| Source: C:\Users\user\Desktop\vkXe5gkY34.exe |
Code function: 0_2_00CA5983 |
0_2_00CA5983 |
| Source: C:\Users\user\Desktop\vkXe5gkY34.exe |
Code function: 0_2_00C983EB |
0_2_00C983EB |
| Source: C:\Users\user\Desktop\vkXe5gkY34.exe |
Code function: 0_2_00CBE8D4 |
0_2_00CBE8D4 |
| Source: C:\Users\user\Desktop\vkXe5gkY34.exe |
Code function: 0_2_00CAE8EC |
0_2_00CAE8EC |
| Source: C:\Users\user\Desktop\vkXe5gkY34.exe |
Code function: 0_2_00CA30E5 |
0_2_00CA30E5 |
| Source: C:\Users\user\Desktop\vkXe5gkY34.exe |
Code function: 0_2_00C9E097 |
0_2_00C9E097 |
| Source: C:\Users\user\Desktop\vkXe5gkY34.exe |
Code function: 0_2_00C931F0 |
0_2_00C931F0 |
| Source: C:\Users\user\Desktop\vkXe5gkY34.exe |
Code function: 0_2_00CAFA6A |
0_2_00CAFA6A |
| Source: C:\Users\user\Desktop\vkXe5gkY34.exe |
Code function: 0_2_00C9BA6A |
0_2_00C9BA6A |
| Source: C:\Users\user\Desktop\vkXe5gkY34.exe |
Code function: 0_2_00CAF200 |
0_2_00CAF200 |
| Source: C:\Users\user\Desktop\vkXe5gkY34.exe |
Code function: 0_2_00C9D222 |
0_2_00C9D222 |
| Source: C:\Users\user\Desktop\vkXe5gkY34.exe |
Code function: 0_2_00CA63F1 |
0_2_00CA63F1 |
| Source: C:\Users\user\Desktop\vkXe5gkY34.exe |
Code function: 0_2_00CBA350 |
0_2_00CBA350 |
| Source: C:\Users\user\Desktop\vkXe5gkY34.exe |
Code function: 0_2_00CB2B68 |
0_2_00CB2B68 |
| Source: C:\Users\user\Desktop\vkXe5gkY34.exe |
Code function: 0_2_00CA2B39 |
0_2_00CA2B39 |
| Source: C:\Users\user\Desktop\vkXe5gkY34.exe |
Code function: 0_2_00C9ECE9 |
0_2_00C9ECE9 |
| Source: C:\Users\user\Desktop\vkXe5gkY34.exe |
Code function: 0_2_00C9DC32 |
0_2_00C9DC32 |
| Source: C:\Users\user\Desktop\vkXe5gkY34.exe |
Code function: 0_2_00CAEDE8 |
0_2_00CAEDE8 |
| Source: C:\Users\user\Desktop\vkXe5gkY34.exe |
Code function: 0_2_00CA5DB8 |
0_2_00CA5DB8 |
| Source: C:\Users\user\Desktop\vkXe5gkY34.exe |
Code function: 0_2_00CA2DB4 |
0_2_00CA2DB4 |
| Source: C:\Users\user\Desktop\vkXe5gkY34.exe |
Code function: 0_2_00C95E83 |
0_2_00C95E83 |
| Source: C:\Users\user\Desktop\vkXe5gkY34.exe |
Code function: 0_2_00CB9EA0 |
0_2_00CB9EA0 |
| Source: C:\Users\user\Desktop\vkXe5gkY34.exe |
Code function: 0_2_00C9D634 |
0_2_00C9D634 |
| Source: C:\Users\user\Desktop\vkXe5gkY34.exe |
Code function: 0_2_00CAF635 |
0_2_00CAF635 |
| Source: C:\Users\user\Desktop\vkXe5gkY34.exe |
Code function: 0_2_00C93F95 |
0_2_00C93F95 |
| Source: C:\Users\user\Desktop\vkXe5gkY34.exe |
Code function: 0_2_00CA4FB4 |
0_2_00CA4FB4 |
| Source: C:\Users\user\Desktop\vkXe5gkY34.exe |
Code function: 0_2_00C92759 |
0_2_00C92759 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.sfx.exe |
Code function: 4_2_00645983 |
4_2_00645983 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.sfx.exe |
Code function: 4_2_006383EB |
4_2_006383EB |
| Source: C:\Users\user\AppData\Roaming\efthfxj.sfx.exe |
Code function: 4_2_006430E5 |
4_2_006430E5 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.sfx.exe |
Code function: 4_2_0064E8EC |
4_2_0064E8EC |
| Source: C:\Users\user\AppData\Roaming\efthfxj.sfx.exe |
Code function: 4_2_0065E8D4 |
4_2_0065E8D4 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.sfx.exe |
Code function: 4_2_0063E097 |
4_2_0063E097 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.sfx.exe |
Code function: 4_2_006331F0 |
4_2_006331F0 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.sfx.exe |
Code function: 4_2_0063BA6A |
4_2_0063BA6A |
| Source: C:\Users\user\AppData\Roaming\efthfxj.sfx.exe |
Code function: 4_2_0064FA6A |
4_2_0064FA6A |
| Source: C:\Users\user\AppData\Roaming\efthfxj.sfx.exe |
Code function: 4_2_0063D222 |
4_2_0063D222 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.sfx.exe |
Code function: 4_2_0064F200 |
4_2_0064F200 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.sfx.exe |
Code function: 4_2_00652B68 |
4_2_00652B68 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.sfx.exe |
Code function: 4_2_0065A350 |
4_2_0065A350 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.sfx.exe |
Code function: 4_2_00642B39 |
4_2_00642B39 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.sfx.exe |
Code function: 4_2_006463F1 |
4_2_006463F1 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.sfx.exe |
Code function: 4_2_0063DC32 |
4_2_0063DC32 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.sfx.exe |
Code function: 4_2_0063ECE9 |
4_2_0063ECE9 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.sfx.exe |
Code function: 4_2_0064EDE8 |
4_2_0064EDE8 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.sfx.exe |
Code function: 4_2_00642DB4 |
4_2_00642DB4 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.sfx.exe |
Code function: 4_2_00645DB8 |
4_2_00645DB8 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.sfx.exe |
Code function: 4_2_0064F635 |
4_2_0064F635 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.sfx.exe |
Code function: 4_2_0063D634 |
4_2_0063D634 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.sfx.exe |
Code function: 4_2_00659EA0 |
4_2_00659EA0 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.sfx.exe |
Code function: 4_2_00635E83 |
4_2_00635E83 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.sfx.exe |
Code function: 4_2_00632759 |
4_2_00632759 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.sfx.exe |
Code function: 4_2_00644FB4 |
4_2_00644FB4 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.sfx.exe |
Code function: 4_2_00633F95 |
4_2_00633F95 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 5_2_00FB7CB8 |
5_2_00FB7CB8 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 5_2_00FBB450 |
5_2_00FBB450 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 5_2_00FB0848 |
5_2_00FB0848 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 5_2_00FBB190 |
5_2_00FBB190 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 5_2_00FBC970 |
5_2_00FBC970 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 5_2_00FB5A50 |
5_2_00FB5A50 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 5_2_00FB6378 |
5_2_00FB6378 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 5_2_00FB3B30 |
5_2_00FB3B30 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 5_2_00FBFC88 |
5_2_00FBFC88 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 5_2_00FBA038 |
5_2_00FBA038 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 5_2_00FB59A8 |
5_2_00FB59A8 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 5_2_00FBED48 |
5_2_00FBED48 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 5_2_00FBA2B0 |
5_2_00FBA2B0 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 5_2_00FB4EA8 |
5_2_00FB4EA8 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 5_2_00FB4E98 |
5_2_00FB4E98 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 5_2_00FB9E00 |
5_2_00FB9E00 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 5_2_00FB07C7 |
5_2_00FB07C7 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 5_2_00FB8B88 |
5_2_00FB8B88 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 5_2_00FB9758 |
5_2_00FB9758 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 5_2_00FBAB50 |
5_2_00FBAB50 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 5_2_0115D810 |
5_2_0115D810 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 5_2_01152B08 |
5_2_01152B08 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 5_2_01157D28 |
5_2_01157D28 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 5_2_0115D550 |
5_2_0115D550 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 5_2_01155E20 |
5_2_01155E20 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 5_2_011509B0 |
5_2_011509B0 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 5_2_011509C0 |
5_2_011509C0 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 5_2_01157020 |
5_2_01157020 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 5_2_01151078 |
5_2_01151078 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 5_2_01151080 |
5_2_01151080 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 5_2_0115C0C8 |
5_2_0115C0C8 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 5_2_011570F8 |
5_2_011570F8 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 5_2_01152AF7 |
5_2_01152AF7 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 5_2_0115AD60 |
5_2_0115AD60 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 5_2_01150CB0 |
5_2_01150CB0 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 5_2_0115E660 |
5_2_0115E660 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 5_2_0115BE90 |
5_2_0115BE90 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 5_2_01151698 |
5_2_01151698 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 5_2_01151688 |
5_2_01151688 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 5_2_04AF9880 |
5_2_04AF9880 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 5_2_04AF2B68 |
5_2_04AF2B68 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 5_2_04AF5440 |
5_2_04AF5440 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 5_2_04AF850B |
5_2_04AF850B |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 5_2_04AF8518 |
5_2_04AF8518 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 5_2_04AF36F8 |
5_2_04AF36F8 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 5_2_04AFC710 |
5_2_04AFC710 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 5_2_04AF9875 |
5_2_04AF9875 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 5_2_04AFB1AC |
5_2_04AFB1AC |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 5_2_04AFB1B8 |
5_2_04AFB1B8 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 5_2_04AFD1C9 |
5_2_04AFD1C9 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 5_2_04AFD1D8 |
5_2_04AFD1D8 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 5_2_0AA70040 |
5_2_0AA70040 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 7_2_02620B60 |
7_2_02620B60 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 9_2_00A62030 |
9_2_00A62030 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 9_2_00A64860 |
9_2_00A64860 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 9_2_00A63660 |
9_2_00A63660 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 9_2_00A60B60 |
9_2_00A60B60 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 9_2_00A63650 |
9_2_00A63650 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 9_2_00A60B52 |
9_2_00A60B52 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 10_2_00E40B60 |
10_2_00E40B60 |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Code function: 13_2_02C3C6B0 |
13_2_02C3C6B0 |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Code function: 13_2_02C35A50 |
13_2_02C35A50 |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Code function: 13_2_02C33E7B |
13_2_02C33E7B |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Code function: 13_2_02C363B7 |
13_2_02C363B7 |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Code function: 13_2_02C3D498 |
13_2_02C3D498 |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Code function: 13_2_02C37CB8 |
13_2_02C37CB8 |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Code function: 13_2_02C30848 |
13_2_02C30848 |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Code function: 13_2_02C36DE1 |
13_2_02C36DE1 |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Code function: 13_2_02C3B190 |
13_2_02C3B190 |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Code function: 13_2_02C34E98 |
13_2_02C34E98 |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Code function: 13_2_02C34EA8 |
13_2_02C34EA8 |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Code function: 13_2_02C3A2B0 |
13_2_02C3A2B0 |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Code function: 13_2_02C39E00 |
13_2_02C39E00 |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Code function: 13_2_02C35A37 |
13_2_02C35A37 |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Code function: 13_2_02C363C7 |
13_2_02C363C7 |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Code function: 13_2_02C38B88 |
13_2_02C38B88 |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Code function: 13_2_02C3AB50 |
13_2_02C3AB50 |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Code function: 13_2_02C39758 |
13_2_02C39758 |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Code function: 13_2_02C3FC88 |
13_2_02C3FC88 |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Code function: 13_2_02C3A038 |
13_2_02C3A038 |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Code function: 13_2_02C30838 |
13_2_02C30838 |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Code function: 13_2_02C3ED48 |
13_2_02C3ED48 |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Code function: 13_2_04CDD550 |
13_2_04CDD550 |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Code function: 13_2_04CD7D28 |
13_2_04CD7D28 |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Code function: 13_2_04CDD8C8 |
13_2_04CDD8C8 |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Code function: 13_2_04CD6047 |
13_2_04CD6047 |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Code function: 13_2_04CD2B08 |
13_2_04CD2B08 |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Code function: 13_2_04CD0CB0 |
13_2_04CD0CB0 |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Code function: 13_2_04CDAD60 |
13_2_04CDAD60 |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Code function: 13_2_04CD1688 |
13_2_04CD1688 |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Code function: 13_2_04CD1698 |
13_2_04CD1698 |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Code function: 13_2_04CDBE90 |
13_2_04CDBE90 |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Code function: 13_2_04CDE660 |
13_2_04CDE660 |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Code function: 13_2_04CDC0C8 |
13_2_04CDC0C8 |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Code function: 13_2_04CD70F8 |
13_2_04CD70F8 |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Code function: 13_2_04CD1080 |
13_2_04CD1080 |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Code function: 13_2_04CD1073 |
13_2_04CD1073 |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Code function: 13_2_04CD702E |
13_2_04CD702E |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Code function: 13_2_04CD09C0 |
13_2_04CD09C0 |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Code function: 13_2_04CD09B0 |
13_2_04CD09B0 |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Code function: 13_2_04CD2AF7 |
13_2_04CD2AF7 |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Code function: 13_2_053A0006 |
13_2_053A0006 |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Code function: 13_2_053A0040 |
13_2_053A0040 |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Code function: 13_2_063A9880 |
13_2_063A9880 |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Code function: 13_2_063AC710 |
13_2_063AC710 |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Code function: 13_2_063A5440 |
13_2_063A5440 |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Code function: 13_2_063A8518 |
13_2_063A8518 |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Code function: 13_2_063A850A |
13_2_063A850A |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Code function: 13_2_063A9875 |
13_2_063A9875 |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Code function: 13_2_063AB1B8 |
13_2_063AB1B8 |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Code function: 13_2_063AB1AC |
13_2_063AB1AC |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Code function: 13_2_063AD1D8 |
13_2_063AD1D8 |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Code function: 13_2_063AD1C9 |
13_2_063AD1C9 |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Code function: 14_2_01220B60 |
14_2_01220B60 |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Code function: 15_2_010A0B60 |
15_2_010A0B60 |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Code function: 16_2_01540B60 |
16_2_01540B60 |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Code function: 17_2_01310B60 |
17_2_01310B60 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 23_2_026B5A50 |
23_2_026B5A50 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 23_2_026B6378 |
23_2_026B6378 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 23_2_026B0848 |
23_2_026B0848 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 23_2_026BB450 |
23_2_026BB450 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 23_2_026B7CB8 |
23_2_026B7CB8 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 23_2_026BC970 |
23_2_026BC970 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 23_2_026B3D2A |
23_2_026B3D2A |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 23_2_026B6DDB |
23_2_026B6DDB |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 23_2_026BB190 |
23_2_026BB190 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 23_2_026B9E00 |
23_2_026B9E00 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 23_2_026B4EA8 |
23_2_026B4EA8 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 23_2_026BA2B0 |
23_2_026BA2B0 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 23_2_026B4E98 |
23_2_026B4E98 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 23_2_026B9758 |
23_2_026B9758 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 23_2_026BAB50 |
23_2_026BAB50 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 23_2_026B07C7 |
23_2_026B07C7 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 23_2_026B8B88 |
23_2_026B8B88 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 23_2_026BA038 |
23_2_026BA038 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 23_2_026BFC88 |
23_2_026BFC88 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 23_2_026BED48 |
23_2_026BED48 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 23_2_026B5936 |
23_2_026B5936 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 23_2_026B59A8 |
23_2_026B59A8 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 23_2_026B3DB2 |
23_2_026B3DB2 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 23_2_04977D28 |
23_2_04977D28 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 23_2_0497D550 |
23_2_0497D550 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 23_2_04975E20 |
23_2_04975E20 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 23_2_0497D8C8 |
23_2_0497D8C8 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 23_2_04972B08 |
23_2_04972B08 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 23_2_0497F340 |
23_2_0497F340 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 23_2_04970CB0 |
23_2_04970CB0 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 23_2_0497ED90 |
23_2_0497ED90 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 23_2_0497AD60 |
23_2_0497AD60 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 23_2_0497BE90 |
23_2_0497BE90 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 23_2_04971698 |
23_2_04971698 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 23_2_04971688 |
23_2_04971688 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 23_2_0497E660 |
23_2_0497E660 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 23_2_0497DF38 |
23_2_0497DF38 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 23_2_04971080 |
23_2_04971080 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 23_2_0497C0C8 |
23_2_0497C0C8 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 23_2_049770F8 |
23_2_049770F8 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 23_2_04977020 |
23_2_04977020 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 23_2_04971073 |
23_2_04971073 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 23_2_049709B0 |
23_2_049709B0 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 23_2_049709C0 |
23_2_049709C0 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 23_2_04972AF7 |
23_2_04972AF7 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 23_2_06010007 |
23_2_06010007 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 23_2_06010027 |
23_2_06010027 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 23_2_06010040 |
23_2_06010040 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 23_2_07250D98 |
23_2_07250D98 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 23_2_07255440 |
23_2_07255440 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 23_2_07259880 |
23_2_07259880 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 23_2_0725C710 |
23_2_0725C710 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 23_2_07258509 |
23_2_07258509 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 23_2_07258518 |
23_2_07258518 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 23_2_0725B1AC |
23_2_0725B1AC |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 23_2_0725B1B8 |
23_2_0725B1B8 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 23_2_0725D1C9 |
23_2_0725D1C9 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 23_2_0725D1D8 |
23_2_0725D1D8 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 23_2_07259875 |
23_2_07259875 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 24_2_03070B60 |
24_2_03070B60 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 25_2_01240B60 |
25_2_01240B60 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 26_2_01220B60 |
26_2_01220B60 |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Code function: 27_2_01950B60 |
27_2_01950B60 |
| Source: unknown |
Process created: C:\Users\user\Desktop\vkXe5gkY34.exe "C:\Users\user\Desktop\vkXe5gkY34.exe" |
|
| Source: C:\Users\user\Desktop\vkXe5gkY34.exe |
Process created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Roaming\eystsdf.cmd" " |
|
| Source: C:\Windows\SysWOW64\cmd.exe |
Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 |
|
| Source: C:\Windows\SysWOW64\cmd.exe |
Process created: C:\Users\user\AppData\Roaming\efthfxj.sfx.exe efthfxj.sfx.exe -pgtrfdewscbsdyethnymkdesppodtyuhngfszafugyRhvqxsdfHbgnmeG -dC:\Users\user\AppData\Roaming |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.sfx.exe |
Process created: C:\Users\user\AppData\Roaming\efthfxj.exe "C:\Users\user\AppData\Roaming\efthfxj.exe" |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process created: C:\Users\user\AppData\Roaming\efthfxj.exe C:\Users\user\AppData\Roaming\efthfxj.exe |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process created: C:\Users\user\AppData\Roaming\efthfxj.exe C:\Users\user\AppData\Roaming\efthfxj.exe |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process created: C:\Users\user\AppData\Roaming\efthfxj.exe C:\Users\user\AppData\Roaming\efthfxj.exe |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process created: C:\Users\user\AppData\Roaming\efthfxj.exe C:\Users\user\AppData\Roaming\efthfxj.exe |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 3504 -s 80 |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process created: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe "C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe" |
|
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process created: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
|
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process created: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
|
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process created: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
|
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process created: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process created: C:\Windows\SysWOW64\schtasks.exe "schtasks.exe" /Create /TN "HDdisplay" /XML "C:\Users\user\AppData\Local\Temp\tmp3BF9.tmp" /F |
|
| Source: C:\Windows\SysWOW64\schtasks.exe |
Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 |
|
| Source: unknown |
Process created: C:\Users\user\AppData\Roaming\efthfxj.exe C:\Users\user\AppData\Roaming\efthfxj.exe |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process created: C:\Users\user\AppData\Roaming\efthfxj.exe C:\Users\user\AppData\Roaming\efthfxj.exe |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process created: C:\Users\user\AppData\Roaming\efthfxj.exe C:\Users\user\AppData\Roaming\efthfxj.exe |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process created: C:\Users\user\AppData\Roaming\efthfxj.exe C:\Users\user\AppData\Roaming\efthfxj.exe |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process created: C:\Users\user\AppData\Roaming\efthfxj.exe C:\Users\user\AppData\Roaming\efthfxj.exe |
|
| Source: C:\Users\user\Desktop\vkXe5gkY34.exe |
Process created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Roaming\eystsdf.cmd" " |
Jump to behavior |
| Source: C:\Windows\SysWOW64\cmd.exe |
Process created: C:\Users\user\AppData\Roaming\efthfxj.sfx.exe efthfxj.sfx.exe -pgtrfdewscbsdyethnymkdesppodtyuhngfszafugyRhvqxsdfHbgnmeG -dC:\Users\user\AppData\Roaming |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.sfx.exe |
Process created: C:\Users\user\AppData\Roaming\efthfxj.exe "C:\Users\user\AppData\Roaming\efthfxj.exe" |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process created: C:\Users\user\AppData\Roaming\efthfxj.exe C:\Users\user\AppData\Roaming\efthfxj.exe |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process created: C:\Users\user\AppData\Roaming\efthfxj.exe C:\Users\user\AppData\Roaming\efthfxj.exe |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process created: C:\Users\user\AppData\Roaming\efthfxj.exe C:\Users\user\AppData\Roaming\efthfxj.exe |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process created: C:\Users\user\AppData\Roaming\efthfxj.exe C:\Users\user\AppData\Roaming\efthfxj.exe |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process created: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe "C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe" |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process created: C:\Windows\SysWOW64\schtasks.exe "schtasks.exe" /Create /TN "HDdisplay" /XML "C:\Users\user\AppData\Local\Temp\tmp3BF9.tmp" /F |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process created: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process created: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process created: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process created: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process created: C:\Users\user\AppData\Roaming\efthfxj.exe C:\Users\user\AppData\Roaming\efthfxj.exe |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process created: C:\Users\user\AppData\Roaming\efthfxj.exe C:\Users\user\AppData\Roaming\efthfxj.exe |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process created: C:\Users\user\AppData\Roaming\efthfxj.exe C:\Users\user\AppData\Roaming\efthfxj.exe |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process created: C:\Users\user\AppData\Roaming\efthfxj.exe C:\Users\user\AppData\Roaming\efthfxj.exe |
|
| Source: C:\Users\user\Desktop\vkXe5gkY34.exe |
Section loaded: <pi-ms-win-core-synch-l1-2-0.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\vkXe5gkY34.exe |
Section loaded: <pi-ms-win-core-fibers-l1-1-1.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\vkXe5gkY34.exe |
Section loaded: <pi-ms-win-core-synch-l1-2-0.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\vkXe5gkY34.exe |
Section loaded: <pi-ms-win-core-fibers-l1-1-1.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\vkXe5gkY34.exe |
Section loaded: <pi-ms-win-core-localization-l1-2-1.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\vkXe5gkY34.exe |
Section loaded: version.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\vkXe5gkY34.exe |
Section loaded: dxgidebug.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\vkXe5gkY34.exe |
Section loaded: sfc_os.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\vkXe5gkY34.exe |
Section loaded: sspicli.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\vkXe5gkY34.exe |
Section loaded: rsaenh.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\vkXe5gkY34.exe |
Section loaded: uxtheme.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\vkXe5gkY34.exe |
Section loaded: dwmapi.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\vkXe5gkY34.exe |
Section loaded: cryptbase.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\vkXe5gkY34.exe |
Section loaded: riched20.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\vkXe5gkY34.exe |
Section loaded: usp10.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\vkXe5gkY34.exe |
Section loaded: msls31.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\vkXe5gkY34.exe |
Section loaded: kernel.appcore.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\vkXe5gkY34.exe |
Section loaded: windowscodecs.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\vkXe5gkY34.exe |
Section loaded: textshaping.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\vkXe5gkY34.exe |
Section loaded: textinputframework.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\vkXe5gkY34.exe |
Section loaded: coreuicomponents.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\vkXe5gkY34.exe |
Section loaded: coremessaging.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\vkXe5gkY34.exe |
Section loaded: ntmarta.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\vkXe5gkY34.exe |
Section loaded: coremessaging.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\vkXe5gkY34.exe |
Section loaded: wintypes.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\vkXe5gkY34.exe |
Section loaded: wintypes.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\vkXe5gkY34.exe |
Section loaded: wintypes.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\vkXe5gkY34.exe |
Section loaded: windows.storage.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\vkXe5gkY34.exe |
Section loaded: wldp.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\vkXe5gkY34.exe |
Section loaded: propsys.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\vkXe5gkY34.exe |
Section loaded: profapi.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\vkXe5gkY34.exe |
Section loaded: edputil.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\vkXe5gkY34.exe |
Section loaded: urlmon.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\vkXe5gkY34.exe |
Section loaded: iertutil.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\vkXe5gkY34.exe |
Section loaded: srvcli.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\vkXe5gkY34.exe |
Section loaded: netutils.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\vkXe5gkY34.exe |
Section loaded: windows.staterepositoryps.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\vkXe5gkY34.exe |
Section loaded: appresolver.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\vkXe5gkY34.exe |
Section loaded: bcp47langs.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\vkXe5gkY34.exe |
Section loaded: slc.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\vkXe5gkY34.exe |
Section loaded: userenv.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\vkXe5gkY34.exe |
Section loaded: sppc.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\vkXe5gkY34.exe |
Section loaded: onecorecommonproxystub.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\vkXe5gkY34.exe |
Section loaded: onecoreuapcommonproxystub.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\vkXe5gkY34.exe |
Section loaded: pcacli.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\vkXe5gkY34.exe |
Section loaded: mpr.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\cmd.exe |
Section loaded: cmdext.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\cmd.exe |
Section loaded: apphelp.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.sfx.exe |
Section loaded: <pi-ms-win-core-synch-l1-2-0.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.sfx.exe |
Section loaded: <pi-ms-win-core-fibers-l1-1-1.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.sfx.exe |
Section loaded: <pi-ms-win-core-synch-l1-2-0.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.sfx.exe |
Section loaded: <pi-ms-win-core-fibers-l1-1-1.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.sfx.exe |
Section loaded: <pi-ms-win-core-localization-l1-2-1.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.sfx.exe |
Section loaded: version.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.sfx.exe |
Section loaded: dxgidebug.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.sfx.exe |
Section loaded: sfc_os.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.sfx.exe |
Section loaded: sspicli.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.sfx.exe |
Section loaded: rsaenh.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.sfx.exe |
Section loaded: uxtheme.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.sfx.exe |
Section loaded: dwmapi.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.sfx.exe |
Section loaded: cryptbase.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.sfx.exe |
Section loaded: riched20.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.sfx.exe |
Section loaded: usp10.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.sfx.exe |
Section loaded: msls31.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.sfx.exe |
Section loaded: kernel.appcore.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.sfx.exe |
Section loaded: dpapi.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.sfx.exe |
Section loaded: windowscodecs.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.sfx.exe |
Section loaded: textshaping.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.sfx.exe |
Section loaded: textinputframework.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.sfx.exe |
Section loaded: coreuicomponents.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.sfx.exe |
Section loaded: coremessaging.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.sfx.exe |
Section loaded: ntmarta.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.sfx.exe |
Section loaded: wintypes.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.sfx.exe |
Section loaded: wintypes.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.sfx.exe |
Section loaded: wintypes.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.sfx.exe |
Section loaded: windows.storage.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.sfx.exe |
Section loaded: wldp.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.sfx.exe |
Section loaded: propsys.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.sfx.exe |
Section loaded: profapi.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.sfx.exe |
Section loaded: edputil.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.sfx.exe |
Section loaded: urlmon.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.sfx.exe |
Section loaded: iertutil.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.sfx.exe |
Section loaded: srvcli.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.sfx.exe |
Section loaded: netutils.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.sfx.exe |
Section loaded: windows.staterepositoryps.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.sfx.exe |
Section loaded: appresolver.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.sfx.exe |
Section loaded: bcp47langs.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.sfx.exe |
Section loaded: slc.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.sfx.exe |
Section loaded: userenv.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.sfx.exe |
Section loaded: sppc.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.sfx.exe |
Section loaded: onecorecommonproxystub.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.sfx.exe |
Section loaded: onecoreuapcommonproxystub.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.sfx.exe |
Section loaded: apphelp.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.sfx.exe |
Section loaded: pcacli.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.sfx.exe |
Section loaded: mpr.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.sfx.exe |
Section loaded: msasn1.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: mscoree.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: apphelp.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: kernel.appcore.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: version.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: vcruntime140_clr0400.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: ucrtbase_clr0400.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: ucrtbase_clr0400.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: uxtheme.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: wldp.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: amsi.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: userenv.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: profapi.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: msasn1.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: gpapi.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: cryptsp.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: rsaenh.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: cryptbase.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: mscoree.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: kernel.appcore.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: version.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: vcruntime140_clr0400.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: ucrtbase_clr0400.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: ucrtbase_clr0400.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: ntmarta.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: uxtheme.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: windows.storage.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: wldp.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: propsys.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: profapi.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: edputil.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: urlmon.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: iertutil.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: srvcli.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: netutils.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: windows.staterepositoryps.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: sspicli.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: wintypes.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: appresolver.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: bcp47langs.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: slc.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: userenv.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: sppc.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: onecorecommonproxystub.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: onecoreuapcommonproxystub.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: apphelp.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: mscoree.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: kernel.appcore.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: version.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: vcruntime140_clr0400.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: ucrtbase_clr0400.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: ucrtbase_clr0400.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: windows.storage.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: wldp.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: profapi.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: cryptsp.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: rsaenh.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: cryptbase.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: mswsock.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: mscoree.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: kernel.appcore.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: version.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: vcruntime140_clr0400.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: ucrtbase_clr0400.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Section loaded: mscoree.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Section loaded: apphelp.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Section loaded: kernel.appcore.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Section loaded: version.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Section loaded: vcruntime140_clr0400.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Section loaded: ucrtbase_clr0400.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Section loaded: ucrtbase_clr0400.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Section loaded: uxtheme.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Section loaded: wldp.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Section loaded: amsi.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Section loaded: userenv.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Section loaded: profapi.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Section loaded: msasn1.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Section loaded: gpapi.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Section loaded: cryptsp.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Section loaded: rsaenh.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Section loaded: cryptbase.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Section loaded: mscoree.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Section loaded: kernel.appcore.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Section loaded: version.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Section loaded: vcruntime140_clr0400.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Section loaded: ucrtbase_clr0400.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Section loaded: mscoree.dll |
|
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Section loaded: kernel.appcore.dll |
|
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Section loaded: version.dll |
|
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Section loaded: vcruntime140_clr0400.dll |
|
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Section loaded: ucrtbase_clr0400.dll |
|
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Section loaded: mscoree.dll |
|
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Section loaded: kernel.appcore.dll |
|
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Section loaded: version.dll |
|
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Section loaded: vcruntime140_clr0400.dll |
|
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Section loaded: ucrtbase_clr0400.dll |
|
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Section loaded: ucrtbase_clr0400.dll |
|
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Section loaded: mscoree.dll |
|
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Section loaded: kernel.appcore.dll |
|
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Section loaded: version.dll |
|
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Section loaded: vcruntime140_clr0400.dll |
|
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Section loaded: ucrtbase_clr0400.dll |
|
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Section loaded: ucrtbase_clr0400.dll |
|
| Source: C:\Windows\SysWOW64\schtasks.exe |
Section loaded: kernel.appcore.dll |
|
| Source: C:\Windows\SysWOW64\schtasks.exe |
Section loaded: taskschd.dll |
|
| Source: C:\Windows\SysWOW64\schtasks.exe |
Section loaded: sspicli.dll |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: mscoree.dll |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: kernel.appcore.dll |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: version.dll |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: vcruntime140_clr0400.dll |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: ucrtbase_clr0400.dll |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: ucrtbase_clr0400.dll |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: uxtheme.dll |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: wldp.dll |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: amsi.dll |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: userenv.dll |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: profapi.dll |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: msasn1.dll |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: gpapi.dll |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: cryptsp.dll |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: rsaenh.dll |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: cryptbase.dll |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: mscoree.dll |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: kernel.appcore.dll |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: version.dll |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: vcruntime140_clr0400.dll |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: ucrtbase_clr0400.dll |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: mscoree.dll |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: kernel.appcore.dll |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: version.dll |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: vcruntime140_clr0400.dll |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: ucrtbase_clr0400.dll |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: ucrtbase_clr0400.dll |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: mscoree.dll |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: kernel.appcore.dll |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: version.dll |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: vcruntime140_clr0400.dll |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: ucrtbase_clr0400.dll |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: ucrtbase_clr0400.dll |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: mscoree.dll |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: kernel.appcore.dll |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: version.dll |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: vcruntime140_clr0400.dll |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: ucrtbase_clr0400.dll |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Section loaded: ucrtbase_clr0400.dll |
|
| Source: C:\Users\user\Desktop\vkXe5gkY34.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Windows\SysWOW64\cmd.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.sfx.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Windows\SysWOW64\WerFault.exe |
Process information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX |
Jump to behavior |
| Source: C:\Windows\SysWOW64\WerFault.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Windows\SysWOW64\WerFault.exe |
Process information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX |
Jump to behavior |
| Source: C:\Windows\SysWOW64\WerFault.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Windows\SysWOW64\WerFault.exe |
Process information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX |
Jump to behavior |
| Source: C:\Windows\SysWOW64\WerFault.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Windows\SysWOW64\WerFault.exe |
Process information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX |
Jump to behavior |
| Source: C:\Windows\SysWOW64\WerFault.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Windows\SysWOW64\WerFault.exe |
Process information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Process information set: NOOPENFILEERRORBOX |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Memory allocated: FB0000 memory reserve | memory write watch |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Memory allocated: 2A60000 memory reserve | memory write watch |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Memory allocated: 4A60000 memory reserve | memory write watch |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Memory allocated: 5150000 memory reserve | memory write watch |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Memory allocated: 6150000 memory reserve | memory write watch |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Memory allocated: 6280000 memory reserve | memory write watch |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Memory allocated: 7280000 memory reserve | memory write watch |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Memory allocated: 75D0000 memory reserve | memory write watch |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Memory allocated: 85D0000 memory reserve | memory write watch |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Memory allocated: 95D0000 memory reserve | memory write watch |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Memory allocated: A850000 memory reserve | memory write watch |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Memory allocated: B850000 memory reserve | memory write watch |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Memory allocated: BCE0000 memory reserve | memory write watch |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Memory allocated: CCE0000 memory reserve | memory write watch |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Memory allocated: 5150000 memory reserve | memory write watch |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Memory allocated: 6280000 memory reserve | memory write watch |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Memory allocated: 75D0000 memory reserve | memory write watch |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Memory allocated: 85D0000 memory reserve | memory write watch |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Memory allocated: 95D0000 memory reserve | memory write watch |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Memory allocated: 25E0000 memory reserve | memory write watch |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Memory allocated: 2800000 memory reserve | memory write watch |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Memory allocated: 2750000 memory reserve | memory write watch |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Memory allocated: A60000 memory reserve | memory write watch |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Memory allocated: 27A0000 memory reserve | memory write watch |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Memory allocated: 47A0000 memory reserve | memory write watch |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Memory allocated: E40000 memory reserve | memory write watch |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Memory allocated: 27F0000 memory reserve | memory write watch |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Memory allocated: 47F0000 memory reserve | memory write watch |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Memory allocated: 2C30000 memory reserve | memory write watch |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Memory allocated: 2C50000 memory reserve | memory write watch |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Memory allocated: 4C50000 memory reserve | memory write watch |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Memory allocated: 5360000 memory reserve | memory write watch |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Memory allocated: 6360000 memory reserve | memory write watch |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Memory allocated: 6490000 memory reserve | memory write watch |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Memory allocated: 7490000 memory reserve | memory write watch |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Memory allocated: 77E0000 memory reserve | memory write watch |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Memory allocated: 87E0000 memory reserve | memory write watch |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Memory allocated: 5360000 memory reserve | memory write watch |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Memory allocated: 87E0000 memory reserve | memory write watch |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Memory allocated: 98E0000 memory reserve | memory write watch |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Memory allocated: 77E0000 memory reserve | memory write watch |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Memory allocated: A8E0000 memory reserve | memory write watch |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Memory allocated: 6AD0000 memory reserve | memory write watch |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Memory allocated: 5360000 memory reserve | memory write watch |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Memory allocated: 1220000 memory reserve | memory write watch |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Memory allocated: 2C10000 memory reserve | memory write watch |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Memory allocated: 4C10000 memory reserve | memory write watch |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Memory allocated: 10A0000 memory reserve | memory write watch |
|
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Memory allocated: 2B40000 memory reserve | memory write watch |
|
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Memory allocated: 4B40000 memory reserve | memory write watch |
|
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Memory allocated: 1540000 memory reserve | memory write watch |
|
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Memory allocated: 2DD0000 memory reserve | memory write watch |
|
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Memory allocated: 2BC0000 memory reserve | memory write watch |
|
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Memory allocated: 1310000 memory reserve | memory write watch |
|
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Memory allocated: 2FC0000 memory reserve | memory write watch |
|
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Memory allocated: 4FC0000 memory reserve | memory write watch |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Memory allocated: 2610000 memory reserve | memory write watch |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Memory allocated: 28F0000 memory reserve | memory write watch |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Memory allocated: 48F0000 memory reserve | memory write watch |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Memory allocated: 4FC0000 memory reserve | memory write watch |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Memory allocated: 5FC0000 memory reserve | memory write watch |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Memory allocated: 60F0000 memory reserve | memory write watch |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Memory allocated: 70F0000 memory reserve | memory write watch |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Memory allocated: 7440000 memory reserve | memory write watch |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Memory allocated: 8440000 memory reserve | memory write watch |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Memory allocated: 4FC0000 memory reserve | memory write watch |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Memory allocated: 60F0000 memory reserve | memory write watch |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Memory allocated: 7440000 memory reserve | memory write watch |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Memory allocated: 9640000 memory reserve | memory write watch |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Memory allocated: A640000 memory reserve | memory write watch |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Memory allocated: 8940000 memory reserve | memory write watch |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Memory allocated: B640000 memory reserve | memory write watch |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Memory allocated: 4FC0000 memory reserve | memory write watch |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Memory allocated: 5FD0000 memory reserve | memory write watch |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Memory allocated: 7440000 memory reserve | memory write watch |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Memory allocated: 3070000 memory reserve | memory write watch |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Memory allocated: 31F0000 memory reserve | memory write watch |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Memory allocated: 51F0000 memory reserve | memory write watch |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Memory allocated: 1240000 memory reserve | memory write watch |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Memory allocated: 2BB0000 memory reserve | memory write watch |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Memory allocated: 4BB0000 memory reserve | memory write watch |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Memory allocated: 1220000 memory reserve | memory write watch |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Memory allocated: 2FA0000 memory reserve | memory write watch |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Memory allocated: 2EA0000 memory reserve | memory write watch |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Memory allocated: 1950000 memory reserve | memory write watch |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Memory allocated: 32D0000 memory reserve | memory write watch |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Memory allocated: 52D0000 memory reserve | memory write watch |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe TID: 5504 |
Thread sleep time: -922337203685477s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe TID: 6540 |
Thread sleep time: -922337203685477s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe TID: 3376 |
Thread sleep count: 31 > 30 |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe TID: 3376 |
Thread sleep time: -28592453314249787s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe TID: 3376 |
Thread sleep time: -60400s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe TID: 6528 |
Thread sleep count: 1248 > 30 |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe TID: 3376 |
Thread sleep time: -60275s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe TID: 6528 |
Thread sleep count: 8607 > 30 |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe TID: 3376 |
Thread sleep time: -60163s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe TID: 3376 |
Thread sleep time: -60051s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe TID: 3376 |
Thread sleep time: -59931s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe TID: 3376 |
Thread sleep time: -59814s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe TID: 3376 |
Thread sleep time: -59666s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe TID: 3376 |
Thread sleep time: -59521s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe TID: 3376 |
Thread sleep time: -59400s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe TID: 3376 |
Thread sleep time: -59290s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe TID: 3376 |
Thread sleep time: -58977s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe TID: 3376 |
Thread sleep time: -58869s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe TID: 3376 |
Thread sleep time: -58759s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe TID: 3376 |
Thread sleep time: -58650s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe TID: 3376 |
Thread sleep time: -58540s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe TID: 3376 |
Thread sleep time: -58431s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe TID: 3376 |
Thread sleep time: -58322s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe TID: 3376 |
Thread sleep time: -58213s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe TID: 3376 |
Thread sleep time: -58103s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe TID: 3376 |
Thread sleep time: -57994s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe TID: 3376 |
Thread sleep time: -57885s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe TID: 3376 |
Thread sleep time: -57775s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe TID: 3376 |
Thread sleep time: -57666s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe TID: 3376 |
Thread sleep time: -57556s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe TID: 3376 |
Thread sleep time: -57447s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe TID: 3376 |
Thread sleep time: -57338s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe TID: 3376 |
Thread sleep time: -57228s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe TID: 3376 |
Thread sleep time: -57115s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe TID: 3376 |
Thread sleep time: -56994s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe TID: 3376 |
Thread sleep time: -56861s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe TID: 3376 |
Thread sleep time: -56728s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe TID: 3376 |
Thread sleep time: -56616s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe TID: 3376 |
Thread sleep time: -56508s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe TID: 3376 |
Thread sleep time: -56398s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe TID: 3376 |
Thread sleep time: -56291s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe TID: 3376 |
Thread sleep time: -56181s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe TID: 3376 |
Thread sleep time: -56072s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe TID: 3376 |
Thread sleep time: -55963s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe TID: 3376 |
Thread sleep time: -55853s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe TID: 3376 |
Thread sleep time: -55744s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe TID: 3376 |
Thread sleep time: -55634s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe TID: 3376 |
Thread sleep time: -55525s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe TID: 3376 |
Thread sleep time: -55415s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe TID: 3376 |
Thread sleep time: -55306s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe TID: 3376 |
Thread sleep time: -55197s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe TID: 3376 |
Thread sleep time: -55088s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe TID: 3376 |
Thread sleep time: -54978s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe TID: 3376 |
Thread sleep time: -54869s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe TID: 3376 |
Thread sleep time: -54759s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe TID: 3376 |
Thread sleep time: -54650s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe TID: 6204 |
Thread sleep time: -922337203685477s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe TID: 6256 |
Thread sleep time: -922337203685477s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe TID: 5908 |
Thread sleep time: -922337203685477s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe TID: 7172 |
Thread sleep time: -922337203685477s >= -30000s |
|
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe TID: 7204 |
Thread sleep time: -922337203685477s >= -30000s |
|
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe TID: 7240 |
Thread sleep time: -922337203685477s >= -30000s |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe TID: 7760 |
Thread sleep time: -922337203685477s >= -30000s |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe TID: 7844 |
Thread sleep time: -922337203685477s >= -30000s |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe TID: 7864 |
Thread sleep time: -922337203685477s >= -30000s |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe TID: 7912 |
Thread sleep time: -922337203685477s >= -30000s |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe TID: 7920 |
Thread sleep time: -922337203685477s >= -30000s |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Thread delayed: delay time: 922337203685477 |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Thread delayed: delay time: 922337203685477 |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Thread delayed: delay time: 922337203685477 |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Thread delayed: delay time: 60400 |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Thread delayed: delay time: 60275 |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Thread delayed: delay time: 60163 |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Thread delayed: delay time: 60051 |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Thread delayed: delay time: 59931 |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Thread delayed: delay time: 59814 |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Thread delayed: delay time: 59666 |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Thread delayed: delay time: 59521 |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Thread delayed: delay time: 59400 |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Thread delayed: delay time: 59290 |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Thread delayed: delay time: 58977 |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Thread delayed: delay time: 58869 |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Thread delayed: delay time: 58759 |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Thread delayed: delay time: 58650 |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Thread delayed: delay time: 58540 |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Thread delayed: delay time: 58431 |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Thread delayed: delay time: 58322 |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Thread delayed: delay time: 58213 |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Thread delayed: delay time: 58103 |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Thread delayed: delay time: 57994 |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Thread delayed: delay time: 57885 |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Thread delayed: delay time: 57775 |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Thread delayed: delay time: 57666 |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Thread delayed: delay time: 57556 |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Thread delayed: delay time: 57447 |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Thread delayed: delay time: 57338 |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Thread delayed: delay time: 57228 |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Thread delayed: delay time: 57115 |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Thread delayed: delay time: 56994 |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Thread delayed: delay time: 56861 |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Thread delayed: delay time: 56728 |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Thread delayed: delay time: 56616 |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Thread delayed: delay time: 56508 |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Thread delayed: delay time: 56398 |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Thread delayed: delay time: 56291 |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Thread delayed: delay time: 56181 |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Thread delayed: delay time: 56072 |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Thread delayed: delay time: 55963 |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Thread delayed: delay time: 55853 |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Thread delayed: delay time: 55744 |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Thread delayed: delay time: 55634 |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Thread delayed: delay time: 55525 |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Thread delayed: delay time: 55415 |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Thread delayed: delay time: 55306 |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Thread delayed: delay time: 55197 |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Thread delayed: delay time: 55088 |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Thread delayed: delay time: 54978 |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Thread delayed: delay time: 54869 |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Thread delayed: delay time: 54759 |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Thread delayed: delay time: 54650 |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Thread delayed: delay time: 922337203685477 |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Thread delayed: delay time: 922337203685477 |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Thread delayed: delay time: 922337203685477 |
Jump to behavior |
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Thread delayed: delay time: 922337203685477 |
|
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Thread delayed: delay time: 922337203685477 |
|
| Source: C:\Users\user\AppData\Roaming\XenoManager\efthfxj.exe |
Thread delayed: delay time: 922337203685477 |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Thread delayed: delay time: 922337203685477 |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Thread delayed: delay time: 922337203685477 |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Thread delayed: delay time: 922337203685477 |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Thread delayed: delay time: 922337203685477 |
|
| Source: C:\Users\user\AppData\Roaming\efthfxj.exe |
Thread delayed: delay time: 922337203685477 |
|
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet