Source: C:\Windows\SysWOW64\mspaint.exe |
File created: C:\Windows\Debug\WIA |
Jump to behavior |
Source: C:\Windows\SysWOW64\mspaint.exe |
File read: C:\Users\desktop.ini |
Jump to behavior |
Source: C:\Windows\SysWOW64\mspaint.exe |
Key value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{926749fa-2615-4987-8845-c33e65f2b957}\InProcServer32 |
Jump to behavior |
Source: C:\Windows\SysWOW64\mspaint.exe |
Key opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers |
Jump to behavior |
Source: classification engine |
Classification label: clean1.winJPG@1/0@0/0 |
Source: C:\Windows\SysWOW64\mspaint.exe |
File opened: C:\Windows\SysWOW64\MSFTEDIT.DLL |
Jump to behavior |
Source: 1_[NOM DE BASE]-[PAGE ACTUELLE]REF-9263GN_DOC01-1 CA.jpg |
Static file information: File size 1049884 > 1048576 |
Source: C:\Windows\SysWOW64\mspaint.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\SysWOW64\mspaint.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\SysWOW64\mspaint.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\SysWOW64\mspaint.exe |
Process information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\SysWOW64\mspaint.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\SysWOW64\mspaint.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\SysWOW64\mspaint.exe |
Process information queried: ProcessInformation |
Jump to behavior |
Source: C:\Windows\SysWOW64\mspaint.exe |
Queries volume information: C:\Users\user\Desktop\1_[NOM DE BASE]-[PAGE ACTUELLE]REF-9263GN_DOC01-1 CA.jpg VolumeInformation |
Jump to behavior |