| Source: 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11591107103.00000000069D8000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://bugreports.qt.io/ |
| Source: 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11591107103.00000000069D8000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://bugreports.qt.io/_q_receiveReplyensureClientPrefaceSentMicrosoft-IIS/4.Microsoft-IIS/5.Netsca |
| Source: 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11588029820.0000000009463000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11586029577.0000000008FE3000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11590477989.0000000009562000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11589860062.0000000002A03000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11589417095.000000000911E000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11590477989.0000000009AD4000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11587857458.0000000008D9D000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0E |
| Source: expand.exe, 0000000C.00000003.11492385489.0000000003279000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11510751043.0000000002A16000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11588029820.0000000009463000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11510717590.00000000029FE000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11506626340.0000000002A07000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11586029577.0000000008FE3000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11506626340.0000000002A11000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11590477989.0000000009562000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11589417095.000000000911E000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11590477989.0000000009AD4000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crt0 |
| Source: 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11588029820.0000000009463000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11586029577.0000000008FE3000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11590477989.0000000009562000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11589860062.0000000002A03000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11589417095.000000000911E000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11590477989.0000000009AD4000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11587857458.0000000008D9D000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crt0 |
| Source: expand.exe, 0000000C.00000003.11492385489.0000000003279000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11510751043.0000000002A16000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11588029820.0000000009463000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11510717590.00000000029FE000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11506626340.0000000002A07000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11586029577.0000000008FE3000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11506626340.0000000002A11000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11590477989.0000000009562000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11589860062.0000000002A03000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11589417095.000000000911E000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11590477989.0000000009AD4000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11587857458.0000000008D9D000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedRootG4.crt0C |
| Source: 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11587756073.0000000002A86000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://certificates.godaddy.com/repository/0 |
| Source: 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11587756073.0000000002A86000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://certificates.godaddy.com/repository/gdig2.crt0 |
| Source: 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11587756073.0000000002A86000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://certs.godaddy.com/repository/1301 |
| Source: 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11588029820.0000000009463000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11586029577.0000000008FE3000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11590477989.0000000009562000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11589860062.0000000002A03000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11589417095.000000000911E000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11590477989.0000000009AD4000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11587857458.0000000008D9D000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://crl.comodoca.com/AAACertificateServices.crl04 |
| Source: NinjaRMMAgentPatcher.exe | String found in binary or memory: http://crl.globalsign.net/root-r2.crl |
| Source: NinjaRMMAgent.exe, 00000028.00000003.12609665543.00000000041F4000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://crl.globalsign.net/root-r2.crl0 |
| Source: 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11587756073.0000000002A86000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://crl.godaddy.com/gdig2s5-6.crl0 |
| Source: 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11587756073.0000000002A86000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://crl.godaddy.com/gdroot-g2.crl0F |
| Source: NinjaRMMAgentPatcher.exe | String found in binary or memory: http://crl.netsolssl.com/NetworkSolutionsCertificateAuthority.crl |
| Source: 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11588029820.0000000009463000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11586029577.0000000008FE3000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11590477989.0000000009562000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11589860062.0000000002A03000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11589417095.000000000911E000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11590477989.0000000009AD4000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11587857458.0000000008D9D000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://crl.sectigo.com/SectigoPublicCodeSigningCAR36.crl0y |
| Source: 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11588029820.0000000009463000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11586029577.0000000008FE3000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11590477989.0000000009562000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11589860062.0000000002A03000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11589417095.000000000911E000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11590477989.0000000009AD4000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11587857458.0000000008D9D000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://crl.sectigo.com/SectigoPublicCodeSigningRootR46.crl0 |
| Source: expand.exe, 0000000C.00000003.11492385489.0000000003279000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11510751043.0000000002A16000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11510717590.00000000029FE000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11506626340.0000000002A07000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11506626340.0000000002A11000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://crl.sectigo.com/SectigoPublicTimeStampingCAR36.crl0z |
| Source: expand.exe, 0000000C.00000003.11492385489.0000000003279000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11510751043.0000000002A16000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11510717590.00000000029FE000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11506626340.0000000002A07000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11506626340.0000000002A11000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://crl.sectigo.com/SectigoPublicTimeStampingRootR46.crl0 |
| Source: NinjaRMMAgentPatcher.exe | String found in binary or memory: http://crl.securetrust.com/SGCA.crl |
| Source: NinjaRMMAgentPatcher.exe | String found in binary or memory: http://crl.securetrust.com/STCA.crl |
| Source: NinjaRMMAgentPatcher.exe | String found in binary or memory: http://crl.xrampsecurity.com/XGCA.crl |
| Source: 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11588029820.0000000009463000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11586029577.0000000008FE3000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11590477989.0000000009562000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11589860062.0000000002A03000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11589417095.000000000911E000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11590477989.0000000009AD4000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11587857458.0000000008D9D000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0 |
| Source: expand.exe, 0000000C.00000003.11492385489.0000000003279000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11510751043.0000000002A16000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11588029820.0000000009463000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11510717590.00000000029FE000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11506626340.0000000002A07000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11586029577.0000000008FE3000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11506626340.0000000002A11000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11590477989.0000000009562000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11589417095.000000000911E000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11590477989.0000000009AD4000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://crl3.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crl0S |
| Source: 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11588029820.0000000009463000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11586029577.0000000008FE3000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11590477989.0000000009562000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11589860062.0000000002A03000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11589417095.000000000911E000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11590477989.0000000009AD4000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11587857458.0000000008D9D000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://crl3.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crl0 |
| Source: 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11590477989.0000000009AD4000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11587857458.0000000008D9D000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://crl3.digicert.com/DigiCertTrustedRootG4.crl0 |
| Source: expand.exe, 0000000C.00000003.11492385489.0000000003279000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11510751043.0000000002A16000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11588029820.0000000009463000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11510717590.00000000029FE000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11506626340.0000000002A07000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11586029577.0000000008FE3000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11506626340.0000000002A11000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11590477989.0000000009562000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11589417095.000000000911E000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11590477989.0000000009AD4000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://crl4.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crl0 |
| Source: 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11588029820.0000000009463000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11586029577.0000000008FE3000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11590477989.0000000009562000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11589860062.0000000002A03000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11589417095.000000000911E000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11590477989.0000000009AD4000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11587857458.0000000008D9D000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://crt.sectigo.com/SectigoPublicCodeSigningCAR36.crt0# |
| Source: 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11588029820.0000000009463000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11586029577.0000000008FE3000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11590477989.0000000009562000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11589860062.0000000002A03000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11589417095.000000000911E000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11590477989.0000000009AD4000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11587857458.0000000008D9D000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://crt.sectigo.com/SectigoPublicCodeSigningRootR46.p7c0# |
| Source: expand.exe, 0000000C.00000003.11492385489.0000000003279000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11510751043.0000000002A16000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11510717590.00000000029FE000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11506626340.0000000002A07000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11506626340.0000000002A11000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://crt.sectigo.com/SectigoPublicTimeStampingCAR36.crt0# |
| Source: expand.exe, 0000000C.00000003.11492385489.0000000003279000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11510751043.0000000002A16000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11510717590.00000000029FE000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11506626340.0000000002A07000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11506626340.0000000002A11000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://crt.sectigo.com/SectigoPublicTimeStampingRootR46.p7c0# |
| Source: 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11531998961.000000000484B000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11590136172.0000000004870000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11532334790.000000000486F000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11532091476.0000000004853000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11532233233.0000000004862000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://docs.fedoraproject.org/en-US/Fedora/13/html/SELinux_FAQ/index.html#id3037154 |
| Source: 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11530887452.00000000055D0000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://download.bitrock.com/feedback.php |
| Source: 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11586029577.0000000008FE3000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11589417095.000000000911E000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://https://DefaultHTTPProtoNinjaRMMAgent.exeAgentCurrentExecutableNameD: |
| Source: 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11588029820.0000000009463000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11586029577.0000000008FE3000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11590477989.0000000009562000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11589860062.0000000002A03000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11589417095.000000000911E000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11590477989.0000000009AD4000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11587857458.0000000008D9D000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://ocsp.comodoca.com0 |
| Source: expand.exe, 0000000C.00000003.11492385489.0000000003279000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11510751043.0000000002A16000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11588029820.0000000009463000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11510717590.00000000029FE000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11506626340.0000000002A07000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11586029577.0000000008FE3000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11506626340.0000000002A11000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11590477989.0000000009562000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11589417095.000000000911E000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11590477989.0000000009AD4000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://ocsp.digicert.com0 |
| Source: expand.exe, 0000000C.00000003.11492385489.0000000003279000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11510751043.0000000002A16000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11588029820.0000000009463000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11510717590.00000000029FE000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11506626340.0000000002A07000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11586029577.0000000008FE3000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11506626340.0000000002A11000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11590477989.0000000009562000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11589860062.0000000002A03000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11589417095.000000000911E000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11590477989.0000000009AD4000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11587857458.0000000008D9D000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://ocsp.digicert.com0A |
| Source: 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11588029820.0000000009463000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11586029577.0000000008FE3000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11590477989.0000000009562000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11589860062.0000000002A03000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11589417095.000000000911E000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11590477989.0000000009AD4000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11587857458.0000000008D9D000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://ocsp.digicert.com0C |
| Source: 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11588029820.0000000009463000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11586029577.0000000008FE3000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11590477989.0000000009562000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11589860062.0000000002A03000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11589417095.000000000911E000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11590477989.0000000009AD4000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11587857458.0000000008D9D000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://ocsp.digicert.com0X |
| Source: 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11587756073.0000000002A86000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://ocsp.godaddy.com/0 |
| Source: 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11587756073.0000000002A86000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://ocsp.godaddy.com/05 |
| Source: expand.exe, 0000000C.00000003.11492385489.0000000003279000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11510751043.0000000002A16000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11588029820.0000000009463000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11510717590.00000000029FE000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11506626340.0000000002A07000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11586029577.0000000008FE3000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11506626340.0000000002A11000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11590477989.0000000009562000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11589860062.0000000002A03000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11589417095.000000000911E000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11590477989.0000000009AD4000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11587857458.0000000008D9D000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://ocsp.sectigo.com0 |
| Source: NinjaRMMAgentPatcher.exe, 00000010.00000003.11618886419.0000000003BEC000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://policy.camerfirma.com |
| Source: 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11587756073.0000000002A86000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11589860062.0000000002A03000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11589757466.0000000006C9C000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://s.symcb.com/universal-root.crl0 |
| Source: 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11587756073.0000000002A86000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11589860062.0000000002A03000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11589757466.0000000006C9C000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://s.symcd.com06 |
| Source: 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11590188539.00000000055CF000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11532182946.00000000055D1000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11530987696.0000000004DAD000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11530887452.00000000055D0000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://timestamp.apple.com/ts01 |
| Source: 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11590188539.00000000055CF000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11532182946.00000000055D1000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11530887452.00000000055D0000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://timestamp.apple.com/ts01tificate |
| Source: 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11530506136.0000000005583000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11531946378.0000000005586000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://tkcon.sourceforge.net/ |
| Source: 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11587756073.0000000002A86000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11589860062.0000000002A03000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11589757466.0000000006C9C000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://ts-aia.ws.symantec.com/sha256-tss-ca.cer0( |
| Source: 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11587756073.0000000002A86000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11589860062.0000000002A03000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11589757466.0000000006C9C000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://ts-crl.ws.symantec.com/sha256-tss-ca.crl0 |
| Source: 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11587756073.0000000002A86000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11589860062.0000000002A03000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11589757466.0000000006C9C000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://ts-ocsp.ws.symantec.com0; |
| Source: NinjaRMMAgentPatcher.exe, 00000010.00000003.11618886419.0000000003BEC000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://www.accv.es/fileadmin/Archivos/certificados/raizaccv1_der.crl |
| Source: NinjaRMMAgentPatcher.exe, 00000010.00000003.11618886419.0000000003BEC000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://www.accv.es/legislacion_c.htm |
| Source: NinjaRMMAgentPatcher.exe, 00000010.00000003.11618886419.0000000003BEC000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://www.accv.es00 |
| Source: 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11588029820.0000000009463000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11590477989.0000000009562000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://www.apple.com/DTDs/PropertyList-1.0.dtd |
| Source: NinjaRMMAgent.exe, 00000028.00000003.12609665543.00000000041F4000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://www.cert.fnmt.es/dpcs/ |
| Source: expand.exe, 0000000C.00000003.11492385489.0000000003279000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11510751043.0000000002A16000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11588029820.0000000009463000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11510717590.00000000029FE000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11506626340.0000000002A07000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11586029577.0000000008FE3000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11506626340.0000000002A11000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11590477989.0000000009562000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11589417095.000000000911E000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11590477989.0000000009AD4000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://www.digicert.com/CPS0 |
| Source: 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11591107103.00000000069D8000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://www.phreedom.org/md5) |
| Source: 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11591107103.00000000069D8000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://www.phreedom.org/md5)08:27 |
| Source: NinjaRMMAgentPatcher.exe | String found in binary or memory: http://www.pkioverheid.nl/policies/root-policy-G2 |
| Source: NinjaRMMAgentPatcher.exe | String found in binary or memory: http://www.quovadis.bm |
| Source: NinjaRMMAgentPatcher.exe | String found in binary or memory: https://agent-app.ninjarmm.com |
| Source: NinjaRMMAgent.exe, 00000028.00000003.12609665543.00000000041F4000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://agent-app.ninjarmm.com/ws/agent/signal |
| Source: 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11587756073.0000000002A86000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://certs.godaddy.com/repository/0 |
| Source: 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11586029577.0000000008FE3000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11589417095.000000000911E000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://crashpad.chromium.org/ |
| Source: 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11586029577.0000000008FE3000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11589417095.000000000911E000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://crashpad.chromium.org/bug/new |
| Source: 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11586029577.0000000008FE3000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11589417095.000000000911E000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://crashpad.chromium.org/https://crashpad.chromium.org/bug/new |
| Source: 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11588029820.0000000009463000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11590477989.0000000009562000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11591507470.00000000085C8000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://curl.se/P |
| Source: 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11588029820.0000000009463000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11591507470.00000000085C8000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://curl.se/docs/alt-svc.html |
| Source: 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11588029820.0000000009463000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11590477989.0000000009562000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11591507470.00000000085C8000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://curl.se/docs/copyright.htmlD |
| Source: 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11588029820.0000000009463000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11591507470.00000000085C8000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://curl.se/docs/hsts.html |
| Source: 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11588029820.0000000009463000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11591507470.00000000085C8000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://curl.se/docs/http-cookies.html |
| Source: 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11588029820.0000000009463000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11591507470.00000000085C8000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://curl.se/docs/sslcerts.html |
| Source: 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11591507470.00000000085C8000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://curl.se/libcurl/c/curl_easy_setopt.html |
| Source: 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11587756073.0000000002A86000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11589860062.0000000002A03000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11589757466.0000000006C9C000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://d.symcb.com/cps0% |
| Source: 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11587756073.0000000002A86000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11589860062.0000000002A03000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11589757466.0000000006C9C000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://d.symcb.com/rpa0 |
| Source: 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11587756073.0000000002A86000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11589860062.0000000002A03000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11589757466.0000000006C9C000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://d.symcb.com/rpa0. |
| Source: 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11588029820.0000000009463000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11590477989.0000000009562000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://hg.mozilla.org/releases/mozilla-release/raw-file/default/security/nss/lib/ckfw/builtins/cert |
| Source: 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11588029820.0000000009463000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11590477989.0000000009562000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://powershellexplained.com/2017-05-27-Powershell-module-building-basics/ |
| Source: NinjaRMMAgent.exe, 00000028.00000003.12609665543.00000000041F4000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://repository.luxtrust.lu0 |
| Source: 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11591107103.0000000006AD3000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://resources.ninjarmm.com/AgentInstallers/cabarc_20230209.zip |
| Source: 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11591107103.0000000006AD3000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://resources.ninjarmm.com/AgentInstallers/cabarc_20230209.zip5a4e1ba7ad86dff0e7fa019049d5efb83d |
| Source: 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11586029577.0000000008FE3000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11589417095.000000000911E000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://resources.ninjarmm.com/Bitdefender/ |
| Source: 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11586029577.0000000008FE3000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11589417095.000000000911E000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://resources.ninjarmm.com/Bitdefender/MAC/ |
| Source: 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11586029577.0000000008FE3000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11589417095.000000000911E000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://resources.ninjarmm.com/Bitdefender/https://resources.ninjarmm.com/Bitdefender/MAC/STORAGE#Vo |
| Source: 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11586029577.0000000008FE3000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11589417095.000000000911E000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://resources.ninjarmm.com/Crowdstrike/ |
| Source: 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11586029577.0000000008FE3000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11589417095.000000000911E000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://resources.ninjarmm.com/Crowdstrike/ws.agent.config.crowdstrike.generic.jsonws.agent.config.c |
| Source: 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11586029577.0000000008FE3000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11589417095.000000000911E000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://resources.ninjarmm.com/SentinelOne/ |
| Source: 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11586029577.0000000008FE3000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11589417095.000000000911E000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://resources.ninjarmm.com/SentinelOne/ws.agent.config.sentinelone.generic.jsonws.agent.config.s |
| Source: 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11586029577.0000000008FE3000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11589417095.000000000911E000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://resources.ninjarmm.com/components/gravityzone/ |
| Source: 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11586029577.0000000008FE3000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11589417095.000000000911E000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://resources.ninjarmm.com/components/gravityzone/(https? |
| Source: 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11586029577.0000000008FE3000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11589417095.000000000911E000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://resources.ninjarmm.com/components/gravityzone/sample_policy_tmp_2.json |
| Source: 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11586029577.0000000008FE3000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11589417095.000000000911E000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://resources.ninjarmm.com/components/gravityzone/sample_policy_tmp_2.jsonGravityZone: |
| Source: expand.exe, 0000000C.00000003.11492385489.0000000003279000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11510751043.0000000002A16000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11588029820.0000000009463000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11510717590.00000000029FE000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11506626340.0000000002A07000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11586029577.0000000008FE3000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11506626340.0000000002A11000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11590477989.0000000009562000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11589860062.0000000002A03000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11589417095.000000000911E000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11590477989.0000000009AD4000.00000004.00000020.00020000.00000000.sdmp, 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11587857458.0000000008D9D000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://sectigo.com/CPS0 |
| Source: NinjaRMMAgentPatcher.exe, 00000010.00000003.11618886419.0000000003BEC000.00000004.00000020.00020000.00000000.sdmp, NinjaRMMAgent.exe, 00000028.00000003.12609665543.00000000041F4000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://www.catcert.net/verarrel |
| Source: NinjaRMMAgentPatcher.exe, 00000010.00000003.11618886419.0000000003BEC000.00000004.00000020.00020000.00000000.sdmp, NinjaRMMAgent.exe, 00000028.00000003.12609665543.00000000041F4000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://www.catcert.net/verarrel05 |
| Source: 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11591107103.0000000006AD3000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://www.googleapis.com/auth/cloud-platform |
| Source: 9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe, 0000000F.00000003.11591107103.0000000006AD3000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://www.googleapis.com/auth/cloud-platformExternalAccountCredentials |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: apphelp.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: aclayers.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: msi.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: srpapi.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: tsappcmp.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: uxtheme.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: kernel.appcore.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: textinputframework.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: propsys.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: coremessaging.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: coreuicomponents.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: wintypes.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: cryptbase.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: textshaping.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: netapi32.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: wkscli.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: netutils.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: wldp.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: msasn1.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: cryptsp.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: rsaenh.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: msisip.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: gpapi.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: cryptnet.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: profapi.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: iphlpapi.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: winnsi.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: userenv.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: version.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: userenv.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: version.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: appidapi.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: version.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: mscoree.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: windows.storage.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: sspicli.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: msihnd.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: pcacli.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: mpr.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: apphelp.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: aclayers.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: kernel.appcore.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: msi.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: tsappcmp.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: userenv.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: profapi.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: sspicli.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: netapi32.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: wkscli.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: netutils.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: srclient.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: spp.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: powrprof.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: vssapi.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: vsstrace.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: umpdc.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: wldp.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: msasn1.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: cryptsp.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: rsaenh.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: cryptbase.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: msisip.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: gpapi.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: cryptnet.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: iphlpapi.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: winnsi.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: version.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: version.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: appidapi.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: srpapi.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: mscoree.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: version.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: vcruntime140_1_clr0400.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: vcruntime140_clr0400.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: ucrtbase_clr0400.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: ucrtbase_clr0400.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: vcruntime140_clr0400.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: rstrtmgr.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: ncrypt.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: ntasn1.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: windows.storage.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: wintypes.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: pcacli.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: mpr.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: ntmarta.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: sfc.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: sfc_os.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Section loaded: servicingcommon.dll | Jump to behavior |
| Source: C:\Windows\SysWOW64\msiexec.exe | Section loaded: apphelp.dll | Jump to behavior |
| Source: C:\Windows\SysWOW64\msiexec.exe | Section loaded: aclayers.dll | Jump to behavior |
| Source: C:\Windows\SysWOW64\msiexec.exe | Section loaded: kernel.appcore.dll | Jump to behavior |
| Source: C:\Windows\SysWOW64\msiexec.exe | Section loaded: msi.dll | Jump to behavior |
| Source: C:\Windows\SysWOW64\msiexec.exe | Section loaded: sspicli.dll | Jump to behavior |
| Source: C:\Windows\SysWOW64\msiexec.exe | Section loaded: cryptsp.dll | Jump to behavior |
| Source: C:\Windows\SysWOW64\msiexec.exe | Section loaded: rsaenh.dll | Jump to behavior |
| Source: C:\Windows\SysWOW64\msiexec.exe | Section loaded: cryptbase.dll | Jump to behavior |
| Source: C:\Windows\SysWOW64\msiexec.exe | Section loaded: apphelp.dll | Jump to behavior |
| Source: C:\Windows\SysWOW64\msiexec.exe | Section loaded: aclayers.dll | Jump to behavior |
| Source: C:\Windows\SysWOW64\msiexec.exe | Section loaded: kernel.appcore.dll | Jump to behavior |
| Source: C:\Windows\SysWOW64\msiexec.exe | Section loaded: msi.dll | Jump to behavior |
| Source: C:\Windows\SysWOW64\msiexec.exe | Section loaded: sspicli.dll | Jump to behavior |
| Source: C:\Windows\SysWOW64\msiexec.exe | Section loaded: cryptsp.dll | Jump to behavior |
| Source: C:\Windows\SysWOW64\msiexec.exe | Section loaded: rsaenh.dll | Jump to behavior |
| Source: C:\Windows\SysWOW64\msiexec.exe | Section loaded: cryptbase.dll | Jump to behavior |
| Source: C:\Windows\SysWOW64\msiexec.exe | Section loaded: windows.storage.dll | Jump to behavior |
| Source: C:\Windows\SysWOW64\msiexec.exe | Section loaded: wintypes.dll | Jump to behavior |
| Source: C:\Windows\SysWOW64\msiexec.exe | Section loaded: uxtheme.dll | Jump to behavior |
| Source: C:\Windows\SysWOW64\msiexec.exe | Section loaded: propsys.dll | Jump to behavior |
| Source: C:\Windows\SysWOW64\msiexec.exe | Section loaded: profapi.dll | Jump to behavior |
| Source: C:\Windows\SysWOW64\msiexec.exe | Section loaded: cfgmgr32.dll | Jump to behavior |
| Source: C:\Windows\SysWOW64\msiexec.exe | Section loaded: edputil.dll | Jump to behavior |
| Source: C:\Windows\SysWOW64\msiexec.exe | Section loaded: urlmon.dll | Jump to behavior |
| Source: C:\Windows\SysWOW64\msiexec.exe | Section loaded: iertutil.dll | Jump to behavior |
| Source: C:\Windows\SysWOW64\msiexec.exe | Section loaded: srvcli.dll | Jump to behavior |
| Source: C:\Windows\SysWOW64\msiexec.exe | Section loaded: netutils.dll | Jump to behavior |
| Source: C:\Windows\SysWOW64\msiexec.exe | Section loaded: srvcli.dll | Jump to behavior |
| Source: C:\Windows\SysWOW64\msiexec.exe | Section loaded: netutils.dll | Jump to behavior |
| Source: C:\Windows\SysWOW64\msiexec.exe | Section loaded: windows.staterepositoryps.dll | Jump to behavior |
| Source: C:\Windows\SysWOW64\msiexec.exe | Section loaded: virtdisk.dll | Jump to behavior |
| Source: C:\Windows\SysWOW64\msiexec.exe | Section loaded: wldp.dll | Jump to behavior |
| Source: C:\Windows\SysWOW64\msiexec.exe | Section loaded: smartscreenps.dll | Jump to behavior |
| Source: C:\Windows\SysWOW64\msiexec.exe | Section loaded: appresolver.dll | Jump to behavior |
| Source: C:\Windows\SysWOW64\msiexec.exe | Section loaded: userenv.dll | Jump to behavior |
| Source: C:\Windows\SysWOW64\msiexec.exe | Section loaded: bcp47langs.dll | Jump to behavior |
| Source: C:\Windows\SysWOW64\msiexec.exe | Section loaded: onecoreuapcommonproxystub.dll | Jump to behavior |
| Source: C:\Windows\SysWOW64\msiexec.exe | Section loaded: pcacli.dll | Jump to behavior |
| Source: C:\Windows\SysWOW64\msiexec.exe | Section loaded: mpr.dll | Jump to behavior |
| Source: C:\Windows\SysWOW64\msiexec.exe | Section loaded: sfc_os.dll | Jump to behavior |
| Source: C:\Windows\SysWOW64\msiexec.exe | Section loaded: servicingcommon.dll | Jump to behavior |
| Source: C:\Windows\SysWOW64\msiexec.exe | Section loaded: shdocvw.dll | Jump to behavior |
| Source: C:\Windows\SysWOW64\msiexec.exe | Section loaded: textinputframework.dll | Jump to behavior |
| Source: C:\Windows\SysWOW64\msiexec.exe | Section loaded: coremessaging.dll | Jump to behavior |
| Source: C:\Windows\SysWOW64\msiexec.exe | Section loaded: coreuicomponents.dll | Jump to behavior |
| Source: C:\Windows\SysWOW64\icacls.exe | Section loaded: ntmarta.dll | Jump to behavior |
| Source: C:\Windows\SysWOW64\expand.exe | Section loaded: cabinet.dll | Jump to behavior |
| Source: C:\Windows\SysWOW64\expand.exe | Section loaded: dpx.dll | Jump to behavior |
| Source: C:\Windows\SysWOW64\expand.exe | Section loaded: cryptsp.dll | Jump to behavior |
| Source: C:\Windows\SysWOW64\expand.exe | Section loaded: wdscore.dll | Jump to behavior |
| Source: C:\Windows\SysWOW64\expand.exe | Section loaded: dbghelp.dll | Jump to behavior |
| Source: C:\Windows\SysWOW64\expand.exe | Section loaded: dbgcore.dll | Jump to behavior |
| Source: C:\Windows\SysWOW64\expand.exe | Section loaded: rsaenh.dll | Jump to behavior |
| Source: C:\Windows\SysWOW64\expand.exe | Section loaded: cryptbase.dll | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Section loaded: uxtheme.dll | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Section loaded: netapi32.dll | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Section loaded: pdh.dll | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Section loaded: winmm.dll | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Section loaded: mpr.dll | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Section loaded: version.dll | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Section loaded: iphlpapi.dll | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Section loaded: powrprof.dll | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Section loaded: secur32.dll | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Section loaded: userenv.dll | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Section loaded: wtsapi32.dll | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Section loaded: msvcp60.dll | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Section loaded: samcli.dll | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Section loaded: srvcli.dll | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Section loaded: schedcli.dll | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Section loaded: logoncli.dll | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Section loaded: wkscli.dll | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Section loaded: netutils.dll | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Section loaded: sspicli.dll | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Section loaded: umpdc.dll | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Section loaded: kernel.appcore.dll | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Section loaded: windows.storage.dll | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Section loaded: wintypes.dll | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Section loaded: profapi.dll | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Section loaded: textshaping.dll | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Section loaded: textinputframework.dll | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Section loaded: propsys.dll | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Section loaded: cfgmgr32.dll | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Section loaded: linkinfo.dll | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Section loaded: ntshrui.dll | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Section loaded: cscapi.dll | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Section loaded: apphelp.dll | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Section loaded: dlnashext.dll | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Section loaded: wpdshext.dll | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Section loaded: urlmon.dll | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Section loaded: iertutil.dll | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Section loaded: ntmarta.dll | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Section loaded: coremessaging.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgentPatcher.exe | Section loaded: apphelp.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgentPatcher.exe | Section loaded: dbghelp.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgentPatcher.exe | Section loaded: winhttp.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgentPatcher.exe | Section loaded: netapi32.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgentPatcher.exe | Section loaded: version.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgentPatcher.exe | Section loaded: userenv.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgentPatcher.exe | Section loaded: wtsapi32.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgentPatcher.exe | Section loaded: activeds.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgentPatcher.exe | Section loaded: gpedit.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgentPatcher.exe | Section loaded: msi.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgentPatcher.exe | Section loaded: rstrtmgr.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgentPatcher.exe | Section loaded: iphlpapi.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgentPatcher.exe | Section loaded: winmm.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgentPatcher.exe | Section loaded: mpr.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgentPatcher.exe | Section loaded: adsldpc.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgentPatcher.exe | Section loaded: ncrypt.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgentPatcher.exe | Section loaded: gpapi.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgentPatcher.exe | Section loaded: dssec.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgentPatcher.exe | Section loaded: dsuiext.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgentPatcher.exe | Section loaded: framedynos.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgentPatcher.exe | Section loaded: sspicli.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgentPatcher.exe | Section loaded: netutils.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgentPatcher.exe | Section loaded: dsrole.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgentPatcher.exe | Section loaded: logoncli.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgentPatcher.exe | Section loaded: netutils.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgentPatcher.exe | Section loaded: ntdsapi.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgentPatcher.exe | Section loaded: authz.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgentPatcher.exe | Section loaded: srvcli.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgentPatcher.exe | Section loaded: cryptbase.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgentPatcher.exe | Section loaded: ntasn1.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgentPatcher.exe | Section loaded: windows.storage.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgentPatcher.exe | Section loaded: wintypes.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgentPatcher.exe | Section loaded: profapi.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgentPatcher.exe | Section loaded: cfgmgr32.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgentPatcher.exe | Section loaded: kernel.appcore.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgentPatcher.exe | Section loaded: secur32.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgentPatcher.exe | Section loaded: mswsock.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgentPatcher.exe | Section loaded: dnsapi.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgentPatcher.exe | Section loaded: rasadhlp.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgentPatcher.exe | Section loaded: fwpuclnt.dll | Jump to behavior |
| Source: C:\Windows\SysWOW64\icacls.exe | Section loaded: ntmarta.dll | Jump to behavior |
| Source: C:\Windows\SysWOW64\cmd.exe | Section loaded: kernel.appcore.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgent.exe | Section loaded: dbghelp.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgent.exe | Section loaded: winhttp.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgent.exe | Section loaded: wsock32.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgent.exe | Section loaded: iphlpapi.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgent.exe | Section loaded: netapi32.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgent.exe | Section loaded: version.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgent.exe | Section loaded: userenv.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgent.exe | Section loaded: mpr.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgent.exe | Section loaded: wtsapi32.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgent.exe | Section loaded: activeds.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgent.exe | Section loaded: gpedit.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgent.exe | Section loaded: msi.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgent.exe | Section loaded: secur32.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgent.exe | Section loaded: msimg32.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgent.exe | Section loaded: uxtheme.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgent.exe | Section loaded: wevtapi.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgent.exe | Section loaded: powrprof.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgent.exe | Section loaded: oleacc.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgent.exe | Section loaded: winmm.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgent.exe | Section loaded: adsldpc.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgent.exe | Section loaded: gpapi.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgent.exe | Section loaded: dssec.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgent.exe | Section loaded: dsuiext.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgent.exe | Section loaded: framedynos.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgent.exe | Section loaded: authz.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgent.exe | Section loaded: dsrole.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgent.exe | Section loaded: logoncli.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgent.exe | Section loaded: netutils.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgent.exe | Section loaded: ntdsapi.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgent.exe | Section loaded: sspicli.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgent.exe | Section loaded: dbgcore.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgent.exe | Section loaded: samcli.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgent.exe | Section loaded: srvcli.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgent.exe | Section loaded: cryptbase.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgent.exe | Section loaded: cfgmgr32.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgent.exe | Section loaded: umpdc.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgent.exe | Section loaded: msasn1.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgent.exe | Section loaded: windows.storage.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgent.exe | Section loaded: wintypes.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgent.exe | Section loaded: profapi.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgent.exe | Section loaded: kernel.appcore.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgent.exe | Section loaded: mswsock.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgent.exe | Section loaded: dnsapi.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgent.exe | Section loaded: fwpuclnt.dll | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgent.exe | Section loaded: rasadhlp.dll | Jump to behavior |
| Source: C:\Windows\SysWOW64\cmd.exe | Section loaded: kernel.appcore.dll | Jump to behavior |
| Source: C:\Windows\SysWOW64\sc.exe | Section loaded: kernel.appcore.dll | Jump to behavior |
| Source: C:\Windows\System32\svchost.exe | Section loaded: kernel.appcore.dll | Jump to behavior |
| Source: C:\Windows\System32\svchost.exe | Section loaded: flightsettings.dll | Jump to behavior |
| Source: C:\Windows\System32\svchost.exe | Section loaded: policymanager.dll | Jump to behavior |
| Source: C:\Windows\System32\svchost.exe | Section loaded: msvcp110_win.dll | Jump to behavior |
| Source: C:\Windows\System32\svchost.exe | Section loaded: fcon.dll | Jump to behavior |
| Source: C:\Windows\System32\svchost.exe | Section loaded: onecorecommonproxystub.dll | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Queries volume information: C:\ VolumeInformation | Jump to behavior |
| Source: C:\Windows\System32\msiexec.exe | Queries volume information: C:\ VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Users\user\AppData\Local\Temp VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Users\user\AppData\Local\Temp VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\ VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Users VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Users\user VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Users\user\AppData VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Users\user\AppData\Local VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Users\user\AppData\Local\Temp VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\ VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Users VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Users\user VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Users\user\AppData VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Users\user\AppData\Local VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Users\user\AppData\Local\Temp VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Users\user\AppData\Local\Temp\be29e7f1-71ae-4703-50cb-1d52be512f51 VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\ VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Users VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Users\user VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Users\user\AppData VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Users\user\AppData\Local VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Users\user\AppData\Local\Temp VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Users\user\AppData\Local\Temp\be29e7f1-71ae-4703-50cb-1d52be512f51 VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\ VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86) VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\ VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86) VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901 VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\CabArc.Exe VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\CabArc.Exe VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\CabArc.Exe VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\curl-ca-bundle.crt VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\curl-ca-bundle.crt VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\curl-ca-bundle.crt VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\wevtutil.exe VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\wevtutil.exe VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\wevtutil.exe VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgent.exe VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgent.exe VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgent.exe VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgentPatcher.exe VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\curl.exe VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\curl.exe VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\curl.exe VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\uninstall-ninja.exe VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\ VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86) VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901 VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\uninstall.exe VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\ VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\Uninstall NinjaRMMAgent.lnk VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\ VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86) VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901 VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\uninstall.exe VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\uninstall.dat VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\ VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86) VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901 VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\ VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\ VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86) VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901 VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\ VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901 VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\ VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86) VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901 VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\ VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86) VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901 VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\ VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86) VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901 VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\ VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\ VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86) VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901 VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\ VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86) VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901 VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\ VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86) VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\ VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\ VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86) VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901 VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\ VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86) VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901 VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\ VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901 VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\ VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\ VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901 VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\ VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86) VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\ VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\ VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\ VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\ VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86) VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901 VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\ VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\ VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\ VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86) VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901 VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\ VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\ VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86) VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901 VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\ VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86) VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\ VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86) VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901 VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\ VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86) VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\ VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\ VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\ VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86) VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901 VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\ VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86) VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901 VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\ VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86) VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901 VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\ VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86) VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901 VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\ VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86) VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901 VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\ VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86) VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\ VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901 VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\ VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86) VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901 VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\ VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\ VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\ VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901 VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\ VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86) VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901 VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\ VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901 VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\ VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\ VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86) VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901 VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\ VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86) VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\ VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86) VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901 VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\ VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86) VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\ VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\ VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86) VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901 VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\ VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86) VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\ VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901 VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\ VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\ VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86) VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901 VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\ VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86) VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901 VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\ VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86) VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901 VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\ VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86) VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901 VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\ VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86) VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\ VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86) VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901 VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\uninstbr.000 VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\uninstall.dat VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\uninstall.dat.new VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\uninstall.exe VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\uninstbr.000 VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\uninstall.exe VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\uninstall.exe VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\uninstall.exe VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\uninstall.exe VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\uninstall.exe VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\uninstall-ninja.exe VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\uninstall.exe VolumeInformation | Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\MW-68d31af7-1d04-4be1-bbce-ee7f4f69dc37\files\9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe | Queries volume information: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\uninstall-ninja.exe VolumeInformation | Jump to behavior |
| Source: C:\Program Files (x86)\wayneenterprisesbatcave-6.0.1901\NinjaRMMAgentPatcher.exe | Queries volume information: C:\ VolumeInformation | Jump to behavior |
Edit tour
msiexec.exe (PID: 6196 cmdline: 
cmd.exe (PID: 6760 cmdline: 
icacls.exe (PID: 3032 cmdline: 
9b2f5ed9-ea12-469a-a70d-8fc17e8d6252-wayneenterprisesbatcave-6.0.1901-windows-installer.exe (PID: 6108 cmdline: 
NinjaRMMAgentPatcher.exe (PID: 2232 cmdline: 
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet
Key Decision
Richest Path
Thread / callback creation
Lower opacity -> Library Node