Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then cmp dword ptr [ecx], eax | 0_2_00462440 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then inc edi | 0_2_004238A0 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then jmp eax | 0_2_00427139 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then jmp eax | 0_2_0042A182 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then jmp eax | 0_2_0042A190 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then jmp eax | 0_2_00428251 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then mov byte ptr [ebx], al | 0_2_0044A22D |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then jmp ecx | 0_2_00461236 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then jmp ecx | 0_2_00461234 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then mov byte ptr [ebx], al | 0_2_00448B92 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then mov esi, ecx | 0_2_004143C0 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then cmp al, 2Eh | 0_2_00445430 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then jmp eax | 0_2_00430480 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then mov edx, dword ptr [ecx+esi+3Ch] | 0_2_0045C480 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then mov eax, dword ptr [esi+2Ch] | 0_2_00430565 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then jmp esi | 0_2_00461516 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then lea eax, dword ptr [edi+04h] | 0_2_004305F1 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then jmp eax | 0_2_0042D639 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then test eax, eax | 0_2_004596F2 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then xor ebx, ebx | 0_2_0042A732 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then mov eax, edx | 0_2_0041E7C0 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then jmp eax | 0_2_004387C0 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then jmp eax | 0_2_004387BB |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then jmp ecx | 0_2_00460846 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then jmp eax | 0_2_0042B802 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then jmp eax | 0_2_00445807 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then cmp dword ptr [edx-08h], edi | 0_2_00464800 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then jmp eax | 0_2_0042A805 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then jmp eax | 0_2_0042AB0E |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then jmp eax | 0_2_004458D7 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then jmp eax | 0_2_004458F2 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then jmp eax | 0_2_004478BD |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then jmp eax | 0_2_00447947 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then jmp eax | 0_2_00447962 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then mov edi, C6989171h | 0_2_0042B913 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then cmp dword ptr [ecx], eax | 0_2_0042E920 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then mov eax, dword ptr [00475144h] | 0_2_0043C990 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then push dword ptr [esi+4Ch] | 0_2_00445A02 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then cmp dword ptr [ecx], eax | 0_2_0045CA90 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then mov byte ptr [edx], bl | 0_2_00425C07 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then movzx esi, word ptr [ecx+eax*4] | 0_2_0041CD30 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then movzx ebx, byte ptr [edx+edi] | 0_2_00401EE0 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then mov eax, dword ptr [0047E78Ch] | 0_2_0045FEE3 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then mov word ptr [ecx], dx | 0_2_0042FF6C |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then mov eax, dword ptr [0047E78Ch] | 0_2_0045FEE3 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then cmp byte ptr [ebx], 00000000h | 0_2_00429F35 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then movzx ebx, byte ptr [edx+edi] | 0_2_00742147 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then mov word ptr [ecx], dx | 0_2_007701D3 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then cmp byte ptr [ebx], 00000000h | 0_2_0076A19C |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then jmp eax | 0_2_0076A3F7 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then jmp eax | 0_2_0076A3E9 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then jmp eax | 0_2_007673A0 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then jmp eax | 0_2_007684B8 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then mov byte ptr [ebx], al | 0_2_0078A494 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then mov byte ptr [ebx], al | 0_2_00788DF9 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then mov esi, ecx | 0_2_00754627 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then jmp eax | 0_2_007706E7 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then mov edx, dword ptr [ecx+esi+3Ch] | 0_2_0079C6E7 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then cmp dword ptr [ecx], eax | 0_2_007A26A7 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then cmp al, 2Eh | 0_2_00785697 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then mov eax, dword ptr [esi+2Ch] | 0_2_007707CC |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then lea eax, dword ptr [edi+04h] | 0_2_00770858 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then jmp eax | 0_2_0076D8A0 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then test eax, eax | 0_2_00799959 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then xor ebx, ebx | 0_2_0076A999 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then jmp eax | 0_2_0076AD75 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then jmp eax | 0_2_00785A73 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then jmp eax | 0_2_0076AA6C |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then cmp dword ptr [edx-08h], edi | 0_2_007A4A67 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then jmp eax | 0_2_0076BA69 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then jmp eax | 0_2_00778A27 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then mov eax, edx | 0_2_0075EA27 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then jmp eax | 0_2_00778A22 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then mov eax, dword ptr [esi+000000B8h] | 0_2_00769ABD |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then mov edi, C6989171h | 0_2_0076BB7A |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then jmp eax | 0_2_00785B59 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then jmp eax | 0_2_00785B3E |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then jmp eax | 0_2_00787B24 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then inc edi | 0_2_00763B07 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then mov eax, dword ptr [00475144h] | 0_2_0077CBF7 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then jmp eax | 0_2_00787BC9 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then jmp eax | 0_2_00787BAE |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then cmp dword ptr [ecx], eax | 0_2_0076EB87 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then push dword ptr [esi+4Ch] | 0_2_00785C69 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then cmp dword ptr [ecx], eax | 0_2_0079CCF7 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then mov byte ptr [edx], bl | 0_2_00765E6E |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 4x nop then movzx esi, word ptr [ecx+eax*4] | 0_2_0075CF97 |
Source: jJEAWO.exe, 00000001.00000003.1675913190.0000000000E80000.00000004.00001000.00020000.00000000.sdmp, jJEAWO.exe, 00000001.00000002.1862470986.0000000000E93000.00000002.00000001.01000000.00000004.sdmp | String found in binary or memory: http://%s:%d/%s/%sZwQuerySystemInformationntdll.dllNtSystemDebugControlSeDebugPrivilege%s%.8x.bat:DE |
Source: jJEAWO.exe, 00000001.00000003.1683352875.000000000107B000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://ddos.dnsnb8.net:799/cj//k1.rar |
Source: jJEAWO.exe, 00000001.00000003.1683352875.00000000010B4000.00000004.00000020.00020000.00000000.sdmp, jJEAWO.exe, 00000001.00000003.1683579567.00000000010B4000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://ddos.dnsnb8.net:799/cj//k1.rarE0 |
Source: jJEAWO.exe, 00000001.00000003.1683506510.00000000010CB000.00000004.00000020.00020000.00000000.sdmp, jJEAWO.exe, 00000001.00000003.1683352875.00000000010B4000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://ddos.dnsnb8.net:799/cj//k1.rarT |
Source: jJEAWO.exe, 00000001.00000003.1683352875.00000000010EB000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://ddos.dnsnb8.net:799/cj//k1.rarcC: |
Source: jJEAWO.exe, 00000001.00000002.1862651851.000000000105E000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://ddos.dnsnb8.net:799/cj//k2.rar |
Source: jJEAWO.exe, 00000001.00000002.1862651851.000000000109F000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://ddos.dnsnb8.net:799/cj//k2.rarDownloadManagerA |
Source: jJEAWO.exe, 00000001.00000002.1862651851.00000000010B4000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://ddos.dnsnb8.net:799/cj//k2.rarN |
Source: jJEAWO.exe, 00000001.00000002.1862651851.00000000010B4000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://ddos.dnsnb8.net:799/cj//k2.rarh? |
Source: jJEAWO.exe, 00000001.00000002.1862651851.000000000105E000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://ddos.dnsnb8.net:799/cj//k2.rark |
Source: jJEAWO.exe, 00000001.00000002.1862651851.00000000010B4000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://ddos.dnsnb8.net:799/cj//k2.rarl |
Source: jJEAWO.exe, 00000001.00000002.1862651851.000000000105E000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://ddos.dnsnb8.net:799/cj//k2.rarm |
Source: jJEAWO.exe, 00000001.00000002.1863177242.0000000002DBA000.00000004.00000010.00020000.00000000.sdmp | String found in binary or memory: http://ddos.dnsnb8.net:799/cj//k2.rarp |
Source: Amcache.hve.1.dr | String found in binary or memory: http://upx.sf.net |
Source: SciTE.exe.1.dr | String found in binary or memory: http://www.activestate.com |
Source: SciTE.exe.1.dr | String found in binary or memory: http://www.activestate.comHolger |
Source: SciTE.exe.1.dr | String found in binary or memory: http://www.baanboard.com |
Source: SciTE.exe.1.dr | String found in binary or memory: http://www.baanboard.comBrendon |
Source: SciTE.exe.1.dr | String found in binary or memory: http://www.develop.com |
Source: SciTE.exe.1.dr | String found in binary or memory: http://www.develop.comDeepak |
Source: SciTE.exe.1.dr | String found in binary or memory: http://www.lua.org |
Source: SciTE.exe.1.dr | String found in binary or memory: http://www.rftp.com |
Source: SciTE.exe.1.dr | String found in binary or memory: http://www.rftp.comJosiah |
Source: SciTE.exe.1.dr | String found in binary or memory: http://www.scintilla.org |
Source: SciTE.exe.1.dr | String found in binary or memory: http://www.scintilla.org/scite.rng |
Source: SciTE.exe.1.dr | String found in binary or memory: http://www.spaceblue.com |
Source: SciTE.exe.1.dr | String found in binary or memory: http://www.spaceblue.comMathias |
Source: jJEAWO.exe, 00000001.00000003.1683506510.00000000010CB000.00000004.00000020.00020000.00000000.sdmp, jJEAWO.exe, 00000001.00000002.1862651851.00000000010B4000.00000004.00000020.00020000.00000000.sdmp, jJEAWO.exe, 00000001.00000003.1683352875.00000000010B4000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://login.live.com2 |
Source: current[1].exe, 00000000.00000002.2053363980.00000000008DE000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://sofahuntingslidedine.shop/ |
Source: current[1].exe, 00000000.00000003.2020633565.00000000008DD000.00000004.00000020.00020000.00000000.sdmp, current[1].exe, 00000000.00000002.2053204670.00000000008BE000.00000004.00000020.00020000.00000000.sdmp, current[1].exe, 00000000.00000003.2020575396.00000000008CD000.00000004.00000020.00020000.00000000.sdmp, current[1].exe, 00000000.00000003.1707640338.00000000008B3000.00000004.00000020.00020000.00000000.sdmp, current[1].exe, 00000000.00000002.2052970229.000000000081E000.00000004.00000020.00020000.00000000.sdmp, current[1].exe, 00000000.00000003.2020471181.00000000008BE000.00000004.00000020.00020000.00000000.sdmp, current[1].exe, 00000000.00000002.2053363980.00000000008DE000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://sofahuntingslidedine.shop/api |
Source: current[1].exe, 00000000.00000003.2020633565.00000000008DD000.00000004.00000020.00020000.00000000.sdmp, current[1].exe, 00000000.00000003.2020575396.00000000008CD000.00000004.00000020.00020000.00000000.sdmp, current[1].exe, 00000000.00000002.2053363980.00000000008DE000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://sofahuntingslidedine.shop/apik |
Source: current[1].exe, 00000000.00000003.2020471181.000000000089A000.00000004.00000020.00020000.00000000.sdmp, current[1].exe, 00000000.00000003.1707811358.00000000008A3000.00000004.00000020.00020000.00000000.sdmp, current[1].exe, 00000000.00000002.2053204670.000000000089A000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://sofahuntingslidedine.shop/u |
Source: current[1].exe, 00000000.00000003.1707640338.00000000008CD000.00000004.00000020.00020000.00000000.sdmp, current[1].exe, 00000000.00000003.1707811358.0000000000894000.00000004.00000020.00020000.00000000.sdmp, current[1].exe, 00000000.00000003.1707606358.0000000002BA5000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://www.cloudflare.com/5xx-error-landing |
Source: current[1].exe, 00000000.00000003.1707640338.00000000008CD000.00000004.00000020.00020000.00000000.sdmp, current[1].exe, 00000000.00000003.1707606358.0000000002BA5000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://www.cloudflare.com/learning/ddos/glossary/malware/ |
Source: SciTE.exe.1.dr | String found in binary or memory: https://www.smartsharesystems.com/ |
Source: SciTE.exe.1.dr | String found in binary or memory: https://www.smartsharesystems.com/Morten |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00462440 NtAllocateVirtualMemory,NtFreeVirtualMemory, | 0_2_00462440 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0042E700 NtAllocateVirtualMemory,NtFreeVirtualMemory, | 0_2_0042E700 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00460870 NtAllocateVirtualMemory,NtFreeVirtualMemory, | 0_2_00460870 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0045E927 NtOpenSection, | 0_2_0045E927 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00462990 NtAllocateVirtualMemory,NtFreeVirtualMemory, | 0_2_00462990 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0045EAE9 NtMapViewOfSection, | 0_2_0045EAE9 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00460A90 NtAllocateVirtualMemory,NtFreeVirtualMemory, | 0_2_00460A90 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0045EFF5 NtClose, | 0_2_0045EFF5 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00451140 NtAllocateVirtualMemory,NtFreeVirtualMemory, | 0_2_00451140 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0045A160 NtAllocateVirtualMemory,NtFreeVirtualMemory, | 0_2_0045A160 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0044E120 NtAllocateVirtualMemory,NtFreeVirtualMemory, | 0_2_0044E120 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0045D1D0 NtAllocateVirtualMemory,NtFreeVirtualMemory, | 0_2_0045D1D0 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_004641E0 NtAllocateVirtualMemory,NtFreeVirtualMemory, | 0_2_004641E0 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00439260 NtAllocateVirtualMemory,NtFreeVirtualMemory, | 0_2_00439260 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_004632A0 NtAllocateVirtualMemory,NtFreeVirtualMemory, | 0_2_004632A0 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00451370 NtAllocateVirtualMemory,NtFreeVirtualMemory, | 0_2_00451370 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0045D400 NtAllocateVirtualMemory,NtFreeVirtualMemory,NtAllocateVirtualMemory,NtFreeVirtualMemory, | 0_2_0045D400 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_004394C0 NtAllocateVirtualMemory,NtFreeVirtualMemory, | 0_2_004394C0 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_004634F0 NtAllocateVirtualMemory,NtFreeVirtualMemory, | 0_2_004634F0 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_004434B0 NtAllocateVirtualMemory,NtFreeVirtualMemory, | 0_2_004434B0 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0045C550 NtAllocateVirtualMemory,NtFreeVirtualMemory, | 0_2_0045C550 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00437530 NtAllocateVirtualMemory,NtFreeVirtualMemory, | 0_2_00437530 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_004645E0 NtAllocateVirtualMemory,NtFreeVirtualMemory, | 0_2_004645E0 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_004396E0 NtAllocateVirtualMemory,NtFreeVirtualMemory, | 0_2_004396E0 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_004626F0 NtAllocateVirtualMemory,NtFreeVirtualMemory, | 0_2_004626F0 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0045C790 NtAllocateVirtualMemory,NtFreeVirtualMemory, | 0_2_0045C790 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00464800 NtAllocateVirtualMemory,NtFreeVirtualMemory, | 0_2_00464800 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_004638F0 NtAllocateVirtualMemory,NtFreeVirtualMemory, | 0_2_004638F0 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00439910 NtAllocateVirtualMemory,NtFreeVirtualMemory, | 0_2_00439910 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0042E920 NtAllocateVirtualMemory,NtFreeVirtualMemory, | 0_2_0042E920 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0045CA90 NtAllocateVirtualMemory,NtFreeVirtualMemory, | 0_2_0045CA90 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00463B20 NtAllocateVirtualMemory,NtFreeVirtualMemory, | 0_2_00463B20 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00462BF0 NtAllocateVirtualMemory,NtFreeVirtualMemory, | 0_2_00462BF0 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0045CD20 NtAllocateVirtualMemory,NtFreeVirtualMemory, | 0_2_0045CD20 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00462F00 NtAllocateVirtualMemory,NtFreeVirtualMemory, | 0_2_00462F00 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0045CF80 NtAllocateVirtualMemory,NtFreeVirtualMemory, | 0_2_0045CF80 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00463FA0 NtAllocateVirtualMemory,NtFreeVirtualMemory, | 0_2_00463FA0 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_007A3167 NtAllocateVirtualMemory,NtAllocateVirtualMemory,NtFreeVirtualMemory, | 0_2_007A3167 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0079D1E7 NtAllocateVirtualMemory,NtAllocateVirtualMemory,NtFreeVirtualMemory, | 0_2_0079D1E7 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_007A4207 NtAllocateVirtualMemory,NtAllocateVirtualMemory,NtFreeVirtualMemory, | 0_2_007A4207 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0079A3C7 NtAllocateVirtualMemory,NtAllocateVirtualMemory,NtFreeVirtualMemory, | 0_2_0079A3C7 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_007913A7 NtAllocateVirtualMemory,NtAllocateVirtualMemory,NtFreeVirtualMemory, | 0_2_007913A7 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0078E387 NtAllocateVirtualMemory,NtAllocateVirtualMemory,NtFreeVirtualMemory, | 0_2_0078E387 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_007A4447 NtAllocateVirtualMemory,NtAllocateVirtualMemory,NtFreeVirtualMemory, | 0_2_007A4447 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0079D437 NtAllocateVirtualMemory,NtAllocateVirtualMemory,NtFreeVirtualMemory, | 0_2_0079D437 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_007794C7 NtAllocateVirtualMemory,NtAllocateVirtualMemory,NtFreeVirtualMemory, | 0_2_007794C7 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_007A3507 NtAllocateVirtualMemory,NtAllocateVirtualMemory,NtFreeVirtualMemory, | 0_2_007A3507 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_007915D7 NtAllocateVirtualMemory,NtFreeVirtualMemory, | 0_2_007915D7 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0079D667 NtAllocateVirtualMemory,NtFreeVirtualMemory,NtAllocateVirtualMemory,NtFreeVirtualMemory, | 0_2_0079D667 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_007A26A7 NtAllocateVirtualMemory,NtAllocateVirtualMemory,NtFreeVirtualMemory, | 0_2_007A26A7 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_007A3757 NtAllocateVirtualMemory,NtAllocateVirtualMemory,NtFreeVirtualMemory, | 0_2_007A3757 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00779727 NtAllocateVirtualMemory,NtFreeVirtualMemory, | 0_2_00779727 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00783717 NtAllocateVirtualMemory,NtAllocateVirtualMemory,NtFreeVirtualMemory, | 0_2_00783717 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0079C7B7 NtAllocateVirtualMemory,NtAllocateVirtualMemory,NtFreeVirtualMemory, | 0_2_0079C7B7 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00777797 NtAllocateVirtualMemory,NtFreeVirtualMemory, | 0_2_00777797 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_007A4847 NtAllocateVirtualMemory,NtFreeVirtualMemory, | 0_2_007A4847 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0076E967 NtAllocateVirtualMemory,NtAllocateVirtualMemory,NtFreeVirtualMemory, | 0_2_0076E967 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_007A2957 NtAllocateVirtualMemory,NtAllocateVirtualMemory,NtFreeVirtualMemory, | 0_2_007A2957 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00779947 NtAllocateVirtualMemory,NtFreeVirtualMemory, | 0_2_00779947 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0079C9F7 NtAllocateVirtualMemory,NtAllocateVirtualMemory,NtFreeVirtualMemory, | 0_2_0079C9F7 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_007A4A67 NtAllocateVirtualMemory,NtFreeVirtualMemory, | 0_2_007A4A67 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_007A0AD7 NtAllocateVirtualMemory,NtAllocateVirtualMemory,NtFreeVirtualMemory, | 0_2_007A0AD7 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00779B77 NtAllocateVirtualMemory,NtAllocateVirtualMemory,NtFreeVirtualMemory, | 0_2_00779B77 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_007A3B57 NtAllocateVirtualMemory,NtFreeVirtualMemory, | 0_2_007A3B57 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_007A2BF7 NtAllocateVirtualMemory,NtFreeVirtualMemory, | 0_2_007A2BF7 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0076EB87 NtAllocateVirtualMemory,NtAllocateVirtualMemory,NtFreeVirtualMemory, | 0_2_0076EB87 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_007A0CF7 NtAllocateVirtualMemory,NtAllocateVirtualMemory,NtFreeVirtualMemory, | 0_2_007A0CF7 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0079CCF7 NtAllocateVirtualMemory,NtAllocateVirtualMemory,NtFreeVirtualMemory, | 0_2_0079CCF7 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_007A3D87 NtAllocateVirtualMemory,NtFreeVirtualMemory, | 0_2_007A3D87 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_007A2E57 NtAllocateVirtualMemory,NtAllocateVirtualMemory,NtFreeVirtualMemory, | 0_2_007A2E57 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0079CF87 NtAllocateVirtualMemory,NtAllocateVirtualMemory,NtFreeVirtualMemory, | 0_2_0079CF87 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00462440 | 0_2_00462440 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0042E700 | 0_2_0042E700 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00460870 | 0_2_00460870 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_004238A0 | 0_2_004238A0 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0045E927 | 0_2_0045E927 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00462990 | 0_2_00462990 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00424A2F | 0_2_00424A2F |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0045EAE9 | 0_2_0045EAE9 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00460A90 | 0_2_00460A90 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00422DE0 | 0_2_00422DE0 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00425FCA | 0_2_00425FCA |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00437048 | 0_2_00437048 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0041E070 | 0_2_0041E070 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00403000 | 0_2_00403000 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00414010 | 0_2_00414010 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0045E0C8 | 0_2_0045E0C8 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0043D0F0 | 0_2_0043D0F0 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00451140 | 0_2_00451140 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00411150 | 0_2_00411150 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0045A160 | 0_2_0045A160 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0042716F | 0_2_0042716F |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0043911F | 0_2_0043911F |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0044E120 | 0_2_0044E120 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0044713B | 0_2_0044713B |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0045D1D0 | 0_2_0045D1D0 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_004641E0 | 0_2_004641E0 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00439260 | 0_2_00439260 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0044A22D | 0_2_0044A22D |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00459230 | 0_2_00459230 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00448B92 | 0_2_00448B92 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0044B290 | 0_2_0044B290 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_004632A0 | 0_2_004632A0 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0044E340 | 0_2_0044E340 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0045F352 | 0_2_0045F352 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00451370 | 0_2_00451370 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0042B318 | 0_2_0042B318 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00427325 | 0_2_00427325 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_004143C0 | 0_2_004143C0 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0041F3A0 | 0_2_0041F3A0 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0045F456 | 0_2_0045F456 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00432456 | 0_2_00432456 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_004394C0 | 0_2_004394C0 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_004634F0 | 0_2_004634F0 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_004434B0 | 0_2_004434B0 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0045C550 | 0_2_0045C550 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00437530 | 0_2_00437530 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_004645E0 | 0_2_004645E0 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0044459F | 0_2_0044459F |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_004515A0 | 0_2_004515A0 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0045A5B2 | 0_2_0045A5B2 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00412670 | 0_2_00412670 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00448614 | 0_2_00448614 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_004396E0 | 0_2_004396E0 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00428680 | 0_2_00428680 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00443700 | 0_2_00443700 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0043172D | 0_2_0043172D |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0041E7C0 | 0_2_0041E7C0 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_004247D2 | 0_2_004247D2 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_004277E0 | 0_2_004277E0 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0045C790 | 0_2_0045C790 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00414860 | 0_2_00414860 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00461875 | 0_2_00461875 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0042A87A | 0_2_0042A87A |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00430802 | 0_2_00430802 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_004638F0 | 0_2_004638F0 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_004268B3 | 0_2_004268B3 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00439910 | 0_2_00439910 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00413920 | 0_2_00413920 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0042E920 | 0_2_0042E920 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00432930 | 0_2_00432930 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0042BA2F | 0_2_0042BA2F |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0045CA90 | 0_2_0045CA90 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0042CA9C | 0_2_0042CA9C |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0043AB07 | 0_2_0043AB07 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00463B20 | 0_2_00463B20 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00412BD0 | 0_2_00412BD0 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00462BF0 | 0_2_00462BF0 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00437C01 | 0_2_00437C01 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00425C07 | 0_2_00425C07 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00445C17 | 0_2_00445C17 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0042AC22 | 0_2_0042AC22 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0044ACC4 | 0_2_0044ACC4 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0042CCB5 | 0_2_0042CCB5 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00447D50 | 0_2_00447D50 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00429D65 | 0_2_00429D65 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0045DD68 | 0_2_0045DD68 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00411D70 | 0_2_00411D70 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0045CD20 | 0_2_0045CD20 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0041CD30 | 0_2_0041CD30 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0041FD80 | 0_2_0041FD80 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00445E1C | 0_2_00445E1C |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0042DEC0 | 0_2_0042DEC0 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00431EF5 | 0_2_00431EF5 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00459E90 | 0_2_00459E90 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0045DF5C | 0_2_0045DF5C |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00462F00 | 0_2_00462F00 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0043CF20 | 0_2_0043CF20 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00448FEB | 0_2_00448FEB |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00448FF0 | 0_2_00448FF0 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0045CF80 | 0_2_0045CF80 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00463FA0 | 0_2_00463FA0 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00763047 | 0_2_00763047 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0079A0F7 | 0_2_0079A0F7 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00786083 | 0_2_00786083 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_007A3167 | 0_2_007A3167 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0077215C | 0_2_0077215C |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0076E127 | 0_2_0076E127 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0079D1E7 | 0_2_0079D1E7 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0079E1C3 | 0_2_0079E1C3 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0077D187 | 0_2_0077D187 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00754277 | 0_2_00754277 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00743267 | 0_2_00743267 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00789252 | 0_2_00789252 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00789257 | 0_2_00789257 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00766231 | 0_2_00766231 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_007A4207 | 0_2_007A4207 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0075E2D7 | 0_2_0075E2D7 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_007772AF | 0_2_007772AF |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0077D357 | 0_2_0077D357 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0079E32F | 0_2_0079E32F |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_007673D6 | 0_2_007673D6 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0079A3C7 | 0_2_0079A3C7 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_007513B7 | 0_2_007513B7 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_007873A2 | 0_2_007873A2 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_007913A7 | 0_2_007913A7 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00779386 | 0_2_00779386 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0078E387 | 0_2_0078E387 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_007A4447 | 0_2_007A4447 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0079D437 | 0_2_0079D437 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0078B4F7 | 0_2_0078B4F7 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_007794C7 | 0_2_007794C7 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0078A494 | 0_2_0078A494 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00799497 | 0_2_00799497 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0076B57F | 0_2_0076B57F |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00788DF9 | 0_2_00788DF9 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_007A3507 | 0_2_007A3507 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_007915D7 | 0_2_007915D7 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0079F5B9 | 0_2_0079F5B9 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0078E5A7 | 0_2_0078E5A7 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0076758C | 0_2_0076758C |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00754627 | 0_2_00754627 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0075F607 | 0_2_0075F607 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_007556E7 | 0_2_007556E7 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0079F6BD | 0_2_0079F6BD |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_007A26A7 | 0_2_007A26A7 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_007A3757 | 0_2_007A3757 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00779727 | 0_2_00779727 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00783717 | 0_2_00783717 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0079C7B7 | 0_2_0079C7B7 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00777797 | 0_2_00777797 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0078887B | 0_2_0078887B |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_007A4847 | 0_2_007A4847 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0079A819 | 0_2_0079A819 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00791807 | 0_2_00791807 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00784806 | 0_2_00784806 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_007688E7 | 0_2_007688E7 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_007528D7 | 0_2_007528D7 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0076E967 | 0_2_0076E967 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00783967 | 0_2_00783967 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00779947 | 0_2_00779947 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0079C9F7 | 0_2_0079C9F7 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00771994 | 0_2_00771994 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00770A69 | 0_2_00770A69 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00767A47 | 0_2_00767A47 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00764A39 | 0_2_00764A39 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0075EA27 | 0_2_0075EA27 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0076AAE1 | 0_2_0076AAE1 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_007A0AD7 | 0_2_007A0AD7 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00779B77 | 0_2_00779B77 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_007A3B57 | 0_2_007A3B57 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00766B1A | 0_2_00766B1A |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00763B07 | 0_2_00763B07 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_007A2BF7 | 0_2_007A2BF7 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00772B97 | 0_2_00772B97 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00772B94 | 0_2_00772B94 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0076EB87 | 0_2_0076EB87 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00753B87 | 0_2_00753B87 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0079EB8E | 0_2_0079EB8E |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_007A0CF7 | 0_2_007A0CF7 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0079CCF7 | 0_2_0079CCF7 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00764C96 | 0_2_00764C96 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0077AD6E | 0_2_0077AD6E |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0079ED50 | 0_2_0079ED50 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0076CD03 | 0_2_0076CD03 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_007A3D87 | 0_2_007A3D87 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00785E7E | 0_2_00785E7E |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00765E6E | 0_2_00765E6E |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00777E68 | 0_2_00777E68 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_007A2E57 | 0_2_007A2E57 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0076AE89 | 0_2_0076AE89 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0078AF2B | 0_2_0078AF2B |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0076CF1C | 0_2_0076CF1C |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00751FD7 | 0_2_00751FD7 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0079DFCF | 0_2_0079DFCF |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00769FCC | 0_2_00769FCC |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00787FB7 | 0_2_00787FB7 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0075CF97 | 0_2_0075CF97 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_0079CF87 | 0_2_0079CF87 |
Source: C:\Users\user\Desktop\current[1].exe | Code function: 0_2_00831166 | 0_2_00831166 |
Source: C:\Users\user\AppData\Local\Temp\jJEAWO.exe | Code function: 1_2_00E96D00 | 1_2_00E96D00 |
Source: C:\Users\user\Desktop\current[1].exe | Section loaded: apphelp.dll | Jump to behavior |
Source: C:\Users\user\Desktop\current[1].exe | Section loaded: winhttp.dll | Jump to behavior |
Source: C:\Users\user\Desktop\current[1].exe | Section loaded: msimg32.dll | Jump to behavior |
Source: C:\Users\user\Desktop\current[1].exe | Section loaded: msvcr100.dll | Jump to behavior |
Source: C:\Users\user\Desktop\current[1].exe | Section loaded: ondemandconnroutehelper.dll | Jump to behavior |
Source: C:\Users\user\Desktop\current[1].exe | Section loaded: webio.dll | Jump to behavior |
Source: C:\Users\user\Desktop\current[1].exe | Section loaded: mswsock.dll | Jump to behavior |
Source: C:\Users\user\Desktop\current[1].exe | Section loaded: iphlpapi.dll | Jump to behavior |
Source: C:\Users\user\Desktop\current[1].exe | Section loaded: winnsi.dll | Jump to behavior |
Source: C:\Users\user\Desktop\current[1].exe | Section loaded: sspicli.dll | Jump to behavior |
Source: C:\Users\user\Desktop\current[1].exe | Section loaded: dnsapi.dll | Jump to behavior |
Source: C:\Users\user\Desktop\current[1].exe | Section loaded: rasadhlp.dll | Jump to behavior |
Source: C:\Users\user\Desktop\current[1].exe | Section loaded: fwpuclnt.dll | Jump to behavior |
Source: C:\Users\user\Desktop\current[1].exe | Section loaded: schannel.dll | Jump to behavior |
Source: C:\Users\user\Desktop\current[1].exe | Section loaded: mskeyprotect.dll | Jump to behavior |
Source: C:\Users\user\Desktop\current[1].exe | Section loaded: ntasn1.dll | Jump to behavior |
Source: C:\Users\user\Desktop\current[1].exe | Section loaded: ncrypt.dll | Jump to behavior |
Source: C:\Users\user\Desktop\current[1].exe | Section loaded: ncryptsslp.dll | Jump to behavior |
Source: C:\Users\user\Desktop\current[1].exe | Section loaded: msasn1.dll | Jump to behavior |
Source: C:\Users\user\Desktop\current[1].exe | Section loaded: cryptsp.dll | Jump to behavior |
Source: C:\Users\user\Desktop\current[1].exe | Section loaded: rsaenh.dll | Jump to behavior |
Source: C:\Users\user\Desktop\current[1].exe | Section loaded: cryptbase.dll | Jump to behavior |
Source: C:\Users\user\Desktop\current[1].exe | Section loaded: gpapi.dll | Jump to behavior |
Source: C:\Users\user\Desktop\current[1].exe | Section loaded: dpapi.dll | Jump to behavior |
Source: C:\Users\user\Desktop\current[1].exe | Section loaded: ondemandconnroutehelper.dll | Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\jJEAWO.exe | Section loaded: apphelp.dll | Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\jJEAWO.exe | Section loaded: urlmon.dll | Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\jJEAWO.exe | Section loaded: iertutil.dll | Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\jJEAWO.exe | Section loaded: srvcli.dll | Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\jJEAWO.exe | Section loaded: netutils.dll | Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\jJEAWO.exe | Section loaded: kernel.appcore.dll | Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\jJEAWO.exe | Section loaded: uxtheme.dll | Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\jJEAWO.exe | Section loaded: wininet.dll | Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\jJEAWO.exe | Section loaded: sspicli.dll | Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\jJEAWO.exe | Section loaded: windows.storage.dll | Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\jJEAWO.exe | Section loaded: wldp.dll | Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\jJEAWO.exe | Section loaded: profapi.dll | Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\jJEAWO.exe | Section loaded: ondemandconnroutehelper.dll | Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\jJEAWO.exe | Section loaded: winhttp.dll | Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\jJEAWO.exe | Section loaded: mswsock.dll | Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\jJEAWO.exe | Section loaded: iphlpapi.dll | Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\jJEAWO.exe | Section loaded: winnsi.dll | Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\jJEAWO.exe | Section loaded: dnsapi.dll | Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\jJEAWO.exe | Section loaded: rasadhlp.dll | Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\jJEAWO.exe | Section loaded: fwpuclnt.dll | Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\jJEAWO.exe | Section loaded: ntvdm64.dll | Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\jJEAWO.exe | Section loaded: version.dll | Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\jJEAWO.exe | Section loaded: textshaping.dll | Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\jJEAWO.exe | Section loaded: textinputframework.dll | Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\jJEAWO.exe | Section loaded: coreuicomponents.dll | Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\jJEAWO.exe | Section loaded: coremessaging.dll | Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\jJEAWO.exe | Section loaded: ntmarta.dll | Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\jJEAWO.exe | Section loaded: coremessaging.dll | Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\jJEAWO.exe | Section loaded: wintypes.dll | Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\jJEAWO.exe | Section loaded: wintypes.dll | Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\jJEAWO.exe | Section loaded: wintypes.dll | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: Amcache.hve.1.dr | Binary or memory string: VMware |
Source: Amcache.hve.1.dr | Binary or memory string: VMware Virtual USB Mouse |
Source: Amcache.hve.1.dr | Binary or memory string: vmci.syshbin |
Source: Amcache.hve.1.dr | Binary or memory string: VMware, Inc. |
Source: current[1].exe, 00000000.00000003.2020575396.00000000008CD000.00000004.00000020.00020000.00000000.sdmp, current[1].exe, 00000000.00000003.1707640338.00000000008CD000.00000004.00000020.00020000.00000000.sdmp, current[1].exe, 00000000.00000002.2053204670.00000000008CD000.00000004.00000020.00020000.00000000.sdmp | Binary or memory string: Hyper-V RAWm |
Source: Amcache.hve.1.dr | Binary or memory string: VMware20,1hbin@ |
Source: Amcache.hve.1.dr | Binary or memory string: c:\windows\system32\driverstore\filerepository\vmci.inf_amd64_68ed49469341f563 |
Source: Amcache.hve.1.dr | Binary or memory string: Ascsi/cdrom&ven_necvmwar&prod_vmware_sata_cd00/4&224f42ef&0&000000 |
Source: Amcache.hve.1.dr | Binary or memory string: .Z$c:/windows/system32/drivers/vmci.sys |
Source: current[1].exe, 00000000.00000003.2020575396.00000000008CD000.00000004.00000020.00020000.00000000.sdmp, current[1].exe, 00000000.00000003.1707640338.00000000008CD000.00000004.00000020.00020000.00000000.sdmp, current[1].exe, 00000000.00000002.2053177286.0000000000880000.00000004.00000020.00020000.00000000.sdmp, current[1].exe, 00000000.00000002.2053204670.00000000008CD000.00000004.00000020.00020000.00000000.sdmp, jJEAWO.exe, 00000001.00000003.1683352875.00000000010EB000.00000004.00000020.00020000.00000000.sdmp, jJEAWO.exe, 00000001.00000003.1683352875.000000000109F000.00000004.00000020.00020000.00000000.sdmp, jJEAWO.exe, 00000001.00000002.1862651851.000000000109F000.00000004.00000020.00020000.00000000.sdmp, jJEAWO.exe, 00000001.00000002.1862651851.000000000105E000.00000004.00000020.00020000.00000000.sdmp, jJEAWO.exe, 00000001.00000002.1862651851.00000000010EB000.00000004.00000020.00020000.00000000.sdmp, jJEAWO.exe, 00000001.00000003.1683352875.000000000107B000.00000004.00000020.00020000.00000000.sdmp | Binary or memory string: Hyper-V RAW |
Source: Amcache.hve.1.dr | Binary or memory string: :scsi/disk&ven_vmware&prod_virtual_disk/4&1656f219&0&000000 |
Source: Amcache.hve.1.dr | Binary or memory string: pci\ven_15ad&dev_0740&subsys_074015ad,pci\ven_15ad&dev_0740,root\vmwvmcihostdev |
Source: Amcache.hve.1.dr | Binary or memory string: c:/windows/system32/drivers/vmci.sys |
Source: Amcache.hve.1.dr | Binary or memory string: scsi/cdrom&ven_necvmwar&prod_vmware_sata_cd00/4&224f42ef&0&000000 |
Source: Amcache.hve.1.dr | Binary or memory string: vmci.sys |
Source: Amcache.hve.1.dr | Binary or memory string: VMware-56 4d 43 71 48 15 3d ed-ae e6 c7 5a ec d9 3b f0 |
Source: Amcache.hve.1.dr | Binary or memory string: vmci.syshbin` |
Source: Amcache.hve.1.dr | Binary or memory string: \driver\vmci,\driver\pci |
Source: Amcache.hve.1.dr | Binary or memory string: scsi/disk&ven_vmware&prod_virtual_disk/4&1656f219&0&000000 |
Source: Amcache.hve.1.dr | Binary or memory string: VMware20,1 |
Source: Amcache.hve.1.dr | Binary or memory string: Microsoft Hyper-V Generation Counter |
Source: Amcache.hve.1.dr | Binary or memory string: NECVMWar VMware SATA CD00 |
Source: Amcache.hve.1.dr | Binary or memory string: VMware Virtual disk SCSI Disk Device |
Source: Amcache.hve.1.dr | Binary or memory string: scsi\cdromnecvmwarvmware_sata_cd001.00,scsi\cdromnecvmwarvmware_sata_cd00,scsi\cdromnecvmwar,scsi\necvmwarvmware_sata_cd001,necvmwarvmware_sata_cd001,gencdrom |
Source: Amcache.hve.1.dr | Binary or memory string: scsi\diskvmware__virtual_disk____2.0_,scsi\diskvmware__virtual_disk____,scsi\diskvmware__,scsi\vmware__virtual_disk____2,vmware__virtual_disk____2,gendisk |
Source: Amcache.hve.1.dr | Binary or memory string: Microsoft Hyper-V Virtualization Infrastructure Driver |
Source: Amcache.hve.1.dr | Binary or memory string: VMware PCI VMCI Bus Device |
Source: Amcache.hve.1.dr | Binary or memory string: VMware VMCI Bus Device |
Source: Amcache.hve.1.dr | Binary or memory string: VMware Virtual RAM |
Source: Amcache.hve.1.dr | Binary or memory string: BiosVendor:VMware, Inc.,BiosVersion:VMW201.00V.20829224.B64.2211211842,BiosReleaseDate:11/21/2022,BiosMajorRelease:0xff,BiosMinorRelease:0xff,SystemManufacturer:VMware, Inc.,SystemProduct:VMware20,1,SystemFamily:,SystemSKUNumber:,BaseboardManufacturer:,BaseboardProduct:,BaseboardVersion:,EnclosureType:0x1 |
Source: Amcache.hve.1.dr | Binary or memory string: vmci.inf_amd64_68ed49469341f563 |