Edit tour

Windows Analysis Report
Unlimited HEIC Converter Installer.exe

Overview

General Information

Sample name:	Unlimited HEIC Converter Installer.exe
Analysis ID:	1546791
MD5:	5a0c501219ce6252e84ecd38d1e7bf3d
SHA1:	cada316be26dbdcc7d4036a85431b2c0a94f8f54
SHA256:	d7737ed305e02b560d5a03c88fbd76115d7a217cf300ef3e320265910c3d2106

Detection

Score:	3
Range:	0 - 100
Whitelisted:	false
Confidence:	40%

Signatures

Allocates memory with a write watch (potentially for evading sandboxes)

Binary contains a suspicious time stamp

Contains long sleeps (>= 3 min)

Enables debug privileges

Found a high number of Window / User specific system calls (may be a loop to detect user behavior)

May sleep (evasive loops) to hinder dynamic analysis

PE file contains an invalid checksum

Queries the volume information (name, serial number etc) of a device

Classification

Process Tree

System is w10x64_ra

Unlimited HEIC Converter Installer.exe (PID: 3628 cmdline: "C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe" MD5: 5A0C501219CE6252E84ECD38D1E7BF3D)

cleanup

Yara Signatures

⊘No yara matches

Sigma Signatures

⊘No Sigma rule has matched

Suricata Signatures

⊘No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: Unlimited HEIC Converter Installer.exe

Static PE information: certificate valid

Source: Unlimited HEIC Converter Installer.exe

Static PE information: HIGH_ENTROPY_VA, DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE

Source: classification engine

Classification label: clean3.winEXE@1/3@0/38

Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe

File created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WPF9C8D.tmp

Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Mutant created: NULL
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Mutant created: \Sessions\1\BaseNamedObjects\Global\{f6bec8ba-58ff-4dfc-9981-2ec5ebd23734}-9N3VRN5L9DNS

Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe

File created: C:\Users\user\AppData\Local\Temp\Tmp97D8.tmp

Source: Unlimited HEIC Converter Installer.exe

Static PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ

Source: Unlimited HEIC Converter Installer.exe

Static file information: TRID: Win32 Executable (generic) Net Framework (10011505/4) 50.01%

Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe

Key opened: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers

Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe

File read: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe

Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: mscoree.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: kernel.appcore.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: version.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: vcruntime140_clr0400.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: ucrtbase_clr0400.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: uxtheme.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: cryptsp.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: rsaenh.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: cryptbase.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: dwrite.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: msvcp140_clr0400.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: windows.storage.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: wldp.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: profapi.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: windows.applicationmodel.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: twinapi.appcore.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: wintypes.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: windows.globalization.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: bcp47langs.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: bcp47mrm.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: dwmapi.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: d3d9.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: d3d10warp.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: urlmon.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: iertutil.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: srvcli.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: netutils.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: windowscodecs.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: msasn1.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: msisip.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: wshext.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: appxsip.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: opcservices.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: esdsip.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: ncrypt.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: ntasn1.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: ncrypt.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: ntasn1.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: ncryptprov.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: wtsapi32.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: winsta.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: powrprof.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: umpdc.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: dataexchange.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: d3d11.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: dcomp.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: dxgi.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: resourcepolicyclient.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: dxcore.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: textshaping.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: winmm.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: textinputframework.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: coreuicomponents.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: coremessaging.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: ntmarta.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: msctfui.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: uiautomationcore.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: propsys.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: rasapi32.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: rasman.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: rtutils.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: d3dcompiler_47.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: mswsock.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: winhttp.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: ondemandconnroutehelper.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: iphlpapi.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: dhcpcsvc6.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: dhcpcsvc.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: dnsapi.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: winnsi.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: rasadhlp.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: fwpuclnt.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: wininet.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: sspicli.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: secur32.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: schannel.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: ondemandconnroutehelper.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: mskeyprotect.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: ncryptsslp.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: gpapi.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: windows.web.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: installservice.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: userenv.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: mpr.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: onecoreuapcommonproxystub.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: rometadata.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: slc.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: sppc.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: ieframe.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: netapi32.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: wkscli.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: windows.staterepositoryps.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: edputil.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: mlang.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: policymanager.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: msvcp110_win.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: twinui.appcore.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: execmodelproxy.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: mrmcorer.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: windows.staterepositorycore.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: windows.ui.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: windowmanagementapi.dll
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Section loaded: inputhost.dll

Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe

Key value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41945702-8302-44A6-9445-AC98E8AFA086}\InprocServer32

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe

File opened: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorrc.dll

Source: Unlimited HEIC Converter Installer.exe

Static PE information: certificate valid

Source: Unlimited HEIC Converter Installer.exe

Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR

Source: Unlimited HEIC Converter Installer.exe

Static file information: File size 1058336 > 1048576

Source: Unlimited HEIC Converter Installer.exe

Static PE information: HIGH_ENTROPY_VA, DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE

Source: Unlimited HEIC Converter Installer.exe

Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG

Source: Unlimited HEIC Converter Installer.exe

Static PE information: 0xD76DA577 [Thu Jul 13 00:40:23 2084 UTC]

Source: Unlimited HEIC Converter Installer.exe

Static PE information: real checksum: 0x10c5c5 should be: 0x110928

Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Process information set: NOOPENFILEERRORBOX

Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Memory allocated: 19732B70000 memory reserve \| memory write watch
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Memory allocated: 1974C620000 memory reserve \| memory write watch

Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Thread delayed: delay time: 922337203685477
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Thread delayed: delay time: 922337203685477
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Thread delayed: delay time: 599363
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Thread delayed: delay time: 599235
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Thread delayed: delay time: 599123
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Thread delayed: delay time: 599013
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Thread delayed: delay time: 598899
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Thread delayed: delay time: 598797
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Thread delayed: delay time: 598675
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Thread delayed: delay time: 598561
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Thread delayed: delay time: 598451
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Thread delayed: delay time: 598344
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Thread delayed: delay time: 598219
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Thread delayed: delay time: 598108
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Thread delayed: delay time: 597999
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Thread delayed: delay time: 597884
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Thread delayed: delay time: 597782
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Thread delayed: delay time: 597644
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Thread delayed: delay time: 597517
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Thread delayed: delay time: 597405
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Thread delayed: delay time: 597294
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Thread delayed: delay time: 597188
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Thread delayed: delay time: 597072
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Thread delayed: delay time: 596965
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Thread delayed: delay time: 596849
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Thread delayed: delay time: 596723
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Thread delayed: delay time: 596596
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Thread delayed: delay time: 596484
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Thread delayed: delay time: 596372
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Thread delayed: delay time: 922337203685477
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Thread delayed: delay time: 596264
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Thread delayed: delay time: 596150
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Thread delayed: delay time: 596047
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Thread delayed: delay time: 595912

Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Window / User API: threadDelayed 8657
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Window / User API: threadDelayed 669

Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe TID: 4092	Thread sleep time: -2767011611056431s >= -30000s
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe TID: 372	Thread sleep time: -2767011611056431s >= -30000s
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe TID: 4092	Thread sleep time: -599363s >= -30000s
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe TID: 4092	Thread sleep time: -599235s >= -30000s
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe TID: 4092	Thread sleep time: -599123s >= -30000s
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe TID: 4092	Thread sleep time: -599013s >= -30000s
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe TID: 4092	Thread sleep time: -598899s >= -30000s
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe TID: 4092	Thread sleep time: -598797s >= -30000s
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe TID: 4092	Thread sleep time: -598675s >= -30000s
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe TID: 4092	Thread sleep time: -598561s >= -30000s
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe TID: 4092	Thread sleep time: -598451s >= -30000s
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe TID: 4092	Thread sleep time: -598344s >= -30000s
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe TID: 4092	Thread sleep time: -598219s >= -30000s
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe TID: 4092	Thread sleep time: -598108s >= -30000s
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe TID: 4092	Thread sleep time: -597999s >= -30000s
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe TID: 4092	Thread sleep time: -597884s >= -30000s
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe TID: 4092	Thread sleep time: -597782s >= -30000s
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe TID: 4092	Thread sleep time: -597644s >= -30000s
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe TID: 4092	Thread sleep time: -597517s >= -30000s
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe TID: 4092	Thread sleep time: -597405s >= -30000s
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe TID: 4092	Thread sleep time: -597294s >= -30000s
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe TID: 4092	Thread sleep time: -597188s >= -30000s
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe TID: 4092	Thread sleep time: -597072s >= -30000s
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe TID: 4092	Thread sleep time: -596965s >= -30000s
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe TID: 4092	Thread sleep time: -596849s >= -30000s
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe TID: 4092	Thread sleep time: -596723s >= -30000s
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe TID: 4092	Thread sleep time: -596596s >= -30000s
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe TID: 4092	Thread sleep time: -596484s >= -30000s
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe TID: 4092	Thread sleep time: -596372s >= -30000s
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe TID: 372	Thread sleep time: -922337203685477s >= -30000s
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe TID: 4092	Thread sleep time: -596264s >= -30000s
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe TID: 4092	Thread sleep time: -596150s >= -30000s
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe TID: 4092	Thread sleep time: -596047s >= -30000s
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe TID: 4092	Thread sleep time: -595912s >= -30000s

Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Thread delayed: delay time: 922337203685477
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Thread delayed: delay time: 922337203685477
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Thread delayed: delay time: 599363
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Thread delayed: delay time: 599235
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Thread delayed: delay time: 599123
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Thread delayed: delay time: 599013
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Thread delayed: delay time: 598899
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Thread delayed: delay time: 598797
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Thread delayed: delay time: 598675
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Thread delayed: delay time: 598561
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Thread delayed: delay time: 598451
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Thread delayed: delay time: 598344
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Thread delayed: delay time: 598219
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Thread delayed: delay time: 598108
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Thread delayed: delay time: 597999
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Thread delayed: delay time: 597884
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Thread delayed: delay time: 597782
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Thread delayed: delay time: 597644
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Thread delayed: delay time: 597517
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Thread delayed: delay time: 597405
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Thread delayed: delay time: 597294
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Thread delayed: delay time: 597188
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Thread delayed: delay time: 597072
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Thread delayed: delay time: 596965
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Thread delayed: delay time: 596849
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Thread delayed: delay time: 596723
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Thread delayed: delay time: 596596
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Thread delayed: delay time: 596484
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Thread delayed: delay time: 596372
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Thread delayed: delay time: 922337203685477
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Thread delayed: delay time: 596264
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Thread delayed: delay time: 596150
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Thread delayed: delay time: 596047
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Thread delayed: delay time: 595912

Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe

Process token adjusted: Debug

Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe

Memory allocated: page read and write | page guard

Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Queries volume information: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe VolumeInformation
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Queries volume information: C:\Windows\System32\WinMetadata\Windows.Globalization.winmd VolumeInformation
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.dll VolumeInformation
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Controls.Ribbon\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Controls.Ribbon.dll VolumeInformation
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll VolumeInformation
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Internals\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Internals.dll VolumeInformation
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Queries volume information: C:\Windows\System32\WinMetadata\Windows.System.winmd VolumeInformation
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Queries volume information: C:\Windows\Fonts\segoeui.ttf VolumeInformation
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Queries volume information: C:\Windows\Fonts\seguili.ttf VolumeInformation
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Queries volume information: C:\Windows\Fonts\seguisli.ttf VolumeInformation
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Queries volume information: C:\Windows\Fonts\segoeuii.ttf VolumeInformation
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Queries volume information: C:\Windows\Fonts\seguisb.ttf VolumeInformation
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Queries volume information: C:\Windows\Fonts\seguisbi.ttf VolumeInformation
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Queries volume information: C:\Windows\Fonts\segoeuiz.ttf VolumeInformation
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Queries volume information: C:\Windows\System32\WinMetadata\Windows.Foundation.winmd VolumeInformation
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Queries volume information: C:\Windows\Fonts\seguibl.ttf VolumeInformation
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Queries volume information: C:\Windows\Fonts\seguibli.ttf VolumeInformation
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Queries volume information: C:\Windows\System32\WinMetadata\Windows.ApplicationModel.winmd VolumeInformation
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.InteropServices.WindowsRuntime\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.InteropServices.WindowsRuntime.dll VolumeInformation
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.WindowsRuntime\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.WindowsRuntime.dll VolumeInformation
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll VolumeInformation
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll VolumeInformation
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Queries volume information: C:\Windows\Fonts\segoeui.ttf VolumeInformation
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Queries volume information: C:\Windows\Fonts\seguisb.ttf VolumeInformation
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework-SystemXml\v4.0_4.0.0.0__b77a5c561934e089\PresentationFramework-SystemXml.dll VolumeInformation
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll VolumeInformation
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Queries volume information: C:\Windows\Fonts\seguisb.ttf VolumeInformation
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Queries volume information: C:\Windows\Fonts\seguisb.ttf VolumeInformation
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Queries volume information: C:\Windows\Fonts\seguisb.ttf VolumeInformation
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Queries volume information: C:\Windows\Fonts\segoeui.ttf VolumeInformation
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Queries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WPF9C8D.tmp VolumeInformation
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Queries volume information: C:\Windows\System32\WinMetadata\Windows.Data.winmd VolumeInformation
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Queries volume information: C:\Windows\Fonts\segoeui.ttf VolumeInformation
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Queries volume information: C:\Windows\Fonts\segoeui.ttf VolumeInformation
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Queries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WPFDCB2.tmp VolumeInformation
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Queries volume information: C:\Windows\Fonts\seguisb.ttf VolumeInformation
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Queries volume information: C:\Windows\Fonts\seguisb.ttf VolumeInformation
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Queries volume information: C:\Windows\Fonts\seguisb.ttf VolumeInformation
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Queries volume information: C:\Windows\Fonts\segoeui.ttf VolumeInformation
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Queries volume information: C:\Windows\Fonts\seguisb.ttf VolumeInformation
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Queries volume information: C:\Windows\Fonts\seguisb.ttf VolumeInformation
Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe	Queries volume information: C:\Windows\Fonts\segoeui.ttf VolumeInformation

Source: C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe

Key value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuid

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	Windows Management Instrumentation	1 DLL Side-Loading	1 DLL Side-Loading	1 Masquerading	OS Credential Dumping	32 Virtualization/Sandbox Evasion	Remote Services	Data from Local System	Data Obfuscation	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	Boot or Logon Initialization Scripts	1 Disable or Modify Tools	LSASS Memory	1 Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	Junk Data	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	32 Virtualization/Sandbox Evasion	Security Account Manager	12 System Information Discovery	SMB/Windows Admin Shares	Data from Network Shared Drive	Steganography	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	1 Timestomp	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	Protocol Impersonation	Traffic Duplication	Data Destruction
Gather Victim Network Information	Server	Cloud Accounts	Launchd	Network Logon Script	Network Logon Script	1 DLL Side-Loading	LSA Secrets	Internet Connection Discovery	SSH	Keylogging	Fallback Channels	Scheduled Transfer	Data Encrypted for Impact

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

⊘No Antivirus matches

Dropped Files

⊘No Antivirus matches

Unpacked PE Files

⊘No Antivirus matches

Domains

⊘No Antivirus matches

URLs

⊘No Antivirus matches

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Antivirus Detection	Reputation
fp2e7a.wpc.phicdn.net	192.229.221.95	true	false		unknown

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
184.28.90.29	unknown	United States	16625	AKAMAI-ASUS	false
20.82.154.241	unknown	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
23.32.185.103	unknown	United States	16625	AKAMAI-ASUS	false

General Information

Joe Sandbox version:	41.0.0 Charoite
Analysis ID:	1546791
Start date and time:	2024-11-01 15:49:42 +01:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	defaultwindowsinteractivecookbook.jbs
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	26
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	EGA enabled
Analysis Mode:	stream
Analysis stop reason:	Timeout
Sample name:	Unlimited HEIC Converter Installer.exe
Detection:	CLEAN
Classification:	clean3.winEXE@1/3@0/38
Cookbook Comments:	Found application associated with file extension: .exe

Warnings

Exclude process from analysis (whitelisted): dllhost.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 184.28.90.29, 23.32.185.103, 20.82.154.241
Excluded domains from analysis (whitelisted): storesdk.dsx.mp.microsoft.com.edgekey.net, e12564.dspb.akamaiedge.net, storesdk.dsx.mp.microsoft.com, rp-consumer-prod-displaycatalog-geomap.trafficmanager.net, store-images.s-microsoft.com, e16646.g.akamaiedge.net, storesdk.xbetservices.akadns.net, store-images.s-microsoft.com-c.edgekey.net, displaycatalog.mp.microsoft.com, displaycatalog-rp.md.mp.microsoft.com.akadns.net, neus1c-displaycatalog.frontdoor.bigcatalog.commerce.microsoft.com
Not all processes where analyzed, report is missing behavior information
Report size getting too big, too many NtAllocateVirtualMemory calls found.
Report size getting too big, too many NtOpenKeyEx calls found.
Report size getting too big, too many NtProtectVirtualMemory calls found.
Report size getting too big, too many NtQueryValueKey calls found.
Report size getting too big, too many NtReadVirtualMemory calls found.
VT rate limit hit for: Unlimited HEIC Converter Installer.exe

Created / dropped Files

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WPF9C8D.tmp

Download File

Process:	C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe
File Type:	PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	3649
Entropy (8bit):	7.925781063647787
Encrypted:	false
SSDEEP:
MD5:	D1C4F9EE4D634FC919EB2BAEC444F973
SHA1:	152DFDDCC0AF6466CD5363D9A09AE62392FE64F9
SHA-256:	EA65A8F873C2085B943A62A7B05444821A621B9830AE9EB7F446FA425BA1A8B2
SHA-512:	1386CBF2C3125B024C366BDC566B96741D1ACD279F8A1BD7AA53AED865FEBE4D1BDC0563978261C812C532250E283EEB884F99FE8C5A4E5D424633237D8B0FFC
Malicious:	false
Reputation:	unknown
Preview:	.PNG........IHDR...d...d.....p.T....pHYs..........o.d....IDATx..yp.......9..D.. .....".8u...Ve..t.N..U;....Z..a...bp...x...h.c....M...$ .....Iv7....=.o.I6.n..}h....{=.>.......OTx.Jj.+.< ...".< ...".r..\|..+...x<>.$....H$.j.......S.@dY.....a.v6."......U.&.Fc.z....2...RX...y..\|.`..&..`..&..`..&..`.....P.....$......3Q..X...EQ..C@.Y....C......+...0.466.....N..vjnjjj...U..75M.g..l.d2..) e>...\.......`..-..Y;....:..Tj.(]aY.....\(1.....l......mvWn.Tf..Q!O\9..8.....D0y@...D0y@...D0y@..K..).d....J..0..r.:.9....q.QT/.......3.\|...................W.\|.+...L.z.... ....9..f../G......(...2d....!m~..v..PFJ..>.9..V.Xqv.y...z..w.".....Gv....!Gg.>......\|~..n...M.4.9;u.!..K...cZ.-.N/.u9..... ....y3.....D0y@...D0y@...D0y@...D0...j.(."K8 &UI....J.L@(B..Su....H...._..5....0@..).V./.....f.g=..i."...........j.R....[&.......@...u.>U):...H&.}.cm.}.P.....i..qa,!.. .....\|.%...O&..cb<.=...$.g....%...(A9.D(F......IU[.g.H.A(2{.Hl(..dx35...@...0".....]L...d....y.{>...

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WPFDCB2.tmp

Download File

Process:	C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe
File Type:	PNG image data, 68 x 68, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	777
Entropy (8bit):	7.581516394833844
Encrypted:	false
SSDEEP:
MD5:	A5F45979E0C15389FDB29216EBB19BBF
SHA1:	7CD1E4338E4A0E40D79BDADB431D5F0AE9603DE6
SHA-256:	1B121A7E399FB053BF529883299B0BA0B958FA806CB0CD2B4D255BED58AA8492
SHA-512:	17267975D299B074B7167530ACF3B5C5A4D1D9AA7FF3040D39ACDB36FCE059CF246BEC7B83FBF35CFCA7AC75F00E7347DB6B79040AFE5C083B924552017083E6
Malicious:	false
Reputation:	unknown
Preview:	.PNG........IHDR...D...D.....8.......pHYs...........~.....IDATx..KC1..._8.. ].t... ......b....IT....I-..C......A..AA.\|..4.M^^............J.(.2=..t.wF.$.266.J....^..V."@../ .w3..qY.U7:....P...WOo....aM.>.j..y./.... L..,...I^@\|a....b..q.:........%i.m4@._....X...........%..u.p..PX.9.XL..\|.H.@.?....\..xm..3...&..~...HREa........b. ...e.@\|$M........ {..,l-$D......i...2.MP....:.tk@#..T.!..a.bP.$..Z.......>@0... C...+...E.3%w..nX...G..;.(...C..I.d....l2U.t<.).....$...L<.......2.....I{.,...=..KA"..H..k. .-.......TR.?&lj.k....D.....?.... ].?g.._....9..S.c.R.....J..G..%..lb ..j6.....!...4..&S(...........A.....J...2@.k>@Z.......h-D.#....... ......... t...3$.`.............4..&.N..Lg...m..2t).J.B.P..".3!.bZV.5.A).2.+T_:R..T.0......c....s0P....IEND.B`.

C:\Users\user\AppData\Local\Temp\Tmp97F8.tmp

Download File

Process:	C:\Users\user\Desktop\Unlimited HEIC Converter Installer.exe
File Type:	ASCII text, with very long lines (1136), with no line terminators
Category:	dropped
Size (bytes):	1136
Entropy (8bit):	5.884313058724772
Encrypted:	false
SSDEEP:
MD5:	A10F31FA140F2608FF150125F3687920
SHA1:	EC411CC7005AAA8E3775CF105FCD4E1239F8ED4B
SHA-256:	28C871238311D40287C51DC09AEE6510CAC5306329981777071600B1112286C6
SHA-512:	CF915FB34CD5ECFBD6B25171D6E0D3D09AF2597EDF29F9F24FA474685D4C5EC9BC742ADE9F29ABAC457DD645EE955B1914A635C90AF77C519D2ADA895E7ECF12
Malicious:	false
Reputation:	unknown
Preview:	MIIDUDCCAjigAwIBAgIQImsjBGfFTk6M7sZzNVcAwDANBgkqhkiG9w0BAQsFADAlMSMwIQYDVQQDExphdXRoLmluc3RhbGxlcnNlcnZpY2VzLmNvbTAeFw0yMzEwMjUyMzEzNDhaFw0yODEwMjUyMzIzNDhaMCUxIzAhBgNVBAMTGmF1dGguaW5zdGFsbGVyc2VydmljZXMuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwnTHlqfx0MmiBSvhwkjmo2Y53B2ED6kyYgNgsSoX090DwL9g08Q2LnfEEFH+mif1Zv6jztT5QvWXjjroucDJQzZFBz/xbd1zilX80JFxD/8TIiKdmg73eXcrkSTsQUz97HwnpZbQDWbQJh/QxbvRIrJrcU2ADGsC5KBpRVXJ3t9m3TKNrfbAtKpPonso6+6GHvwUNTZUU9UgvDV3qGpDSniqumK3a1U9hphJJBb8us3o3538CM3tJAJ2w/bDGA/MOaTInkspZIQpecv16wkMWuLyHUxAaMDIO0tuIKxeIka0PaTAaZdw6BXofnNqwDD5JloOGm323JAR3pe+hJmSmQIDAQABo3wwejAOBgNVHQ8BAf8EBAMCBaAwCQYDVR0TBAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHwYDVR0jBBgwFoAUL8Xv6MyxPZ8/T+cj4fEkfSpVzqEwHQYDVR0OBBYEFC/F7+jMsT2fP0/nI+HxJH0qVc6hMA0GCSqGSIb3DQEBCwUAA4IBAQASgm1VIK9vC88LPaCv7qPEd2TUtRrOi/VG2HkcpmBIKGoDeFa41jzKpO25iMg4MQhlXuljIYMDch8YpZETcFvBXHzfCF7Rc+kl/K5tFd8kHGMItiPuwZV/BfvL9Wu4gY4g1skfRpiemP1gZvlc1fZlEoYDqAIzODkRyXOd2nsa7zt8iGTdNujZ8A/IyQzGNeqtmt+bpNvKojkB

Static File Info

General

File type:	PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
Entropy (8bit):	6.8280478140244485
TrID:	Win32 Executable (generic) Net Framework (10011505/4) 50.01% Win32 Executable (generic) a (10002005/4) 49.97% Generic Win/DOS Executable (2004/3) 0.01% DOS Executable Generic (2002/1) 0.01% Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
File name:	Unlimited HEIC Converter Installer.exe
File size:	1'058'336 bytes
MD5:	5a0c501219ce6252e84ecd38d1e7bf3d
SHA1:	cada316be26dbdcc7d4036a85431b2c0a94f8f54
SHA256:	d7737ed305e02b560d5a03c88fbd76115d7a217cf300ef3e320265910c3d2106
SHA512:	c2ea24fe7b85eef2f854a79e0d8235c3e533394a4adb9c76934fdc9309fecaa9eb4a8eb0b69aa9e1be5015493216e61651d7ed617577a9b8ab90bc78f9a5ed5a
SSDEEP:	12288:qvUGQWpy+Tac0RDffXJjyYpcyoNHSy5viczPESsQ3BaE32VfXJjyYpz:lGQB+2DR7BWYpcyo44u0aPVBWYpz
TLSH:	54354C9123FC4439E7B70B39BD7A58610735BC395942E5AE098E293C18F2B1689F2737
File Content Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...w.m..........."...0......(........... ........@.. ....................... ............`................................

File Icon


Icon Hash:	136cb2b27171b24d

Static PE Info

General

Entrypoint:	0x4ea89e
Entrypoint Section:	.text
Digitally signed:	true
Imagebase:	0x400000
Subsystem:	windows gui
Image File Characteristics:	EXECUTABLE_IMAGE, LARGE_ADDRESS_AWARE
DLL Characteristics:	HIGH_ENTROPY_VA, DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE
Time Stamp:	0xD76DA577 [Thu Jul 13 00:40:23 2084 UTC]
TLS Callbacks:
CLR (.Net) Version:
OS Version Major:	4
OS Version Minor:	0
File Version Major:	4
File Version Minor:	0
Subsystem Version Major:	4
Subsystem Version Minor:	0
Import Hash:	f34d5f2d4577ed6d9ceec516c1f5a744

Authenticode Signature

Signature Valid:	true
Signature Issuer:	CN=Microsoft Marketplace CA G 027, OU=EOC, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
Signature Validation Error:	The operation completed successfully
Error Number:	0
Not Before, Not After	13/09/2024 02:07:32 16/09/2024 02:07:32
Subject Chain	CN=Microsoft Corporation, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
Version:	3
Thumbprint MD5:	F5B7BCC826B78AEF763836D82EF67DBA
Thumbprint SHA-1:	FDA943641AAA87F7EA61F7347FE92B9C3ABC3825
Thumbprint SHA-256:	51B79453AFF83A66E1EC1E1139143AAB93E8BC7D4E00E922857DEAE48B2F0543
Serial:	33003E3B13F845F76C76D487AB0001003E3B13

Entrypoint Preview

Instruction
jmp dword ptr [00402000h]
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al

Data Directories

Name	Virtual Address	Virtual Size	Is in Section
IMAGE_DIRECTORY_ENTRY_EXPORT	0x0	0x0
IMAGE_DIRECTORY_ENTRY_IMPORT	0xea84b	0x4f	.text
IMAGE_DIRECTORY_ENTRY_RESOURCE	0xec000	0x12520	.rsrc
IMAGE_DIRECTORY_ENTRY_EXCEPTION	0x0	0x0
IMAGE_DIRECTORY_ENTRY_SECURITY	0xfb400	0x7220
IMAGE_DIRECTORY_ENTRY_BASERELOC	0x100000	0xc	.reloc
IMAGE_DIRECTORY_ENTRY_DEBUG	0xea770	0x54	.text
IMAGE_DIRECTORY_ENTRY_COPYRIGHT	0x0	0x0
IMAGE_DIRECTORY_ENTRY_GLOBALPTR	0x0	0x0
IMAGE_DIRECTORY_ENTRY_TLS	0x0	0x0
IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG	0x0	0x0
IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT	0x0	0x0
IMAGE_DIRECTORY_ENTRY_IAT	0x2000	0x8	.text
IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT	0x0	0x0
IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR	0x2008	0x48	.text
IMAGE_DIRECTORY_ENTRY_RESERVED	0x0	0x0

Sections

Name	Virtual Address	Virtual Size	Raw Size	MD5	Xored PE	ZLIB Complexity	File Type	Entropy	Characteristics
.text	0x2000	0xe88a4	0xe8a00	5b6a3efd8eac820346aff8b482a10019	False	0.4117619895217625	data	6.750490375633941	IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
.rsrc	0xec000	0x12520	0x12600	9ea49324b516aa5d1561d31d950be75c	False	0.9542410714285714	data	7.935620731794472	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
.reloc	0x100000	0xc	0x200	2489e7acd7e3729bd40ae5f145668c14	False	0.044921875	data	0.09800417566270775	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ

Resources

Name	RVA	Size	Type	ZLIB Complexity
RT_ICON	0xec1e0	0xd5e7	PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced	1.0004748077941525
RT_ICON	0xf97d8	0x1363	PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced	1.0022164013701391
RT_ICON	0xfab4c	0xc9d	PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced	1.0034066274388356
RT_ICON	0xfb7fc	0x9da	PNG image data, 40 x 40, 8-bit/color RGBA, non-interlaced	1.0043616177636796
RT_ICON	0xfc1e8	0x691	PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced	1.006543723973825
RT_ICON	0xfc88c	0x490	PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced	1.009417808219178
RT_ICON	0xfcd2c	0x396	PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced	1.0119825708061003
RT_ICON	0xfd0d4	0x299	PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced	1.0165413533834586
RT_GROUP_ICON	0xfd380	0x76	data	0.7542372881355932
RT_VERSION	0xfd408	0x3e0	data	0.4284274193548387
RT_MANIFEST	0xfd7f8	0xd21	XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators	0.3924427253793514

Imports

DLL	Import
mscoree.dll	_CorExeMain

Description:	Adversaries may execute their own malicious payloads by side-loading DLLs. Similar to DLL Search Order Hijacking , side-loading involves hijacking which DLL a program loads. But rather than just planting the DLL within the search order of a program then waiting for the victim application to be invoked, adversaries may directly side-load their payloads by planting then invoking a legitimate application that executes their payload(s).
Tactics:	Defense Evasion, Persistence, Privilege Escalation
Data Sources:	File: File Creation, File: File Modification, Module: Module Load, Process: Process Creation
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools. Masquerading occurs when the name or location of an object, legitimate or malicious, is manipulated or abused for the sake of evading defenses and observation. This may include manipulating file metadata, tricking users into misidentifying the file type, and giving legitimate task or service names.
Tactics:	Defense Evasion
Data Sources:	Command: Command Execution, File: File Metadata, File: File Modification, Image: Image Metadata, Process: OS API Execution, Process: Process Creation, Process: Process Metadata, Scheduled Job: Scheduled Job Metadata, Scheduled Job: Scheduled Job Modification, Service: Service Creation, Service: Service Metadata
Platforms:	Containers, Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may modify and/or disable security tools to avoid possible detection of their malware/tools and activities. This may take many forms, such as killing security software processes or services, modifying / deleting Registry keys or configuration files so that tools do not operate properly, or other methods to interfere with security tools scanning or reporting information. Adversaries may also disable updates to prevent the latest security patches from reaching tools on victim systems.
Tactics:	Defense Evasion
Data Sources:	Command: Command Execution, Driver: Driver Load, Process: Process Creation, Process: Process Termination, Sensor Health: Host Status, Service: Service Metadata, Windows Registry: Windows Registry Key Deletion, Windows Registry: Windows Registry Key Modification
Platforms:	Containers, IaaS, Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ various means to detect and avoid virtualization and analysis environments. This may include changing behaviors based on the results of checks for the presence of artifacts indicative of a virtual machine environment (VME) or sandbox. If the adversary detects a VME, they may alter their malware to disengage from the victim or conceal the core functions of the implant. They may also search for VME artifacts before dropping secondary or additional payloads. Adversaries may use the information learned from [Virtualization/Sandbox Evasion](https://attack.mitre.org/techniques/T1497) during automated discovery to shape follow-on behaviors.
Tactics:	Defense Evasion, Discovery
Data Sources:	Command: Command Execution, Process: OS API Execution, Process: Process Creation
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may modify file time attributes to hide new or changes to existing files. Timestomping is a technique that modifies the timestamps of a file (the modify, access, create, and change times), often to mimic files that are in the same folder. This is done, for example, on files that have been modified or created by the adversary so that they do not appear conspicuous to forensic investigators or file analysis tools.
Tactics:	Defense Evasion
Data Sources:	File: File Metadata, File: File Modification
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to get a listing of open application windows. Window listings could convey information about how the system is used.For example, information about application windows could be used identify potential data to collect as well as identifying security tooling ( Security Software Discovery ) to evade.
Tactics:	Discovery
Data Sources:	Command: Command Execution, Process: OS API Execution, Process: Process Creation
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	An adversary may attempt to get detailed information about the operating system and hardware, including version, patches, hotfixes, service packs, and architecture. Adversaries may use the information from System Information Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Tactics:	Discovery
Data Sources:	Command: Command Execution, Process: OS API Execution, Process: Process Creation
Platforms:	IaaS, Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report Unlimited HEIC Converter Installer.exe

Overview

General Information

Detection

Signatures

Classification

Process Tree

Yara Signatures

Sigma Signatures

Suricata Signatures

Joe Sandbox Signatures

Compliance

System Summary

Data Obfuscation

Hooking and other Techniques for Hiding and Protection

Malware Analysis System Evasion

Anti Debugging

Language, Device and Operating System Detection

Mitre Att&ck Matrix

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

World Map of Contacted IPs

Public IPs

General Information

Warnings

Created / dropped Files

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WPF9C8D.tmp

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WPFDCB2.tmp

C:\Users\user\AppData\Local\Temp\Tmp97F8.tmp

Static File Info

General

File Icon

Static PE Info

General

Authenticode Signature

Entrypoint Preview

Data Directories

Sections

Resources

Imports

Windows Analysis Report
Unlimited HEIC Converter Installer.exe