Source: SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Virustotal: Detection: 20% |
Perma Link |
Source: SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Static PE information: RELOCS_STRIPPED, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, 32BIT_MACHINE |
Source: |
Binary string: C:\Users\misha\source\repos\ClipperOffline\x64\Release\Clipper.pdb&& source: SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe, 00000000.00000002.252701478.00000000004B1000.00000004.00000001.01000000.00000003.sdmp, SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe, 00000000.00000003.251872203.00000000001E0000.00000040.00001000.00020000.00000000.sdmp |
Source: |
Binary string: C:\Users\misha\source\repos\ClipperOffline\x64\Release\Clipper.pdb source: SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe, SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe, 00000000.00000002.252701478.00000000004B1000.00000004.00000001.01000000.00000003.sdmp, SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe, 00000000.00000003.251872203.00000000001E0000.00000040.00001000.00020000.00000000.sdmp |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Code function: 4x nop then sub esp, 1Ch |
0_2_0042D140 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Code function: 4x nop then sub esp, 1Ch |
0_2_0041405C |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Code function: 4x nop then sub esp, 1Ch |
0_2_00414025 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Code function: 4x nop then sub esp, 1Ch |
0_2_00414093 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Code function: 4x nop then sub esp, 1Ch |
0_2_00414129 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Code function: 4x nop then mov eax, ecx |
0_2_004951C0 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Code function: 4x nop then sub esp, 1Ch |
0_2_004141F5 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Code function: 4x nop then sub esp, 1Ch |
0_2_004141BE |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Code function: 4x nop then sub esp, 1Ch |
0_2_0041422C |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Code function: 4x nop then sub esp, 1Ch |
0_2_00413AC0 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Code function: 4x nop then sub esp, 1Ch |
0_2_0042CD50 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Code function: 4x nop then sub edx, 01h |
0_2_0042CD30 |
Source: SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
String found in binary or memory: https://gcc.gnu.org/bugs/): |
Source: SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe, 00000000.00000002.252858338.0000000000A7A000.00000004.00000020.00020000.00000000.sdmp |
Binary or memory string: <HOOK MODULE="DDRAW.DLL" FUNCTION="DirectDrawCreateEx"/> |
|
Source: SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Static PE information: RELOCS_STRIPPED, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, 32BIT_MACHINE |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe |
Section loaded: vcruntime140_1.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Code function: 0_2_0043E020 |
0_2_0043E020 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Code function: 0_2_00420150 |
0_2_00420150 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Code function: 0_2_004441D0 |
0_2_004441D0 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Code function: 0_2_004511E0 |
0_2_004511E0 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Code function: 0_2_00423270 |
0_2_00423270 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Code function: 0_2_00443270 |
0_2_00443270 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Code function: 0_2_00453200 |
0_2_00453200 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Code function: 0_2_0041D3F0 |
0_2_0041D3F0 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Code function: 0_2_0044C420 |
0_2_0044C420 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Code function: 0_2_0041D430 |
0_2_0041D430 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Code function: 0_2_004274B0 |
0_2_004274B0 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Code function: 0_2_00441540 |
0_2_00441540 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Code function: 0_2_00442560 |
0_2_00442560 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Code function: 0_2_00457520 |
0_2_00457520 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Code function: 0_2_0041B5D0 |
0_2_0041B5D0 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Code function: 0_2_0044E660 |
0_2_0044E660 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Code function: 0_2_00452750 |
0_2_00452750 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Code function: 0_2_0044B920 |
0_2_0044B920 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Code function: 0_2_004219C0 |
0_2_004219C0 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Code function: 0_2_00425A80 |
0_2_00425A80 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Code function: 0_2_0045EC00 |
0_2_0045EC00 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Code function: 0_2_00461C00 |
0_2_00461C00 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Code function: 0_2_00429C20 |
0_2_00429C20 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Code function: 0_2_0041DC90 |
0_2_0041DC90 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Code function: 0_2_00451C90 |
0_2_00451C90 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Code function: 0_2_00453D50 |
0_2_00453D50 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Code function: 0_2_0044EE10 |
0_2_0044EE10 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Code function: 0_2_0044DED0 |
0_2_0044DED0 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Code function: 0_2_0044CED0 |
0_2_0044CED0 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Code function: 0_2_0044AEF0 |
0_2_0044AEF0 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Code function: String function: 004A2EF0 appears 43 times |
|
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Code function: String function: 00494F00 appears 516 times |
|
Source: SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Static PE information: Number of sections : 16 > 10 |
Source: SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Virustotal: Detection: 20% |
Source: SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Static PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_ALIGN_1BYTES, IMAGE_SCN_ALIGN_4BYTES, IMAGE_SCN_ALIGN_8BYTES, IMAGE_SCN_ALIGN_16BYTES, IMAGE_SCN_ALIGN_32BYTES, IMAGE_SCN_ALIGN_64BYTES, IMAGE_SCN_ALIGN_256BYTES, IMAGE_SCN_ALIGN_1024BYTES, IMAGE_SCN_ALIGN_2048BYTES, IMAGE_SCN_ALIGN_4096BYTES, IMAGE_SCN_ALIGN_8192BYTES, IMAGE_SCN_ALIGN_MASK, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Key opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers |
Jump to behavior |
Source: unknown |
Process created: C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe "C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe" |
|
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 |
|
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Process created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe |
|
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe |
Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 |
|
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Process created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe |
Jump to behavior |
Source: C:\Windows\System32\conhost.exe |
Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:151576:120:WilError_01 |
Source: C:\Windows\System32\conhost.exe |
Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:5084:120:WilError_01 |
Source: SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
String found in binary or memory: -stop |
Source: SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
String found in binary or memory: -stop |
Source: classification engine |
Classification label: mal64.evad.winEXE@5/1@0/0 |
Source: SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Static file information: File size 2488287 > 1048576 |
Source: |
Binary string: C:\Users\misha\source\repos\ClipperOffline\x64\Release\Clipper.pdb&& source: SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe, 00000000.00000002.252701478.00000000004B1000.00000004.00000001.01000000.00000003.sdmp, SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe, 00000000.00000003.251872203.00000000001E0000.00000040.00001000.00020000.00000000.sdmp |
Source: |
Binary string: C:\Users\misha\source\repos\ClipperOffline\x64\Release\Clipper.pdb source: SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe, SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe, 00000000.00000002.252701478.00000000004B1000.00000004.00000001.01000000.00000003.sdmp, SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe, 00000000.00000003.251872203.00000000001E0000.00000040.00001000.00020000.00000000.sdmp |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Code function: 0_2_0047A0C0 push edx; mov dword ptr [esp], ebx |
0_2_0047A407 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Code function: 0_2_0047A0C0 push eax; mov dword ptr [esp], ebx |
0_2_0047A433 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Code function: 0_2_00467140 push eax; mov dword ptr [esp], ebx |
0_2_00467726 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Code function: 0_2_004661E0 push eax; mov dword ptr [esp], ebx |
0_2_004667E0 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Code function: 0_2_004792C0 push edx; mov dword ptr [esp], ebx |
0_2_0047951F |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Code function: 0_2_004792C0 push eax; mov dword ptr [esp], ebx |
0_2_00479539 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Code function: 0_2_00471280 push eax; mov dword ptr [esp], ebx |
0_2_0047144B |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Code function: 0_2_004694F0 push eax; mov dword ptr [esp], ebx |
0_2_004696D5 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Code function: 0_2_00476600 push eax; mov dword ptr [esp], ebx |
0_2_00476734 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Code function: 0_2_00493680 push eax; mov dword ptr [esp], esi |
0_2_004A8EDD |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Code function: 0_2_0047A6A0 push edx; mov dword ptr [esp], ebx |
0_2_0047A9E7 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Code function: 0_2_0047A6A0 push eax; mov dword ptr [esp], ebx |
0_2_0047AA13 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Code function: 0_2_00467760 push eax; mov dword ptr [esp], ebx |
0_2_00467D46 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Code function: 0_2_00476860 push eax; mov dword ptr [esp], ebx |
0_2_00476993 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Code function: 0_2_00466820 push eax; mov dword ptr [esp], ebx |
0_2_00466E20 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Code function: 0_2_00493820 push eax; mov dword ptr [esp], esi |
0_2_004A8EDD |
Source: SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Static PE information: section name: /4 |
Source: SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Static PE information: section name: /14 |
Source: SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Static PE information: section name: /29 |
Source: SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Static PE information: section name: /41 |
Source: SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Static PE information: section name: /55 |
Source: SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Static PE information: section name: /67 |
Source: SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Static PE information: section name: /80 |
Source: SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Static PE information: section name: /91 |
Source: SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Static PE information: section name: /102 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Code function: 0_2_004014E0 GetModuleHandleA,LoadLibraryA,GetProcAddress,GetProcAddress,GetProcAddress, |
0_2_004014E0 |
Source: C:\Windows\System32\conhost.exe |
Last function: Thread delayed |
Source: C:\Windows\System32\conhost.exe |
Last function: Thread delayed |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
API coverage: 7.0 % |
Source: all processes |
Thread injection, dropped files, key value created, disk infection and DNS query: no activity detected |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Code function: 0_2_004C2D6C mov eax, dword ptr fs:[00000030h] |
0_2_004C2D6C |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Code function: 0_2_004014E0 GetModuleHandleA,LoadLibraryA,GetProcAddress,GetProcAddress,GetProcAddress, |
0_2_004014E0 |
Source: all processes |
Thread injection, dropped files, key value created, disk infection and DNS query: no activity detected |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Code function: 0_2_0040115C Sleep,Sleep,SetUnhandledExceptionFilter,__p__acmdln,malloc,strlen,malloc,memcpy,__initenv,_cexit,_amsg_exit,_initterm,GetStartupInfoA,_initterm,exit, |
0_2_0040115C |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Code function: 0_2_00401150 Sleep,SetUnhandledExceptionFilter,__p__acmdln,malloc,strlen,malloc,memcpy,__initenv,_cexit, |
0_2_00401150 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Code function: 0_2_004013C9 SetUnhandledExceptionFilter,__p__acmdln,malloc,strlen,malloc,memcpy,__initenv,_cexit,_amsg_exit,_initterm, |
0_2_004013C9 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Code function: 0_2_0041BE6C SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,abort, |
0_2_0041BE6C |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Code function: 0_2_0041BE70 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,abort, |
0_2_0041BE70 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe base: 820000 |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe base: 7A3008 |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Code function: 0_2_004C2DA1 CreateProcessW,GetThreadContext,ReadProcessMemory,VirtualAlloc,VirtualAllocEx,WriteProcessMemory,VirtualProtectEx,VirtualProtectEx,VirtualFree,WriteProcessMemory,SetThreadContext, |
0_2_004C2DA1 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Memory allocated: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe base: 820000 protect: page execute and read and write |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe base: 820000 value starts with: 4D5A |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Process created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.AIDetect.malware2.13557.16812.exe |
Code function: 0_2_0041BDC0 GetSystemTimeAsFileTime,GetCurrentProcessId,GetCurrentThreadId,GetTickCount,QueryPerformanceCounter, |
0_2_0041BDC0 |