f2257c96.css |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.githubassets.com/assets/light_colorblind-afcc3a6a38dd.css |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.githubassets.com/assets/light_high_contrast-79bca7145393.css |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.githubassets.com/assets/light_tritanopia-fe4137b54b26.css |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.githubassets.com/assets/mona-sans-d1bf285e9b9b.woff2 |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.githubassets.com/assets/notifications-global-ce1721184096.js |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.githubassets.com/assets/pinned-octocat-093da3e6fa40.svg |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.githubassets.com/assets/primer-61560ce103d3.css |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.githubassets.com/assets/primer-primitives-8500c2c7ce5f.css |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.githubassets.com/assets/react-lib-a89cbd87a1e0.js |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.githubassets.com/assets/sessions-599dffba3e8f.js |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.githubassets.com/assets/site-3ab44dbdb8a0.css |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.githubassets.com/assets/ui_packages_react-core_create-browser-history_ts-ui_packages_ |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_braintree_browser-detection_dist_browser |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_clsx_dist_clsx_m_js-node_modules_primer_ |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_color-convert_index_js-cdd1e82b3795.js |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_delegated-events_dist_index_js-node_modu |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_dompurify_dist_purify_js-810e4b1b9abd.js |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_github_auto-complete-element_dist_index_ |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_github_catalyst_lib_index_js-node_module |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_github_combobox-nav_dist_index_js-node_m |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_github_file-attachment-element_dist_inde |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_github_filter-input-element_dist_index_j |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_ |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_github_quote-selection_dist_index_js-nod |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_github_remote-form_dist_index_js-node_mo |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_github_selector-observer_dist_index_esm_ |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_github_session-resume_dist_index_js-node |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_github_text-expander-element_dist_index_ |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_github_turbo_dist_turbo_es2017-esm_js-1c |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_lit-html_lit-html_js-cc7cb714ead5.js |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_oddbird_popover-polyfill_dist_popover_js |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_primer_behaviors_dist_esm_dimensions_js- |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_primer_behaviors_dist_esm_focus-zone_js- |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_ActionList_index_js |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_Box_Box_js-5a335cbe |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_Button_Button_js-83 |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_Dialog_Dialog_js-no |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_TooltipV2_Tooltip_j |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.githubassets.com/assets/vendors-node_modules_scroll-anchoring_dist_scroll-anchoring_e |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.githubassets.com/assets/wp-runtime-dc42d191447b.js |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.githubassets.com/favicons/favicon.png |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://github.githubassets.com/favicons/favicon.svg |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://githubstatus.com |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://partner.github.com |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://resources.github.com |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://resources.github.com/devops/tools/compare |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://resources.github.com/learn/pathways |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://resources.github.com/newsletter/ |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://services.github.com |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://shop.github.com |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://skills.github.com |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://socialimpact.github.com |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://support.github.com?tags=dotcom-404 |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://support.github.com?tags=dotcom-footer |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://twitter.com/githubstatus |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://user-images.githubusercontent.com/ |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://www.electronjs.org |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://www.githubstatus.com |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://www.linkedin.com/company/github |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://www.tiktok.com/ |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://www.twitch.tv/github |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://www.youtube.com/github |
Source: netcomp.exe.0.dr |
String found in binary or memory: https://x.com/github |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Code function: 0_2_0040155F |
0_2_0040155F |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Code function: 0_2_004080E0 |
0_2_004080E0 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Code function: 0_2_00492080 |
0_2_00492080 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Code function: 0_2_004181C0 |
0_2_004181C0 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Code function: 0_2_0045C340 |
0_2_0045C340 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Code function: 0_2_00474300 |
0_2_00474300 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Code function: 0_2_004083B0 |
0_2_004083B0 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Code function: 0_2_004925D1 |
0_2_004925D1 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Code function: 0_2_00424610 |
0_2_00424610 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Code function: 0_2_00446620 |
0_2_00446620 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Code function: 0_2_004586D0 |
0_2_004586D0 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Code function: 0_2_004CC740 |
0_2_004CC740 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Code function: 0_2_004147A0 |
0_2_004147A0 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Code function: 0_2_004147B5 |
0_2_004147B5 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Code function: 0_2_00486A60 |
0_2_00486A60 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Code function: 0_2_0048F063 |
0_2_0048F063 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Code function: 0_2_0040F65D |
0_2_0040F65D |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Code function: 0_2_0049371D |
0_2_0049371D |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Code function: 0_2_0049580E |
0_2_0049580E |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Code function: 0_2_0041FAF0 |
0_2_0041FAF0 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Code function: 0_2_0041BF10 |
0_2_0041BF10 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Section loaded: wsock32.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Section loaded: winmm.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Section loaded: version.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Section loaded: wininet.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Section loaded: wtsapi32.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Section loaded: kernel.appcore.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Section loaded: uxtheme.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Section loaded: textshaping.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Section loaded: windows.storage.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Section loaded: wldp.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Section loaded: iertutil.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Section loaded: sspicli.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Section loaded: profapi.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Section loaded: ondemandconnroutehelper.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Section loaded: winhttp.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Section loaded: iphlpapi.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Section loaded: mswsock.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Section loaded: winnsi.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Section loaded: urlmon.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Section loaded: srvcli.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Section loaded: netutils.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Section loaded: dnsapi.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Section loaded: rasadhlp.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Section loaded: fwpuclnt.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Section loaded: schannel.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Section loaded: mskeyprotect.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Section loaded: ntasn1.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Section loaded: msasn1.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Section loaded: dpapi.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Section loaded: cryptsp.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Section loaded: rsaenh.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Section loaded: cryptbase.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Section loaded: gpapi.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Section loaded: ncrypt.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Section loaded: ncryptsslp.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Section loaded: propsys.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Section loaded: edputil.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Section loaded: windows.staterepositoryps.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Section loaded: wintypes.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Section loaded: appresolver.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Section loaded: bcp47langs.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Section loaded: slc.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Section loaded: userenv.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Section loaded: sppc.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Section loaded: onecorecommonproxystub.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Section loaded: onecoreuapcommonproxystub.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Section loaded: ntvdm64.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Section loaded: textinputframework.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Section loaded: coreuicomponents.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Section loaded: coremessaging.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Section loaded: ntmarta.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Memory written: PID: 6916 base: 1210005 value: E9 2B BA CB 75 |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Memory written: PID: 6916 base: 76ECBA30 value: E9 DA 45 34 8A |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Memory written: PID: 6916 base: 1230008 value: E9 8B 8E CE 75 |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Memory written: PID: 6916 base: 76F18E90 value: E9 80 71 31 8A |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Memory written: PID: 6916 base: 1250005 value: E9 8B 4D 9A 74 |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Memory written: PID: 6916 base: 75BF4D90 value: E9 7A B2 65 8B |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Memory written: PID: 6916 base: 1260005 value: E9 EB EB 9A 74 |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Memory written: PID: 6916 base: 75C0EBF0 value: E9 1A 14 65 8B |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Memory written: PID: 6916 base: 1270005 value: E9 8B 8A D6 73 |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Memory written: PID: 6916 base: 74FD8A90 value: E9 7A 75 29 8C |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Memory written: PID: 6916 base: 1280005 value: E9 2B 02 D8 73 |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Memory written: PID: 6916 base: 75000230 value: E9 DA FD 27 8C |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Memory written: PID: 6916 base: 12A0005 value: E9 8B 2F C6 75 |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Memory written: PID: 6916 base: 76F02F90 value: E9 7A D0 39 8A |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Memory written: PID: 6916 base: 12B0007 value: E9 EB DF C8 75 |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepMalware.1111.23697.exe |
Memory written: PID: 6916 base: 76F3DFF0 value: E9 1E 20 37 8A |
Jump to behavior |
Source: Amcache.hve.0.dr |
Binary or memory string: VMware |
Source: Amcache.hve.0.dr |
Binary or memory string: VMware Virtual USB Mouse |
Source: Amcache.hve.0.dr |
Binary or memory string: vmci.syshbin |
Source: Amcache.hve.0.dr |
Binary or memory string: VMware, Inc. |
Source: Amcache.hve.0.dr |
Binary or memory string: VMware20,1hbin@ |
Source: Amcache.hve.0.dr |
Binary or memory string: c:\windows\system32\driverstore\filerepository\vmci.inf_amd64_68ed49469341f563 |
Source: Amcache.hve.0.dr |
Binary or memory string: Ascsi/cdrom&ven_necvmwar&prod_vmware_sata_cd00/4&224f42ef&0&000000 |
Source: Amcache.hve.0.dr |
Binary or memory string: .Z$c:/windows/system32/drivers/vmci.sys |
Source: SecuriteInfo.com.FileRepMalware.1111.23697.exe, 00000000.00000003.1758902429.000000000140F000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.FileRepMalware.1111.23697.exe, 00000000.00000002.1760199708.00000000013C3000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.FileRepMalware.1111.23697.exe, 00000000.00000002.1760199708.000000000140F000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.FileRepMalware.1111.23697.exe, 00000000.00000003.1758902429.00000000013C3000.00000004.00000020.00020000.00000000.sdmp |
Binary or memory string: Hyper-V RAW |
Source: Amcache.hve.0.dr |
Binary or memory string: :scsi/disk&ven_vmware&prod_virtual_disk/4&1656f219&0&000000 |
Source: Amcache.hve.0.dr |
Binary or memory string: pci\ven_15ad&dev_0740&subsys_074015ad,pci\ven_15ad&dev_0740,root\vmwvmcihostdev |
Source: Amcache.hve.0.dr |
Binary or memory string: c:/windows/system32/drivers/vmci.sys |
Source: Amcache.hve.0.dr |
Binary or memory string: scsi/cdrom&ven_necvmwar&prod_vmware_sata_cd00/4&224f42ef&0&000000 |
Source: Amcache.hve.0.dr |
Binary or memory string: vmci.sys |
Source: Amcache.hve.0.dr |
Binary or memory string: VMware-56 4d 43 71 48 15 3d ed-ae e6 c7 5a ec d9 3b f0 |
Source: Amcache.hve.0.dr |
Binary or memory string: vmci.syshbin` |
Source: Amcache.hve.0.dr |
Binary or memory string: \driver\vmci,\driver\pci |
Source: Amcache.hve.0.dr |
Binary or memory string: scsi/disk&ven_vmware&prod_virtual_disk/4&1656f219&0&000000 |
Source: Amcache.hve.0.dr |
Binary or memory string: VMware20,1 |
Source: Amcache.hve.0.dr |
Binary or memory string: Microsoft Hyper-V Generation Counter |
Source: Amcache.hve.0.dr |
Binary or memory string: NECVMWar VMware SATA CD00 |
Source: Amcache.hve.0.dr |
Binary or memory string: VMware Virtual disk SCSI Disk Device |
Source: Amcache.hve.0.dr |
Binary or memory string: scsi\cdromnecvmwarvmware_sata_cd001.00,scsi\cdromnecvmwarvmware_sata_cd00,scsi\cdromnecvmwar,scsi\necvmwarvmware_sata_cd001,necvmwarvmware_sata_cd001,gencdrom |
Source: Amcache.hve.0.dr |
Binary or memory string: scsi\diskvmware__virtual_disk____2.0_,scsi\diskvmware__virtual_disk____,scsi\diskvmware__,scsi\vmware__virtual_disk____2,vmware__virtual_disk____2,gendisk |
Source: Amcache.hve.0.dr |
Binary or memory string: Microsoft Hyper-V Virtualization Infrastructure Driver |
Source: Amcache.hve.0.dr |
Binary or memory string: VMware PCI VMCI Bus Device |
Source: Amcache.hve.0.dr |
Binary or memory string: VMware VMCI Bus Device |
Source: Amcache.hve.0.dr |
Binary or memory string: VMware Virtual RAM |
Source: Amcache.hve.0.dr |
Binary or memory string: BiosVendor:VMware, Inc.,BiosVersion:VMW201.00V.20829224.B64.2211211842,BiosReleaseDate:11/21/2022,BiosMajorRelease:0xff,BiosMinorRelease:0xff,SystemManufacturer:VMware, Inc.,SystemProduct:VMware20,1,SystemFamily:,SystemSKUNumber:,BaseboardManufacturer:,BaseboardProduct:,BaseboardVersion:,EnclosureType:0x1 |
Source: Amcache.hve.0.dr |
Binary or memory string: vmci.inf_amd64_68ed49469341f563 |