Source: C:\Users\user\Desktop\Update-KB6125-x86.exe |
Code function: 0_2_00406360 GetFileAttributesA,lstrcpyA,lstrcatA,lstrcatA,FindFirstFileA,GetLastError,lstrcmpA,lstrcmpA,lstrcmpA,lstrcpyA,lstrcatA,lstrcatA,lstrcpyA,lstrcatA,FindNextFileA,FindClose, |
0_2_00406360 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: global traffic |
DNS traffic detected: DNS query: yahoo.com |
Source: global traffic |
DNS traffic detected: DNS query: mta6.am0.yahoodns.net |
Source: global traffic |
DNS traffic detected: DNS query: www4.cedesunjerinkas.com |
Source: global traffic |
DNS traffic detected: DNS query: mta7.am0.yahoodns.net |
Source: global traffic |
DNS traffic detected: DNS query: mta5.am0.yahoodns.net |
Source: global traffic |
DNS traffic detected: DNS query: gmail.com |
Source: global traffic |
DNS traffic detected: DNS query: alt1.gmail-smtp-in.l.google.com |
Source: global traffic |
DNS traffic detected: DNS query: gmail-smtp-in.l.google.com |
Source: global traffic |
DNS traffic detected: DNS query: alt2.gmail-smtp-in.l.google.com |
Source: global traffic |
DNS traffic detected: DNS query: alt3.gmail-smtp-in.l.google.com |
Source: global traffic |
DNS traffic detected: DNS query: alt4.gmail-smtp-in.l.google.com |
Source: global traffic |
DNS traffic detected: DNS query: hotmail.com |
Source: global traffic |
DNS traffic detected: DNS query: hotmail-com.olc.protection.outlook.com |
Source: C:\Users\user\Desktop\Update-KB6125-x86.exe |
Code function: 0_2_00423D83: QueryDosDeviceA,lstrcpyA,lstrcatA,GetLastError,lstrcpyA,lstrcatA,DefineDosDeviceA,GetLastError,lstrcpyA,lstrcatA,CreateFileA,DeviceIoControl,GetLastError,GetLastError,DefineDosDeviceA,GetLastError, |
0_2_00423D83 |
Source: C:\Users\user\Desktop\Update-KB6125-x86.exe |
Code function: 0_2_00411800 |
0_2_00411800 |
Source: C:\Users\user\Desktop\Update-KB6125-x86.exe |
Code function: 0_2_004108D0 |
0_2_004108D0 |
Source: C:\Users\user\Desktop\Update-KB6125-x86.exe |
Code function: 0_2_0040C8E0 |
0_2_0040C8E0 |
Source: C:\Users\user\Desktop\Update-KB6125-x86.exe |
Code function: 0_2_0040F0E9 |
0_2_0040F0E9 |
Source: C:\Users\user\Desktop\Update-KB6125-x86.exe |
Code function: 0_2_00410907 |
0_2_00410907 |
Source: C:\Users\user\Desktop\Update-KB6125-x86.exe |
Code function: 0_2_00404110 |
0_2_00404110 |
Source: C:\Users\user\Desktop\Update-KB6125-x86.exe |
Code function: 0_2_00409119 |
0_2_00409119 |
Source: C:\Users\user\Desktop\Update-KB6125-x86.exe |
Code function: 0_2_0040F1C7 |
0_2_0040F1C7 |
Source: C:\Users\user\Desktop\Update-KB6125-x86.exe |
Code function: 0_2_0040C1D0 |
0_2_0040C1D0 |
Source: C:\Users\user\Desktop\Update-KB6125-x86.exe |
Code function: 0_2_00404990 |
0_2_00404990 |
Source: C:\Users\user\Desktop\Update-KB6125-x86.exe |
Code function: 0_2_004091A7 |
0_2_004091A7 |
Source: C:\Users\user\Desktop\Update-KB6125-x86.exe |
Code function: 0_2_0040E246 |
0_2_0040E246 |
Source: C:\Users\user\Desktop\Update-KB6125-x86.exe |
Code function: 0_2_00428A08 |
0_2_00428A08 |
Source: C:\Users\user\Desktop\Update-KB6125-x86.exe |
Code function: 0_2_00425214 |
0_2_00425214 |
Source: C:\Users\user\Desktop\Update-KB6125-x86.exe |
Code function: 0_2_00405310 |
0_2_00405310 |
Source: C:\Users\user\Desktop\Update-KB6125-x86.exe |
Code function: 0_2_00408BC0 |
0_2_00408BC0 |
Source: C:\Users\user\Desktop\Update-KB6125-x86.exe |
Code function: 0_2_00415BD0 |
0_2_00415BD0 |
Source: C:\Users\user\Desktop\Update-KB6125-x86.exe |
Code function: 0_2_0041B3D0 |
0_2_0041B3D0 |
Source: C:\Users\user\Desktop\Update-KB6125-x86.exe |
Code function: 0_2_0040DBF0 |
0_2_0040DBF0 |
Source: C:\Users\user\Desktop\Update-KB6125-x86.exe |
Code function: 0_2_0041E3A0 |
0_2_0041E3A0 |
Source: C:\Users\user\Desktop\Update-KB6125-x86.exe |
Code function: 0_2_00409436 |
0_2_00409436 |
Source: C:\Users\user\Desktop\Update-KB6125-x86.exe |
Code function: 0_2_00409CF7 |
0_2_00409CF7 |
Source: C:\Users\user\Desktop\Update-KB6125-x86.exe |
Code function: 0_2_0041BD00 |
0_2_0041BD00 |
Source: C:\Users\user\Desktop\Update-KB6125-x86.exe |
Code function: 0_2_0040EDE0 |
0_2_0040EDE0 |
Source: C:\Users\user\Desktop\Update-KB6125-x86.exe |
Code function: 0_2_0040DE56 |
0_2_0040DE56 |
Source: C:\Users\user\Desktop\Update-KB6125-x86.exe |
Code function: 0_2_0041C660 |
0_2_0041C660 |
Source: C:\Users\user\Desktop\Update-KB6125-x86.exe |
Code function: 0_2_00410670 |
0_2_00410670 |
Source: C:\Users\user\Desktop\Update-KB6125-x86.exe |
Code function: 0_2_0040E676 |
0_2_0040E676 |
Source: C:\Users\user\Desktop\Update-KB6125-x86.exe |
Code function: 0_2_00409F47 |
0_2_00409F47 |
Source: C:\Users\user\Desktop\Update-KB6125-x86.exe |
Code function: 0_2_0040EF78 |
0_2_0040EF78 |
Source: C:\Users\user\Desktop\Update-KB6125-x86.exe |
Code function: 0_2_0040FF30 |
0_2_0040FF30 |
Source: C:\Users\user\Desktop\Update-KB6125-x86.exe |
Code function: 0_2_00405F30 |
0_2_00405F30 |
Source: C:\Users\user\Desktop\Update-KB6125-x86.exe |
Section loaded: apphelp.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Update-KB6125-x86.exe |
Section loaded: acgenral.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Update-KB6125-x86.exe |
Section loaded: uxtheme.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Update-KB6125-x86.exe |
Section loaded: winmm.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Update-KB6125-x86.exe |
Section loaded: samcli.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Update-KB6125-x86.exe |
Section loaded: msacm32.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Update-KB6125-x86.exe |
Section loaded: version.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Update-KB6125-x86.exe |
Section loaded: userenv.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Update-KB6125-x86.exe |
Section loaded: dwmapi.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Update-KB6125-x86.exe |
Section loaded: urlmon.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Update-KB6125-x86.exe |
Section loaded: mpr.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Update-KB6125-x86.exe |
Section loaded: sspicli.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Update-KB6125-x86.exe |
Section loaded: winmmbase.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Update-KB6125-x86.exe |
Section loaded: winmmbase.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Update-KB6125-x86.exe |
Section loaded: iertutil.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Update-KB6125-x86.exe |
Section loaded: srvcli.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Update-KB6125-x86.exe |
Section loaded: netutils.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Update-KB6125-x86.exe |
Section loaded: aclayers.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Update-KB6125-x86.exe |
Section loaded: sfc.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Update-KB6125-x86.exe |
Section loaded: sfc_os.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Update-KB6125-x86.exe |
Section loaded: cmut449c14b7.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Update-KB6125-x86.exe |
Section loaded: ntmarta.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Update-KB6125-x86.exe |
Section loaded: textshaping.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Update-KB6125-x86.exe |
Section loaded: kernel.appcore.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Update-KB6125-x86.exe |
Section loaded: textinputframework.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Update-KB6125-x86.exe |
Section loaded: coreuicomponents.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Update-KB6125-x86.exe |
Section loaded: coremessaging.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Update-KB6125-x86.exe |
Section loaded: coremessaging.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Update-KB6125-x86.exe |
Section loaded: wintypes.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Update-KB6125-x86.exe |
Section loaded: wintypes.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Update-KB6125-x86.exe |
Section loaded: wintypes.dll |
Jump to behavior |
Source: C:\Windows\tserv.exe |
Section loaded: apphelp.dll |
Jump to behavior |
Source: C:\Windows\tserv.exe |
Section loaded: cmut449c14b7.dll |
Jump to behavior |
Source: C:\Windows\tserv.exe |
Section loaded: wininet.dll |
Jump to behavior |
Source: C:\Windows\tserv.exe |
Section loaded: dnsapi.dll |
Jump to behavior |
Source: C:\Windows\tserv.exe |
Section loaded: iphlpapi.dll |
Jump to behavior |
Source: C:\Windows\tserv.exe |
Section loaded: cmut449c14b7.dll |
Jump to behavior |
Source: C:\Windows\tserv.exe |
Section loaded: iertutil.dll |
Jump to behavior |
Source: C:\Windows\tserv.exe |
Section loaded: sspicli.dll |
Jump to behavior |
Source: C:\Windows\tserv.exe |
Section loaded: windows.storage.dll |
Jump to behavior |
Source: C:\Windows\tserv.exe |
Section loaded: wldp.dll |
Jump to behavior |
Source: C:\Windows\tserv.exe |
Section loaded: profapi.dll |
Jump to behavior |
Source: C:\Windows\tserv.exe |
Section loaded: kernel.appcore.dll |
Jump to behavior |
Source: C:\Windows\tserv.exe |
Section loaded: ondemandconnroutehelper.dll |
Jump to behavior |
Source: C:\Windows\tserv.exe |
Section loaded: winhttp.dll |
Jump to behavior |
Source: C:\Windows\tserv.exe |
Section loaded: mswsock.dll |
Jump to behavior |
Source: C:\Windows\tserv.exe |
Section loaded: winnsi.dll |
Jump to behavior |
Source: C:\Windows\tserv.exe |
Section loaded: napinsp.dll |
Jump to behavior |
Source: C:\Windows\tserv.exe |
Section loaded: pnrpnsp.dll |
Jump to behavior |
Source: C:\Windows\tserv.exe |
Section loaded: wshbth.dll |
Jump to behavior |
Source: C:\Windows\tserv.exe |
Section loaded: nlaapi.dll |
Jump to behavior |
Source: C:\Windows\tserv.exe |
Section loaded: winrnr.dll |
Jump to behavior |
Source: C:\Windows\tserv.exe |
Section loaded: urlmon.dll |
Jump to behavior |
Source: C:\Windows\tserv.exe |
Section loaded: srvcli.dll |
Jump to behavior |
Source: C:\Windows\tserv.exe |
Section loaded: netutils.dll |
Jump to behavior |
Source: C:\Windows\tserv.exe |
Section loaded: rasadhlp.dll |
Jump to behavior |
Source: C:\Windows\tserv.exe |
Section loaded: fwpuclnt.dll |
Jump to behavior |
Source: C:\Windows\tserv.exe |
Section loaded: cmut449c14b7.dll |
Jump to behavior |
Source: C:\Windows\tserv.exe |
Section loaded: wininet.dll |
Jump to behavior |
Source: C:\Windows\tserv.exe |
Section loaded: dnsapi.dll |
Jump to behavior |
Source: C:\Windows\tserv.exe |
Section loaded: iphlpapi.dll |
Jump to behavior |
Source: C:\Windows\tserv.exe |
Section loaded: cmut449c14b7.dll |
Jump to behavior |
Source: C:\Windows\tserv.exe |
Section loaded: napinsp.dll |
Jump to behavior |
Source: C:\Windows\tserv.exe |
Section loaded: pnrpnsp.dll |
Jump to behavior |
Source: C:\Windows\tserv.exe |
Section loaded: wshbth.dll |
Jump to behavior |
Source: C:\Windows\tserv.exe |
Section loaded: nlaapi.dll |
Jump to behavior |
Source: C:\Windows\tserv.exe |
Section loaded: mswsock.dll |
Jump to behavior |
Source: C:\Windows\tserv.exe |
Section loaded: winrnr.dll |
Jump to behavior |
Source: C:\Windows\tserv.exe |
Section loaded: iertutil.dll |
Jump to behavior |
Source: C:\Windows\tserv.exe |
Section loaded: sspicli.dll |
Jump to behavior |
Source: C:\Windows\tserv.exe |
Section loaded: windows.storage.dll |
Jump to behavior |
Source: C:\Windows\tserv.exe |
Section loaded: wldp.dll |
Jump to behavior |
Source: C:\Windows\tserv.exe |
Section loaded: fwpuclnt.dll |
Jump to behavior |
Source: C:\Windows\tserv.exe |
Section loaded: profapi.dll |
Jump to behavior |
Source: C:\Windows\tserv.exe |
Section loaded: rasadhlp.dll |
Jump to behavior |
Source: C:\Windows\tserv.exe |
Section loaded: kernel.appcore.dll |
Jump to behavior |
Source: C:\Windows\tserv.exe |
Section loaded: ondemandconnroutehelper.dll |
Jump to behavior |
Source: C:\Windows\tserv.exe |
Section loaded: winhttp.dll |
Jump to behavior |
Source: C:\Windows\tserv.exe |
Section loaded: winnsi.dll |
Jump to behavior |
Source: C:\Windows\tserv.exe |
Section loaded: urlmon.dll |
Jump to behavior |
Source: C:\Windows\tserv.exe |
Section loaded: srvcli.dll |
Jump to behavior |
Source: C:\Windows\tserv.exe |
Section loaded: netutils.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\Update-KB6125-x86.exe |
Code function: 0_2_0041D159 GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,LoadLibraryA,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,LoadLibraryA,GetProcAddress,GetProcAddress,LoadLibraryA,GetProcAddress,GetProcAddress, |
0_2_0041D159 |
Source: C:\Users\user\Desktop\Update-KB6125-x86.exe |
Code function: 0_2_00406360 GetFileAttributesA,lstrcpyA,lstrcatA,lstrcatA,FindFirstFileA,GetLastError,lstrcmpA,lstrcmpA,lstrcmpA,lstrcpyA,lstrcatA,lstrcatA,lstrcpyA,lstrcatA,FindNextFileA,FindClose, |
0_2_00406360 |
Source: C:\Users\user\Desktop\Update-KB6125-x86.exe |
Code function: 0_2_0041F830 GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,CloseHandle,CloseHandle,CloseHandle,CloseHandle,CloseHandle,CloseHandle,SetEvent,Sleep, |
0_2_0041F830 |
Source: C:\Users\user\Desktop\Update-KB6125-x86.exe |
Code function: 0_2_00423260 GetProcessHeap,HeapAlloc,HeapAlloc,HeapAlloc,HeapFree,HeapAlloc,HeapFree,HeapFree,HeapFree,HeapAlloc,HeapFree,HeapFree,HeapFree,HeapAlloc,HeapFree,HeapFree,HeapFree,HeapFree,HeapAlloc,HeapFree,HeapFree,HeapFree,HeapFree,HeapFree,InitializeSecurityDescriptor,GetCurrentProcess,OpenProcessToken,GetTokenInformation,GetTokenInformation,GetTokenInformation,GetTokenInformation,SetSecurityDescriptorOwner,SetSecurityDescriptorGroup,AllocateAndInitializeSid,GetLengthSid,AddAce,AllocateAndInitializeSid,GetLengthSid,AddAce,AllocateAndInitializeSid,GetLengthSid,AddAce,IsValidSecurityDescriptor, |
0_2_00423260 |