Windows Analysis Report
AutoClick Smart cortesia de bb-fans.jimdo.com.exe

Overview

General Information

Sample name:	AutoClick Smart cortesia de bb-fans.jimdo.com.exe
Analysis ID:	1502469
MD5:	e064db65f591ebb637aa2ca532b7ec35
SHA1:	33fc69dce99767997a4ee0cc3398cdf82bbc6417
SHA256:	ff4234e650d0ba4b296f099c3bb00995f64d43570da258906208e1e1681a45ad
Tags:	exe
Infos:

Detection

Score:	52
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Multi AV Scanner detection for submitted file

Uses Windows timers to delay execution

Allocates memory with a write watch (potentially for evading sandboxes)

Detected potential crypto function

Program does not show much activity (idle)

Queries the volume information (name, serial number etc) of a device

Sample file is different than original file name gathered from version info

Uses 32bit PE files

Classification

Signatures

AV Detection

Multi AV Scanner detection for submitted file

Source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe	ReversingLabs: Detection: 18%
Source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Virustotal: Detection: 34%			Perma Link

Uses 32bit PE files

Source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe

Static PE information: EXECUTABLE_IMAGE, 32BIT_MACHINE

Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe

File opened: C:\Windows\WinSxS\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.9672_none_88e266cb2fac7c0d\MSVCR80.dll

Jump to behavior

Source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe

Static PE information: DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE

Source:

Binary string: C:\Users\AntHoniO\AppData\Local\Temporary Projects\22\obj\Debug\22.pdb source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe

Source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe, 00000000.00000002.2889507835.000000001D0C2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0
Source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe	String found in binary or memory: http://www.bb-fans.jimdo.com
Source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe, 00000000.00000002.2889507835.000000001D0C2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://www.carterandcone.coml
Source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe, 00000000.00000002.2889507835.000000001D0C2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://www.fontbureau.com
Source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe, 00000000.00000002.2889507835.000000001D0C2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://www.fontbureau.com/designers
Source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe, 00000000.00000002.2889507835.000000001D0C2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://www.fontbureau.com/designers/?
Source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe, 00000000.00000002.2889507835.000000001D0C2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://www.fontbureau.com/designers/cabarga.htmlN
Source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe, 00000000.00000002.2889507835.000000001D0C2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://www.fontbureau.com/designers/frere-user.html
Source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe, 00000000.00000002.2889507835.000000001D0C2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://www.fontbureau.com/designers8
Source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe, 00000000.00000002.2889507835.000000001D0C2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://www.fontbureau.com/designers?
Source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe, 00000000.00000002.2889507835.000000001D0C2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://www.fontbureau.com/designersG
Source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe, 00000000.00000002.2889507835.000000001D0C2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://www.fonts.com
Source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe, 00000000.00000002.2889507835.000000001D0C2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://www.founder.com.cn/cn
Source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe, 00000000.00000002.2889507835.000000001D0C2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://www.founder.com.cn/cn/bThe
Source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe, 00000000.00000002.2889507835.000000001D0C2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://www.founder.com.cn/cn/cThe
Source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe, 00000000.00000002.2889507835.000000001D0C2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://www.galapagosdesign.com/DPlease
Source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe, 00000000.00000002.2889507835.000000001D0C2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://www.galapagosdesign.com/staff/dennis.htm
Source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe, 00000000.00000002.2889507835.000000001D0C2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://www.goodfont.co.kr
Source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe, 00000000.00000002.2889507835.000000001D0C2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://www.jiyu-kobo.co.jp/
Source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe, 00000000.00000002.2889507835.000000001D0C2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://www.sajatypeworks.com
Source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe, 00000000.00000002.2889507835.000000001D0C2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://www.sakkal.com
Source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe, 00000000.00000002.2889507835.000000001D0C2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://www.sandoll.co.kr
Source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe, 00000000.00000002.2889507835.000000001D0C2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://www.tiro.com
Source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe, 00000000.00000002.2889507835.000000001D0C2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://www.typography.netD
Source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe, 00000000.00000002.2889507835.000000001D0C2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://www.urwpp.deDPlease
Source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe, 00000000.00000002.2889507835.000000001D0C2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://www.zhongyicts.com.cn

Detected potential crypto function

Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe

Code function: 0_2_00007FFD9B8F170D

0_2_00007FFD9B8F170D

Sample file is different than original file name gathered from version info

Source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe, 00000000.00000000.1649312176.0000000000C30000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: OriginalFilename22.exe( vs AutoClick Smart cortesia de bb-fans.jimdo.com.exe
Source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Binary or memory string: OriginalFilename22.exe( vs AutoClick Smart cortesia de bb-fans.jimdo.com.exe

Uses 32bit PE files

Source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe

Static PE information: EXECUTABLE_IMAGE, 32BIT_MACHINE

Source: classification engine

Classification label: mal52.evad.winEXE@1/0@0/0

Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe

Mutant created: NULL

Source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe

Static PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ

Source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe

Static file information: TRID: Win32 Executable (generic) Net Framework (10011505/4) 49.79%

Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe

Key opened: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers

Jump to behavior

Source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe	ReversingLabs: Detection: 18%
Source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Virustotal: Detection: 34%

Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Section loaded: mscoree.dll	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Section loaded: apphelp.dll	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Section loaded: version.dll	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Section loaded: windows.storage.dll	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Section loaded: wldp.dll	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Section loaded: profapi.dll	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Section loaded: uxtheme.dll	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Section loaded: dwrite.dll	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Section loaded: textshaping.dll	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Section loaded: textinputframework.dll	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Section loaded: coreuicomponents.dll	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Section loaded: coremessaging.dll	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Section loaded: ntmarta.dll	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Section loaded: wintypes.dll	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Section loaded: wintypes.dll	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Section loaded: wintypes.dll	Jump to behavior

Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe

Key opened: HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings

Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe

File opened: C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorrc.dll

Jump to behavior

Source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe

Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR

Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe

File opened: C:\Windows\WinSxS\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.9672_none_88e266cb2fac7c0d\MSVCR80.dll

Jump to behavior

Source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe

Static PE information: DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE

Source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe

Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG

Source:

Binary string: C:\Users\AntHoniO\AppData\Local\Temporary Projects\22\obj\Debug\22.pdb source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe

Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior

Malware Analysis System Evasion

Uses Windows timers to delay execution

Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	User Timer Set: Timeout: 100ms	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	User Timer Set: Timeout: 1ms	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	User Timer Set: Timeout: 100ms	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	User Timer Set: Timeout: 1ms	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	User Timer Set: Timeout: 100ms	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	User Timer Set: Timeout: 1ms	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	User Timer Set: Timeout: 100ms	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	User Timer Set: Timeout: 1ms	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	User Timer Set: Timeout: 100ms	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	User Timer Set: Timeout: 1ms	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	User Timer Set: Timeout: 100ms	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	User Timer Set: Timeout: 1ms	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	User Timer Set: Timeout: 100ms	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	User Timer Set: Timeout: 1ms	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	User Timer Set: Timeout: 100ms	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	User Timer Set: Timeout: 1ms	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	User Timer Set: Timeout: 100ms	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	User Timer Set: Timeout: 1ms	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	User Timer Set: Timeout: 100ms	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	User Timer Set: Timeout: 1ms	Jump to behavior

Allocates memory with a write watch (potentially for evading sandboxes)

Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Memory allocated: 1260000 memory reserve \| memory write watch	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Memory allocated: 3340000 memory reserve \| memory write watch	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Memory allocated: 1B340000 memory commit \| memory reserve \| memory write watch	Jump to behavior

Program does not show much activity (idle)

Source: all processes

Thread injection, dropped files, key value created, disk infection and DNS query: no activity detected

Program does not show much activity (idle)

Source: all processes

Thread injection, dropped files, key value created, disk infection and DNS query: no activity detected

Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe

Memory allocated: page read and write | page guard

Jump to behavior

Queries the volume information (name, serial number etc) of a device

Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\calibrii.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\calibrili.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\calibrib.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\cambria.ttc VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\cambriai.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\cambriaz.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\cambria.ttc VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\Candarai.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\Candarali.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\Candarab.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\Candaraz.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\comic.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\comici.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\comicbd.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\comicz.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\constan.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\constani.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\constanb.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\constanz.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\corbel.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\corbell.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\corbeli.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\corbelli.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\corbelb.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\corbelz.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\cour.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\couri.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\courbd.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\courbi.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\ebrima.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\FRADM.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\FRADMIT.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\FRAMDCN.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\gadugib.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\georgiai.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\georgiab.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\georgiaz.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\impact.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\Inkfree.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\javatext.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\LeelawUI.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\LeelUIsl.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\LeelaUIb.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\lucon.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\l_10646.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\malgun.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\malgunsl.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\malgunbd.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\himalaya.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\msjh.ttc VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\msjhl.ttc VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\msjhbd.ttc VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\msjh.ttc VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\msjhl.ttc VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\msjhbd.ttc VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\ntailu.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\ntailub.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\phagspa.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\phagspab.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\micross.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\taileb.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\msyh.ttc VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\msyhl.ttc VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\msyhbd.ttc VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\msyh.ttc VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\msyi.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\mingliub.ttc VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\monbaiti.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\msgothic.ttc VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\msgothic.ttc VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\msgothic.ttc VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\mvboli.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\mmrtext.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\mmrtextb.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\Nirmala.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\NirmalaS.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\NirmalaB.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\pala.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\palai.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\palab.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\palabi.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\segoepr.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\segoeprb.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\segoesc.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\segoescb.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\seguihis.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\simsun.ttc VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\simsunb.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\Sitka.ttc VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\SitkaI.ttc VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\SitkaB.ttc VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\SitkaZ.ttc VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\Sitka.ttc VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\SitkaI.ttc VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\SitkaZ.ttc VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\sylfaen.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\symbol.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\tahoma.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\timesi.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\timesbd.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\timesbi.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\trebucit.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\trebucbd.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\trebucbi.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\verdana.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\verdanai.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\verdanab.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\verdanaz.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\webdings.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\wingding.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\YuGothR.ttc VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\YuGothM.ttc VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\YuGothB.ttc VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\YuGothM.ttc VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\YuGothR.ttc VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\YuGothB.ttc VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\holomdl2.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\AGENCYR.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\AGENCYB.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\BKANT.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\ANTQUAB.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\BAUHS93.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\BELLI.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\BOD_I.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\DUBAI-LIGHT.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\ELEPHNTI.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\GLSNECB.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\GOTHIC.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\GOTHICI.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\GOTHICB.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\GOUDOS.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\HATTEN.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\IMPRISHA.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\INFROMAN.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\ITCBLKAD.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\ITCEDSCR.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\ITCKRIST.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\KUNSTLER.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\LBRITEI.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\LEELAWDB.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\LFAX.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\LSANS.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\LSANSD.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\LSANSI.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\LTYPE.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\LTYPEO.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\MATURASC.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\MOD20.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\MSUIGHUR.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\MSUIGHUB.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\NIAGENG.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\PERTILI.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\PLAYBILL.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\RAGE.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\ROCKB.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\SNAP____.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\TCM_____.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\TCBI____.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\TCCM____.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\TEMPSITC.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\VLADIMIR.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\WINGDNG3.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\micross.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\calibrii.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\calibrib.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\calibriz.ttf VolumeInformation	Jump to behavior

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

⊘No contacted IP infos

AV Detection

Multi AV Scanner detection for submitted file

Source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe	ReversingLabs: Detection: 18%
Source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Virustotal: Detection: 34%			Perma Link

Uses 32bit PE files

Source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe

Static PE information: EXECUTABLE_IMAGE, 32BIT_MACHINE

Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe

File opened: C:\Windows\WinSxS\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.9672_none_88e266cb2fac7c0d\MSVCR80.dll

Jump to behavior

Source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe

Static PE information: DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE

Source:

Binary string: C:\Users\AntHoniO\AppData\Local\Temporary Projects\22\obj\Debug\22.pdb source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe

Source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe, 00000000.00000002.2889507835.000000001D0C2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0
Source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe	String found in binary or memory: http://www.bb-fans.jimdo.com
Source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe, 00000000.00000002.2889507835.000000001D0C2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://www.carterandcone.coml
Source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe, 00000000.00000002.2889507835.000000001D0C2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://www.fontbureau.com
Source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe, 00000000.00000002.2889507835.000000001D0C2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://www.fontbureau.com/designers
Source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe, 00000000.00000002.2889507835.000000001D0C2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://www.fontbureau.com/designers/?
Source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe, 00000000.00000002.2889507835.000000001D0C2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://www.fontbureau.com/designers/cabarga.htmlN
Source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe, 00000000.00000002.2889507835.000000001D0C2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://www.fontbureau.com/designers/frere-user.html
Source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe, 00000000.00000002.2889507835.000000001D0C2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://www.fontbureau.com/designers8
Source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe, 00000000.00000002.2889507835.000000001D0C2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://www.fontbureau.com/designers?
Source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe, 00000000.00000002.2889507835.000000001D0C2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://www.fontbureau.com/designersG
Source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe, 00000000.00000002.2889507835.000000001D0C2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://www.fonts.com
Source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe, 00000000.00000002.2889507835.000000001D0C2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://www.founder.com.cn/cn
Source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe, 00000000.00000002.2889507835.000000001D0C2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://www.founder.com.cn/cn/bThe
Source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe, 00000000.00000002.2889507835.000000001D0C2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://www.founder.com.cn/cn/cThe
Source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe, 00000000.00000002.2889507835.000000001D0C2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://www.galapagosdesign.com/DPlease
Source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe, 00000000.00000002.2889507835.000000001D0C2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://www.galapagosdesign.com/staff/dennis.htm
Source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe, 00000000.00000002.2889507835.000000001D0C2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://www.goodfont.co.kr
Source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe, 00000000.00000002.2889507835.000000001D0C2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://www.jiyu-kobo.co.jp/
Source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe, 00000000.00000002.2889507835.000000001D0C2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://www.sajatypeworks.com
Source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe, 00000000.00000002.2889507835.000000001D0C2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://www.sakkal.com
Source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe, 00000000.00000002.2889507835.000000001D0C2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://www.sandoll.co.kr
Source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe, 00000000.00000002.2889507835.000000001D0C2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://www.tiro.com
Source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe, 00000000.00000002.2889507835.000000001D0C2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://www.typography.netD
Source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe, 00000000.00000002.2889507835.000000001D0C2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://www.urwpp.deDPlease
Source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe, 00000000.00000002.2889507835.000000001D0C2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://www.zhongyicts.com.cn

Detected potential crypto function

Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe

Code function: 0_2_00007FFD9B8F170D

0_2_00007FFD9B8F170D

Sample file is different than original file name gathered from version info

Source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe, 00000000.00000000.1649312176.0000000000C30000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: OriginalFilename22.exe( vs AutoClick Smart cortesia de bb-fans.jimdo.com.exe
Source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Binary or memory string: OriginalFilename22.exe( vs AutoClick Smart cortesia de bb-fans.jimdo.com.exe

Uses 32bit PE files

Source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe

Static PE information: EXECUTABLE_IMAGE, 32BIT_MACHINE

Source: classification engine

Classification label: mal52.evad.winEXE@1/0@0/0

Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe

Mutant created: NULL

Source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe

Static PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ

Source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe

Static file information: TRID: Win32 Executable (generic) Net Framework (10011505/4) 49.79%

Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe

Key opened: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers

Jump to behavior

Source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe	ReversingLabs: Detection: 18%
Source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Virustotal: Detection: 34%

Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Section loaded: mscoree.dll	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Section loaded: apphelp.dll	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Section loaded: version.dll	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Section loaded: windows.storage.dll	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Section loaded: wldp.dll	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Section loaded: profapi.dll	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Section loaded: uxtheme.dll	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Section loaded: dwrite.dll	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Section loaded: textshaping.dll	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Section loaded: textinputframework.dll	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Section loaded: coreuicomponents.dll	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Section loaded: coremessaging.dll	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Section loaded: ntmarta.dll	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Section loaded: wintypes.dll	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Section loaded: wintypes.dll	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Section loaded: wintypes.dll	Jump to behavior

Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe

Key opened: HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings

Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe

File opened: C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorrc.dll

Jump to behavior

Source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe

Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR

Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe

File opened: C:\Windows\WinSxS\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.9672_none_88e266cb2fac7c0d\MSVCR80.dll

Jump to behavior

Source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe

Static PE information: DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE

Source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe

Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG

Source:

Binary string: C:\Users\AntHoniO\AppData\Local\Temporary Projects\22\obj\Debug\22.pdb source: AutoClick Smart cortesia de bb-fans.jimdo.com.exe

Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior

Malware Analysis System Evasion

Uses Windows timers to delay execution

Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	User Timer Set: Timeout: 100ms	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	User Timer Set: Timeout: 1ms	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	User Timer Set: Timeout: 100ms	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	User Timer Set: Timeout: 1ms	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	User Timer Set: Timeout: 100ms	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	User Timer Set: Timeout: 1ms	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	User Timer Set: Timeout: 100ms	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	User Timer Set: Timeout: 1ms	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	User Timer Set: Timeout: 100ms	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	User Timer Set: Timeout: 1ms	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	User Timer Set: Timeout: 100ms	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	User Timer Set: Timeout: 1ms	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	User Timer Set: Timeout: 100ms	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	User Timer Set: Timeout: 1ms	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	User Timer Set: Timeout: 100ms	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	User Timer Set: Timeout: 1ms	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	User Timer Set: Timeout: 100ms	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	User Timer Set: Timeout: 1ms	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	User Timer Set: Timeout: 100ms	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	User Timer Set: Timeout: 1ms	Jump to behavior

Allocates memory with a write watch (potentially for evading sandboxes)

Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Memory allocated: 1260000 memory reserve \| memory write watch	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Memory allocated: 3340000 memory reserve \| memory write watch	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Memory allocated: 1B340000 memory commit \| memory reserve \| memory write watch	Jump to behavior

Program does not show much activity (idle)

Source: all processes

Thread injection, dropped files, key value created, disk infection and DNS query: no activity detected

Program does not show much activity (idle)

Source: all processes

Thread injection, dropped files, key value created, disk infection and DNS query: no activity detected

Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe

Memory allocated: page read and write | page guard

Jump to behavior

Queries the volume information (name, serial number etc) of a device

Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\calibrii.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\calibrili.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\calibrib.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\cambria.ttc VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\cambriai.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\cambriaz.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\cambria.ttc VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\Candarai.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\Candarali.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\Candarab.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\Candaraz.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\comic.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\comici.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\comicbd.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\comicz.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\constan.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\constani.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\constanb.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\constanz.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\corbel.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\corbell.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\corbeli.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\corbelli.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\corbelb.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\corbelz.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\cour.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\couri.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\courbd.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\courbi.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\ebrima.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\FRADM.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\FRADMIT.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\FRAMDCN.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\gadugib.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\georgiai.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\georgiab.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\georgiaz.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\impact.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\Inkfree.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\javatext.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\LeelawUI.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\LeelUIsl.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\LeelaUIb.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\lucon.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\l_10646.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\malgun.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\malgunsl.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\malgunbd.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\himalaya.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\msjh.ttc VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\msjhl.ttc VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\msjhbd.ttc VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\msjh.ttc VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\msjhl.ttc VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\msjhbd.ttc VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\ntailu.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\ntailub.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\phagspa.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\phagspab.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\micross.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\taileb.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\msyh.ttc VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\msyhl.ttc VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\msyhbd.ttc VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\msyh.ttc VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\msyi.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\mingliub.ttc VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\monbaiti.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\msgothic.ttc VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\msgothic.ttc VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\msgothic.ttc VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\mvboli.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\mmrtext.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\mmrtextb.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\Nirmala.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\NirmalaS.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\NirmalaB.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\pala.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\palai.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\palab.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\palabi.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\segoepr.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\segoeprb.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\segoesc.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\segoescb.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\seguihis.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\simsun.ttc VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\simsunb.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\Sitka.ttc VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\SitkaI.ttc VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\SitkaB.ttc VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\SitkaZ.ttc VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\Sitka.ttc VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\SitkaI.ttc VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\SitkaZ.ttc VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\sylfaen.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\symbol.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\tahoma.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\timesi.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\timesbd.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\timesbi.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\trebucit.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\trebucbd.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\trebucbi.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\verdana.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\verdanai.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\verdanab.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\verdanaz.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\webdings.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\wingding.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\YuGothR.ttc VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\YuGothM.ttc VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\YuGothB.ttc VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\YuGothM.ttc VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\YuGothR.ttc VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\YuGothB.ttc VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\holomdl2.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\AGENCYR.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\AGENCYB.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\BKANT.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\ANTQUAB.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\BAUHS93.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\BELLI.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\BOD_I.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\DUBAI-LIGHT.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\ELEPHNTI.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\GLSNECB.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\GOTHIC.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\GOTHICI.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\GOTHICB.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\GOUDOS.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\HATTEN.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\IMPRISHA.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\INFROMAN.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\ITCBLKAD.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\ITCEDSCR.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\ITCKRIST.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\KUNSTLER.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\LBRITEI.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\LEELAWDB.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\LFAX.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\LSANS.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\LSANSD.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\LSANSI.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\LTYPE.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\LTYPEO.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\MATURASC.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\MOD20.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\MSUIGHUR.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\MSUIGHUB.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\NIAGENG.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\PERTILI.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\PLAYBILL.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\RAGE.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\ROCKB.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\SNAP____.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\TCM_____.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\TCBI____.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\TCCM____.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\TEMPSITC.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\VLADIMIR.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\WINGDNG3.TTF VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\micross.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\calibrii.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\calibrib.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\AutoClick Smart cortesia de bb-fans.jimdo.com.exe	Queries volume information: C:\Windows\Fonts\calibriz.ttf VolumeInformation	Jump to behavior

ID:	1502469
Product:	CloudBasic
Start time:	17:55:06
Start date:	01.09.2024
Sample:	AutoClick Smart cortesia de bb-fans.jimdo.com.exe
Cookbook:	default.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS
MD5:	e064db65f591ebb637aa2ca532b7ec35
SHA1:	33fc69dce99767997a4ee0cc3398cdf82bbc6417
SHA256:	ff4234e650d0ba4b296f099c3bb00995f64d43570da258906208e1e1681a45ad
Filetype:	Win32 Executable (generic) Net Framework (10011505/4) 49.79%

Windows Analysis Report
AutoClick Smart cortesia de bb-fans.jimdo.com.exe

Overview

General Information

Detection

Signatures

Classification

Signatures

AV Detection

Compliance

Networking

System Summary

Hooking and other Techniques for Hiding and Protection

Malware Analysis System Evasion

Anti Debugging

Language, Device and Operating System Detection

Screenshots

Behavior Graph

Network Map

Windows Analysis Report AutoClick Smart cortesia de bb-fans.jimdo.com.exe

Overview

General Information

Detection

Signatures

Classification

Signatures

AV Detection

Compliance

Networking

System Summary

Hooking and other Techniques for Hiding and Protection

Malware Analysis System Evasion

Anti Debugging

Language, Device and Operating System Detection

Screenshots

Behavior Graph

Network Map

Windows Analysis Report
AutoClick Smart cortesia de bb-fans.jimdo.com.exe