Edit tour

Windows Analysis Report
petst.exe

Overview

General Information

Sample name:	petst.exe
Analysis ID:	1524335
MD5:	2ed275f10d8631382b8339e77e686261
SHA1:	78ce6c52ed9afaf4f3f2fda4f74bd9746d65ff6a
SHA256:	be8f19006c6f15ed374ac71a99ce7ea0fc4426d453ead4ecef25a6a87efd755c
Infos:

Detection

Score:	38
Range:	0 - 100
Whitelisted:	false
Confidence:	40%

Signatures

Queries disk data (e.g. SMART data)

Queries memory information (via WMI often done to detect virtual machines)

Queries sensitive disk information (via WMI, Win32_DiskDrive, often done to detect virtual machines)

Queries sensitive network adapter information (via WMI, Win32_NetworkAdapter, often done to detect virtual machines)

Queries sensitive physical memory information (via WMI, Win32_PhysicalMemory, often done to detect virtual machines)

Queries sensitive port information (via WMI, Win32_SerialPort, often done to detect virtual machines)

Query firmware table information (likely to detect VMs)

Tries to detect sandboxes and other dynamic analysis tools (window names)

Binary contains a suspicious time stamp

Contains capabilities to detect virtual machines

Creates a process in suspended mode (likely to inject code)

Drops PE files

Found dropped PE file which has not been started or loaded

JA3 SSL client fingerprint seen in connection with other malware

PE file contains executable resources (Code or Archives)

PE file contains more sections than normal

PE file contains sections with non-standard names

Queries disk information (often used to detect virtual machines)

Queries sensitive BIOS Information (via WMI, Win32_Bios & Win32_BaseBoard, often done to detect virtual machines)

Queries sensitive Operating System Information (via WMI, Win32_ComputerSystem, often done to detect virtual machines)

Queries the volume information (name, serial number etc) of a device

Sample file is different than original file name gathered from version info

Stores files to the Windows start menu directory

Uses 32bit PE files

Classification

Process Tree

System is w10x64native

petst.exe (PID: 4572 cmdline: "C:\Users\user\Desktop\petst.exe" MD5: 2ED275F10D8631382B8339E77E686261)

petst.tmp (PID: 7140 cmdline: "C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp" /SL5="$103CA,82096316,744960,C:\Users\user\Desktop\petst.exe" MD5: AB942603C465178E12D15C75401CD965)

_setup64.tmp (PID: 1920 cmdline: helper 105 0x4D8 MD5: E4211D6D009757C078A9FAC7FF4F03D4)

conhost.exe (PID: 6360 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 81CA40085FC75BABD2C91D18AA9FFA68)

PerformanceTest64.exe (PID: 5164 cmdline: "C:\Program Files\PerformanceTest\PerformanceTest64.exe" /l en MD5: EBE5F6D02582E010284354194E233C3C)

cleanup

Malware Configuration

⊘No configs have been found

Yara Signatures

⊘No yara matches

Sigma Signatures

⊘No Sigma rule has matched

Suricata Signatures

⊘No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

Source: petst.exe

Static PE information: RELOCS_STRIPPED, EXECUTABLE_IMAGE, 32BIT_MACHINE

Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Window detected: License AgreementPlease read the following important information before continuing.Please read the following License Agreement. You must accept the terms of this agreement before continuing with the installation.PassMark Software Pty Ltd (PassMark)End User License Agreement (EULA)IMPORTANT! PLEASE READ THE FOLLOWING TERMS AND CONDITIONS.YOU THE INSTALLER OF THIS SOFTWARE AGREE THAT ALL OF THE TERMS AND CONDITIONS DESCRIBED BELOW APPLY TO YOU AND ANYONE ELSE WHO USES THIS SOFTWARE IF EITHER;YOU CLICK THE ACCEPT BUTTON OR YOU COPY INSTALL OR USE THIS COPY OF PASSMARK SOFTWARE OR YOU PERMIT OR ENABLE OTHERS TO COPY INSTALL OR USE THIS PASSMARK SOFTWARE.IF YOU DO NOT AGREE TO BE BOUND BY THE TERMS AND CONDITIONS DESCRIBED BELOW PLEASE TERMINATE INSTALLATION IMMEDIATELY AND DO NOT USE THIS SOFTWARE.SOFTWARE COVERED BY THIS LICENCEThis license agreement (Agreement) applies only to the version of the software package PerformanceTest V11 with which this Agreement is included. Different license terms may apply to other software packages from PassMark and license terms for later versions of PerformanceTest may also be changed.TITLEPassMark or its licensors own the PerformanceTest software package including all materials included with the package. PassMark owns the names and marks of PassMark PerformanceTest under copyright trademark and intellectual property laws and all other applicable laws.TERMINATIONThis license will terminate automatically if you fail to comply with any of the terms and conditions limitations and obligations described herein. On termination you must destroy all copies of the PassMark package and all other materials downloaded as part of the package.Trial VersionIf you are using a trial version of PerformanceTest then you must uninstall the software after the trial period of thirty (30) days has elapsed.DISCLAIMER OF WARRANTYPassMark disclaims any and all warranties express or implied including any implied warranties as to merchantability or fitness for a particular purpose. You acknowledge and agree that you had full opportunity to test PerformanceTest before any live public or production use that you assume full responsibility for selecting and using PerformanceTest and any files that may created through the use of PerformanceTest and that if you use PerformanceTest improperly or against instructions you can cause damage to your files software data or business. The entire risk as to quality and performance of PerformanceTest is borne by you. This disclaimer of warranty constitutes an essential part of the agreement. Some jurisdictions do allow exclusions of an implied warranty so this disclaimer may not apply to you and you may have other legal rights that vary by jurisdiction.LIMITATION OF LIABILITYIn no event shall PassMark its officers employees affiliates contractors subsidiaries or parent organizations be liable for any incidental consequential or punitive damages whatsoever relating to the use of PerformanceTest f
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Window detected: License AgreementPlease read the following important information before continuing.Please read the following License Agreement. You must accept the terms of this agreement before continuing with the installation.PassMark Software Pty Ltd (PassMark)End User License Agreement (EULA)IMPORTANT! PLEASE READ THE FOLLOWING TERMS AND CONDITIONS.YOU THE INSTALLER OF THIS SOFTWARE AGREE THAT ALL OF THE TERMS AND CONDITIONS DESCRIBED BELOW APPLY TO YOU AND ANYONE ELSE WHO USES THIS SOFTWARE IF EITHER;YOU CLICK THE ACCEPT BUTTON OR YOU COPY INSTALL OR USE THIS COPY OF PASSMARK SOFTWARE OR YOU PERMIT OR ENABLE OTHERS TO COPY INSTALL OR USE THIS PASSMARK SOFTWARE.IF YOU DO NOT AGREE TO BE BOUND BY THE TERMS AND CONDITIONS DESCRIBED BELOW PLEASE TERMINATE INSTALLATION IMMEDIATELY AND DO NOT USE THIS SOFTWARE.SOFTWARE COVERED BY THIS LICENCEThis license agreement (Agreement) applies only to the version of the software package PerformanceTest V11 with which this Agreement is included. Different license terms may apply to other software packages from PassMark and license terms for later versions of PerformanceTest may also be changed.TITLEPassMark or its licensors own the PerformanceTest software package including all materials included with the package. PassMark owns the names and marks of PassMark PerformanceTest under copyright trademark and intellectual property laws and all other applicable laws.TERMINATIONThis license will terminate automatically if you fail to comply with any of the terms and conditions limitations and obligations described herein. On termination you must destroy all copies of the PassMark package and all other materials downloaded as part of the package.Trial VersionIf you are using a trial version of PerformanceTest then you must uninstall the software after the trial period of thirty (30) days has elapsed.DISCLAIMER OF WARRANTYPassMark disclaims any and all warranties express or implied including any implied warranties as to merchantability or fitness for a particular purpose. You acknowledge and agree that you had full opportunity to test PerformanceTest before any live public or production use that you assume full responsibility for selecting and using PerformanceTest and any files that may created through the use of PerformanceTest and that if you use PerformanceTest improperly or against instructions you can cause damage to your files software data or business. The entire risk as to quality and performance of PerformanceTest is borne by you. This disclaimer of warranty constitutes an essential part of the agreement. Some jurisdictions do allow exclusions of an implied warranty so this disclaimer may not apply to you and you may have other legal rights that vary by jurisdiction.LIMITATION OF LIABILITYIn no event shall PassMark its officers employees affiliates contractors subsidiaries or parent organizations be liable for any incidental consequential or punitive damages whatsoever relating to the use of PerformanceTest f

Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\unins000.dat	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-7N7GA.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-R957H.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-6CSRR.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-JQA2K.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-GC7AO.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-3U9IO.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-0QCMU.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-GJRP5.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-T9C6F.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-SDVKA.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-NLFHM.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-8DGTT.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-63OP6.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-FFCOU.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-UMOBR.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-CQ0FJ.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-4FNSM.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-TPV1C.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-KC594.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-JQP10.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-JVAEM.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-BTJ2D.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-CHTH9.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-BSMOR.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-BHLGV.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-FFQ4P.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-PKFG3.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-71PHT.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-C3G98.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-5U057.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-3BELA.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-B7QQU.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-7GI1A.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-5KHKG.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-2THKK.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-SS3MK.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-BM06S.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-3B1NB.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-3TG5S.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-1C2RQ.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-55SBN.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-D5G6G.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-HG14O.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-V32L6.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-KRI5I.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-4QFEO.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-VAOH0.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-84V1G.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-S15E6.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-AEAGR.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-5S5ED.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-5LRJH.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-AM03A.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-HJB1G.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-HCG4N.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-0UPI0.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-3606N.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-1UV9G.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-B7NVL.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-FVDNM.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-F25U4.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-D405I.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-D0HEV.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-ISMJA.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-8A1JA.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-B1N6E.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-KS46E.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-NSI7L.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-2M1K0.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-MO4GU.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-QN8TQ.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-2UKBF.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-8J0HV.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-CH4TN.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-DK7GQ.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-V1S9E.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-6UJ2U.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-JENPJ.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-91KV6.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-67B0D.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-BKM0M.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-3E55A.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-PAHCN.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-M1P32.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-1TS8U.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-1G3LJ.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-EV615.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-E2CO5.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-0ESTF.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-JLUJ7.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-87387.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-TIFQF.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-49140.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-M3RQT.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-0BUHL.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\Skybox	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\Skybox\is-EA5ON.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\Skybox\is-SBI69.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\Skybox\is-2O1TD.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\Skybox\is-SDGH8.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\Structures	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\Structures\is-1K1LM.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\Structures\is-H67I4.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\Terrain	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\Terrain\is-56TVG.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\Terrain\is-KEIUN.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\Terrain\is-TDS83.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\Terrain\is-RSKP6.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\Terrain\is-SC9PU.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\Transparency	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\Transparency\is-1AULR.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\UI	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\UI\is-EM9QN.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\misc	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\misc\is-8ANHA.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\UI\is-J1HPE.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\models	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\models\FaceDetect	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\models\FaceDetect\is-U69MC.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\models\FaceDetect\is-ENGC9.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\is-5Q5K5.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Cobie Smulders	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Cobie Smulders\is-18QUP.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Cobie Smulders\is-L4541.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Cobie Smulders\is-0UTFI.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Cobie Smulders\is-HOQVI.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Cobie Smulders\is-FT8UM.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Cobie Smulders\is-MOR6I.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Cobie Smulders\is-6HSBA.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Cobie Smulders\is-G07L6.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Cobie Smulders\is-VO41T.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Cobie Smulders\is-43D9O.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Cobie Smulders\is-DFBQ7.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Cobie Smulders\is-BTTQR.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Cobie Smulders\is-TQV57.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Cobie Smulders\is-Q0HTB.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Cobie Smulders\is-8EKB4.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Cobie Smulders\is-6CVQ9.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Cobie Smulders\is-METPC.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Cobie Smulders\is-M6IL2.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Cobie Smulders\is-5AU0N.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Cobie Smulders\is-RGE17.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_drake	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_drake\is-08Q33.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_drake\is-KQA8L.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_drake\is-VC6HO.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_drake\is-JUL1E.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_drake\is-12AR5.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_drake\is-ED2JT.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_drake\is-ISN90.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_drake\is-TDRGL.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_drake\is-LO9E9.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_drake\is-5JIMI.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_drake\is-VRR56.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_drake\is-DHG8L.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_drake\is-ETNT7.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_drake\is-S5SKB.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_drake\is-GTKP3.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_drake\is-QOO75.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_drake\is-RK6SO.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_drake\is-EOBL0.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_drake\is-47KBE.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_drake\is-UTSDU.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Jason Momoa	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Jason Momoa\is-3ORLK.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Jason Momoa\is-UTI4A.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Jason Momoa\is-RQDN0.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Jason Momoa\is-UMO2N.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Jason Momoa\is-RMM4I.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Jason Momoa\is-R17I1.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Jason Momoa\is-2OEAH.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Jason Momoa\is-PM6F9.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Jason Momoa\is-2DMQB.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Jason Momoa\is-RC6HR.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Jason Momoa\is-SPJ8N.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Jason Momoa\is-EEH1B.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Jason Momoa\is-3V4RM.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Jason Momoa\is-K1ARJ.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Jason Momoa\is-TRV8D.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Jason Momoa\is-64TAM.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Jason Momoa\is-1EK1B.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Jason Momoa\is-33FAV.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Jason Momoa\is-F1GK9.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Jason Momoa\is-35R11.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Kumail Nanjiani	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Kumail Nanjiani\is-88AO3.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Kumail Nanjiani\is-AKBVN.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Kumail Nanjiani\is-EANB3.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Kumail Nanjiani\is-MAHU5.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Kumail Nanjiani\is-9S80M.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Kumail Nanjiani\is-DSJTK.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Kumail Nanjiani\is-UUAVK.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Kumail Nanjiani\is-5VFVP.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Kumail Nanjiani\is-DU9FR.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Kumail Nanjiani\is-HCJCE.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Kumail Nanjiani\is-7E0OJ.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Kumail Nanjiani\is-QRN7M.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Kumail Nanjiani\is-VRHEB.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Kumail Nanjiani\is-56DNS.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Kumail Nanjiani\is-381GP.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Kumail Nanjiani\is-DPBRJ.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Kumail Nanjiani\is-1KCOT.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Kumail Nanjiani\is-90RFM.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Kumail Nanjiani\is-L5VMT.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Kumail Nanjiani\is-PV259.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Pedro Alonso	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Pedro Alonso\is-LBP09.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Pedro Alonso\is-1J87L.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Pedro Alonso\is-G8DDO.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Pedro Alonso\is-VACIF.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Pedro Alonso\is-MRA99.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Pedro Alonso\is-UQGNH.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Pedro Alonso\is-KFIC2.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Pedro Alonso\is-8B9KU.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Pedro Alonso\is-6SHCI.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Pedro Alonso\is-Q70R1.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Pedro Alonso\is-511SH.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Pedro Alonso\is-F0I2D.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Pedro Alonso\is-HN1MU.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Pedro Alonso\is-T3HHT.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Pedro Alonso\is-5AGU0.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Pedro Alonso\is-456KL.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Pedro Alonso\is-23N95.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Pedro Alonso\is-656VU.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Pedro Alonso\is-IHC35.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Pedro Alonso\is-4UU9D.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Ryan Reynolds	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Ryan Reynolds\is-QKSNU.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Ryan Reynolds\is-DKECS.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Ryan Reynolds\is-MVDIO.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Ryan Reynolds\is-HTK2E.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Ryan Reynolds\is-MJHC2.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Ryan Reynolds\is-FUS4E.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Ryan Reynolds\is-SSJ7I.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Ryan Reynolds\is-2RL5F.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Ryan Reynolds\is-S1F28.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Ryan Reynolds\is-E29MC.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Ryan Reynolds\is-E5KGA.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Ryan Reynolds\is-RFES8.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Ryan Reynolds\is-GGGB8.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Ryan Reynolds\is-R0JMF.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Ryan Reynolds\is-MFOFP.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Ryan Reynolds\is-BTSKJ.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Ryan Reynolds\is-9UMBR.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Ryan Reynolds\is-MCNSE.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Ryan Reynolds\is-59BSM.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Ryan Reynolds\is-GTM05.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-T7ESP.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-R0J42.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-L7N1Q.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-ERSKP.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-JPQAP.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-HBVD3.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-6HJTS.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-BHAC4.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-Q3HMK.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-TCHR8.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-1N43L.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-HOV41.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-01CL1.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-6UOM9.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-066PT.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-INEU5.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-D47EO.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-4NP9V.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-0CERA.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-03G0A.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-HR90I.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-OOE62.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-ILOMN.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-2V8K8.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-7J8R7.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-M94U9.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-KO0EQ.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-QIT7M.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-OQL3E.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-GESAC.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\css	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\css\is-ORNQB.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\css\is-MNUCD.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\css\is-IQOI0.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\css\is-P9264.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\css\is-UHS43.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dll_x64	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dll_x64\is-95MO4.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dll_x64\is-AM0JK.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dll_x64\is-08HH9.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dll_x64\is-A6CAP.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dll_x64\is-HEP4K.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dll_x64\is-6R392.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dll_x64\is-8FGFI.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dll_x64\is-GVV16.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dll_x64\is-EVEFK.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dll_x64\is-6T573.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dll_x64\is-LAE8N.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-MSOE1.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-C0649.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\unins000.msg	Jump to behavior

Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp

Registry value created: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PerformanceTest 11_is1

Jump to behavior

Source: petst.exe

Static PE information: certificate valid

Source: unknown

HTTPS traffic detected: 216.146.212.71:443 -> 192.168.11.20:49768 version: TLS 1.2

Source: petst.exe

Static PE information: DYNAMIC_BASE, NX_COMPAT, TERMINAL_SERVER_AWARE

Source:	Binary string: E:\opencv-build\bin\Release\opencv_imgproc460.pdb source: petst.tmp, 00000002.00000003.44920361218.0000000005B90000.00000004.00001000.00020000.00000000.sdmp
Source:	Binary string: D:\PerformanceTest\_Build\Release\debug64\PerformanceTest\PerformanceTest64.pdb source: PerformanceTest64.exe, 00000006.00000003.44940996317.000000000310E000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: d3d11ref.pdb"; source: petst.tmp, 00000002.00000003.44920361218.0000000005B90000.00000004.00001000.00020000.00000000.sdmp
Source:	Binary string: d3d11ref.pdb source: petst.tmp, 00000002.00000003.44920361218.0000000005B90000.00000004.00001000.00020000.00000000.sdmp

Source: Joe Sandbox View

JA3 fingerprint: 37f463bf4616ecd445d4a1937da06e19

Source: unknown

UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /baselines/V10/modelList.php?key=TRIAL_DAY0&type=cpu HTTP/1.1Accept-Encoding: gzip,deflateUser-Agent: PerformanceTest - passmark.comHost: www.passmark.comCache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /baselines/V10/modelList.php?key=TRIAL_DAY0&type=gpu HTTP/1.1Accept-Encoding: gzip,deflateUser-Agent: PerformanceTest - passmark.comHost: www.passmark.comCache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /baselines/V10/modelList.php?key=TRIAL_DAY0&type=ram HTTP/1.1Accept-Encoding: gzip,deflateUser-Agent: PerformanceTest - passmark.comHost: www.passmark.comCache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /baselines/V10/modelList.php?key=TRIAL_DAY0&type=hdd HTTP/1.1Accept-Encoding: gzip,deflateUser-Agent: PerformanceTest - passmark.comHost: www.passmark.comCache-Control: no-cache

Source: global traffic

DNS traffic detected: DNS query: www.passmark.com

Source: PerformanceTest64.exe, 00000006.00000003.44940996317.00000000033EE000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://creativecommons.org/licenses/publicdomain/
Source: PerformanceTest64.exe, 00000006.00000003.44940996317.00000000033EE000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://creativecommons.org/ns#
Source: PerformanceTest64.exe, 00000006.00000003.44940996317.00000000033EE000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://creativecommons.org/ns#DerivativeWorks
Source: PerformanceTest64.exe, 00000006.00000003.44940996317.00000000033EE000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://creativecommons.org/ns#Distribution
Source: PerformanceTest64.exe, 00000006.00000003.44940996317.00000000033EE000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://creativecommons.org/ns#Reproduction
Source: petst.exe, 00000000.00000003.44367667503.000000007FE2F000.00000004.00001000.00020000.00000000.sdmp, petst.exe, 00000000.00000003.44366193671.0000000002A22000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crl.comodoca.com/AAACertificateServices.crl04
Source: petst.exe, 00000000.00000003.44367667503.000000007FE2F000.00000004.00001000.00020000.00000000.sdmp, petst.exe, 00000000.00000003.44366193671.0000000002A22000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crl.sectigo.com/SectigoPublicCodeSigningCAR36.crl0y
Source: petst.exe, 00000000.00000003.44367667503.000000007FE2F000.00000004.00001000.00020000.00000000.sdmp, petst.exe, 00000000.00000003.44366193671.0000000002A22000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crl.sectigo.com/SectigoPublicCodeSigningRootR46.crl0
Source: petst.exe, 00000000.00000003.44367667503.000000007FE2F000.00000004.00001000.00020000.00000000.sdmp, petst.exe, 00000000.00000003.44366193671.0000000002A22000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crl.sectigo.com/SectigoPublicTimeStampingCAR36.crl0z
Source: petst.exe, 00000000.00000003.44367667503.000000007FE2F000.00000004.00001000.00020000.00000000.sdmp, petst.exe, 00000000.00000003.44366193671.0000000002A22000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crl.sectigo.com/SectigoPublicTimeStampingRootR46.crl0
Source: petst.exe, 00000000.00000003.44367667503.000000007FE2F000.00000004.00001000.00020000.00000000.sdmp, petst.exe, 00000000.00000003.44366193671.0000000002A22000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crt.sectigo.com/SectigoPublicCodeSigningCAR36.crt0#
Source: petst.exe, 00000000.00000003.44367667503.000000007FE2F000.00000004.00001000.00020000.00000000.sdmp, petst.exe, 00000000.00000003.44366193671.0000000002A22000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crt.sectigo.com/SectigoPublicCodeSigningRootR46.p7c0#
Source: petst.exe, 00000000.00000003.44367667503.000000007FE2F000.00000004.00001000.00020000.00000000.sdmp, petst.exe, 00000000.00000003.44366193671.0000000002A22000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crt.sectigo.com/SectigoPublicTimeStampingCAR36.crt0#
Source: petst.exe, 00000000.00000003.44367667503.000000007FE2F000.00000004.00001000.00020000.00000000.sdmp, petst.exe, 00000000.00000003.44366193671.0000000002A22000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crt.sectigo.com/SectigoPublicTimeStampingRootR46.p7c0#
Source: PerformanceTest64.exe, 00000006.00000000.44907833301.0000000142F3F000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: http://iptc.org/std/Iptc4xmpCore/1.0/xmlns/
Source: petst.exe, 00000000.00000003.44367667503.000000007FE2F000.00000004.00001000.00020000.00000000.sdmp, petst.exe, 00000000.00000003.44366193671.0000000002A22000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://ocsp.comodoca.com0
Source: petst.exe, 00000000.00000003.44367667503.000000007FE2F000.00000004.00001000.00020000.00000000.sdmp, petst.exe, 00000000.00000003.44366193671.0000000002A22000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://ocsp.sectigo.com0
Source: PerformanceTest64.exe, 00000006.00000003.44940996317.00000000033EE000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://openclipart.org/
Source: PerformanceTest64.exe, 00000006.00000003.44940996317.00000000033EE000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://openclipart.org/detail/140179/mustang-500gt-by-rents
Source: petst.tmp, 00000002.00000003.44920361218.0000000005F79000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://opencv.org/D
Source: PerformanceTest64.exe, 00000006.00000003.44940996317.00000000033EE000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd
Source: PerformanceTest64.exe, 00000006.00000003.44940996317.00000000033EE000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://sozi.baierouge.fr
Source: PerformanceTest64.exe, 00000006.00000003.44940996317.00000000033EE000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.inkscape.org/namespaces/inkscape
Source: PerformanceTest64.exe, 00000006.00000003.44940996317.000000000310E000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://http://HTTP/1.0HttpSendRequestThread
Source: petst.exe, 00000000.00000000.44364781501.0000000000401000.00000020.00000001.01000000.00000003.sdmp	String found in binary or memory: https://jrsoftware.org/ishelp/index.php?topic=setupcmdlineSetupU
Source: PerformanceTest64.exe, 00000006.00000003.44940996317.00000000033EE000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://openclipart.org/detail/188361/a-10-thunderbolt-by-charner1963-188361
Source: petst.exe, 00000000.00000003.44367667503.000000007FE2F000.00000004.00001000.00020000.00000000.sdmp, petst.exe, 00000000.00000003.44366193671.0000000002A22000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://sectigo.com/CPS0
Source: PerformanceTest64.exe, 00000006.00000003.44935228125.0000000002352000.00000004.00000020.00020000.00000000.sdmp, PerformanceTest64.exe, 00000006.00000003.44920045860.0000000002312000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.cpubenchmark.net
Source: PerformanceTest64.exe, 00000006.00000003.44935228125.0000000002352000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.cpubenchmark.net;
Source: PerformanceTest64.exe, 00000006.00000000.44907833301.0000000142F3F000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.cpubenchmark.netPA
Source: PerformanceTest64.exe, 00000006.00000003.44935228125.0000000002352000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.cpubenchmark.net_
Source: PerformanceTest64.exe, 00000006.00000003.44940996317.000000000310E000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.cpubenchmark.netopenhttps://www.passmark.com/baselinesPerformanceTest%0.1fthstndrdth%d%s
Source: PerformanceTest64.exe, 00000006.00000003.44925786973.000000000232E000.00000004.00000020.00020000.00000000.sdmp, PerformanceTest64.exe, 00000006.00000003.44920045860.0000000002312000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.cpubenchmark.netz
Source: petst.exe, 00000000.00000003.44367667503.000000007FB7B000.00000004.00001000.00020000.00000000.sdmp, petst.exe, 00000000.00000003.44366193671.0000000002950000.00000004.00001000.00020000.00000000.sdmp, petst.tmp, 00000002.00000000.44370223318.0000000000401000.00000020.00000001.01000000.00000004.sdmp	String found in binary or memory: https://www.innosetup.com/
Source: PerformanceTest64.exe, 00000006.00000000.44907833301.0000000142F3F000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.passmark.com
Source: petst.exe, 00000000.00000003.44365337848.0000000002950000.00000004.00001000.00020000.00000000.sdmp, petst.exe, 00000000.00000003.44367667503.000000007FE2F000.00000004.00001000.00020000.00000000.sdmp, petst.exe, 00000000.00000003.44366193671.0000000002A22000.00000004.00001000.00020000.00000000.sdmp, petst.tmp, 00000002.00000003.44372501121.0000000002DA0000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.passmark.com/
Source: petst.exe, 00000000.00000003.44933747576.0000000002496000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.passmark.com/AhI
Source: PerformanceTest64.exe, 00000006.00000003.44922138250.0000000000643000.00000004.00000020.00020000.00000000.sdmp, PerformanceTest64.exe, 00000006.00000000.44907833301.0000000142F3F000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.passmark.com/baselines
Source: PerformanceTest64.exe, 00000006.00000003.44940996317.000000000310E000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.passmark.com/baselines/V10/archive/%s%d/%d%S.ziphttps://www.passmark.com/baselines/V9/ar
Source: PerformanceTest64.exe, 00000006.00000003.44940996317.000000000310E000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.passmark.com/baselines/V10/modelList.php
Source: PerformanceTest64.exe, 00000006.00000003.44940996317.000000000310E000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.passmark.com/baselines/V10/upload-v1031000.php%s
Source: PerformanceTest64.exe, 00000006.00000000.44907833301.0000000142F3F000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.passmark.com/baselines/V11/display.php?id=
Source: PerformanceTest64.exe, 00000006.00000003.44940996317.000000000310E000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.passmark.com/baselines/V11/display.php?id=%d%05d6#%lld.ptx8open1Copyhttps://www.passmark
Source: PerformanceTest64.exe, 00000006.00000003.44940996317.000000000310E000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.passmark.com/baselines/V11/generate_histdata.php
Source: PerformanceTest64.exe, 00000006.00000003.44940996317.000000000310E000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.passmark.com/baselines/V11/generate_histdata.php&chartType=&modelId=cacheServerTimeout
Source: PerformanceTest64.exe, 00000006.00000003.44940996317.000000000310E000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.passmark.com/baselines/V11/upload.php%d%05duserFile=&DEBUG&apikey=DebugLogSuccessDEBUG:
Source: PerformanceTest64.exe, 00000006.00000003.44922047096.000000000063C000.00000004.00000020.00020000.00000000.sdmp, PerformanceTest64.exe, 00000006.00000003.44920179311.0000000000601000.00000004.00000020.00020000.00000000.sdmp, PerformanceTest64.exe, 00000006.00000003.44923262705.0000000000645000.00000004.00000020.00020000.00000000.sdmp, PerformanceTest64.exe, 00000006.00000003.44922138250.0000000000643000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.passmark.com/baselines5
Source: PerformanceTest64.exe, 00000006.00000003.44931363172.0000000002440000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.passmark.com/baselinescorrect
Source: PerformanceTest64.exe, 00000006.00000003.44931363172.0000000002440000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.passmark.com/baselinessts:_
Source: PerformanceTest64.exe, 00000006.00000000.44907833301.0000000142F3F000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.passmark.com/baselinesyCould
Source: PerformanceTest64.exe, 00000006.00000003.44940996317.000000000310E000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.passmark.com/checkversion/index.phpa=%d&v=%d&k=%sresult=trueIBLK
Source: PerformanceTest64.exe, 00000006.00000003.44940996317.0000000002B95000.00000004.00000020.00020000.00000000.sdmp, PerformanceTest64.exe, 00000006.00000000.44906865086.000000014055C000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.passmark.com/checkversion/keytoapi.phpa=%shttps://www.passmark.com/checkversion/validate
Source: PerformanceTest64.exe, 00000006.00000003.44940996317.000000000310E000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.passmark.com/https://www.passmark.com/openResultsResultsTemperatureResultsTemperatureRes
Source: PerformanceTest64.exe, 00000006.00000003.44940996317.000000000310E000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.passmark.com/manage_services.phphttps://www.passmark.com/mybaselines/ADV_DBBENCHMARK_RES
Source: PerformanceTest64.exe, 00000006.00000003.44940996317.000000000310E000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.passmark.com/mybaselines/openhttps://www.passmark.com/mybaselines/https://www.passmark.c
Source: PerformanceTest64.exe, 00000006.00000003.44940996317.000000000310E000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.passmark.com/newuser.phphttps://www.passmark.com/manage_services.phphttps://www.passmark
Source: PerformanceTest64.exe, 00000006.00000003.44940996317.000000000310E000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.passmark.com/padfiles/petst.xml
Source: PerformanceTest64.exe, 00000006.00000000.44907833301.0000000142F3F000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.passmark.com/sales
Source: PerformanceTest64.exe, 00000006.00000000.44907833301.0000000142F3F000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.passmark.com/sales/upgrade
Source: PerformanceTest64.exe, 00000006.00000003.44940996317.000000000310E000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.passmark.com/sales/upgradeopenArialx:
Source: PerformanceTest64.exe, 00000006.00000003.44922047096.000000000063C000.00000004.00000020.00020000.00000000.sdmp, PerformanceTest64.exe, 00000006.00000003.44920179311.0000000000601000.00000004.00000020.00020000.00000000.sdmp, PerformanceTest64.exe, 00000006.00000003.44923262705.0000000000645000.00000004.00000020.00020000.00000000.sdmp, PerformanceTest64.exe, 00000006.00000003.44922138250.0000000000643000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.passmark.com/salesJ
Source: PerformanceTest64.exe, 00000006.00000003.44931363172.0000000002440000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.passmark.com/salesY
Source: PerformanceTest64.exe, 00000006.00000003.44940996317.000000000310E000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.passmark.com/salesordering.htmhttps://www.passmark.com/support/keyhelp.htmopenNo
Source: PerformanceTest64.exe, 00000006.00000003.44931363172.0000000002440000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.passmark.com/salesz
Source: PerformanceTest64.exe, 00000006.00000003.44920179311.0000000000601000.00000004.00000020.00020000.00000000.sdmp, PerformanceTest64.exe, 00000006.00000000.44907833301.0000000142F3F000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.passmark.com/support
Source: PerformanceTest64.exe, 00000006.00000003.44924228344.0000000002289000.00000004.00000020.00020000.00000000.sdmp, PerformanceTest64.exe, 00000006.00000003.44931596526.0000000000633000.00000004.00000020.00020000.00000000.sdmp, PerformanceTest64.exe, 00000006.00000003.44924981661.0000000002263000.00000004.00000020.00020000.00000000.sdmp, PerformanceTest64.exe, 00000006.00000003.44929614931.0000000000600000.00000004.00000020.00020000.00000000.sdmp, PerformanceTest64.exe, 00000006.00000003.44922223379.0000000002262000.00000004.00000020.00020000.00000000.sdmp, PerformanceTest64.exe, 00000006.00000003.44930463816.0000000000606000.00000004.00000020.00020000.00000000.sdmp, PerformanceTest64.exe, 00000006.00000003.44930631441.0000000000623000.00000004.00000020.00020000.00000000.sdmp, PerformanceTest64.exe, 00000006.00000000.44907833301.0000000142F3F000.00000002.00000001.01000000.00000008.sdmp, PerformanceTest64.exe, 00000006.00000003.44925702619.000000000226B000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.passmark.com/support/
Source: PerformanceTest64.exe, 00000006.00000003.44934144215.000000000064C000.00000004.00000020.00020000.00000000.sdmp, PerformanceTest64.exe, 00000006.00000003.44931596526.0000000000633000.00000004.00000020.00020000.00000000.sdmp, PerformanceTest64.exe, 00000006.00000003.44929614931.0000000000600000.00000004.00000020.00020000.00000000.sdmp, PerformanceTest64.exe, 00000006.00000003.44930463816.0000000000606000.00000004.00000020.00020000.00000000.sdmp, PerformanceTest64.exe, 00000006.00000003.44930631441.0000000000623000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.passmark.com/support/T
Source: PerformanceTest64.exe, 00000006.00000003.44924228344.0000000002289000.00000004.00000020.00020000.00000000.sdmp, PerformanceTest64.exe, 00000006.00000003.44922223379.0000000002262000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.passmark.com/support/XE
Source: PerformanceTest64.exe, 00000006.00000003.44934144215.000000000064C000.00000004.00000020.00020000.00000000.sdmp, PerformanceTest64.exe, 00000006.00000003.44931596526.0000000000633000.00000004.00000020.00020000.00000000.sdmp, PerformanceTest64.exe, 00000006.00000003.44929614931.0000000000600000.00000004.00000020.00020000.00000000.sdmp, PerformanceTest64.exe, 00000006.00000003.44930463816.0000000000606000.00000004.00000020.00020000.00000000.sdmp, PerformanceTest64.exe, 00000006.00000003.44930631441.0000000000623000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.passmark.com/support/b
Source: PerformanceTest64.exe, 00000006.00000003.44924228344.0000000002289000.00000004.00000020.00020000.00000000.sdmp, PerformanceTest64.exe, 00000006.00000003.44922223379.0000000002262000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.passmark.com/support/jF
Source: PerformanceTest64.exe, 00000006.00000000.44907833301.0000000142F3F000.00000002.00000001.01000000.00000008.sdmp	String found in binary or memory: https://www.passmark.com/support/keyhelp.htm
Source: PerformanceTest64.exe, 00000006.00000003.44940996317.000000000310E000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.passmark.com/support/keyhelp.htmNoise
Source: PerformanceTest64.exe, 00000006.00000003.44924228344.0000000002289000.00000004.00000020.00020000.00000000.sdmp, PerformanceTest64.exe, 00000006.00000003.44922223379.0000000002262000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.passmark.com/support/lF
Source: PerformanceTest64.exe, 00000006.00000003.44940996317.000000000310E000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.passmark.com/support/openDebug:
Source: PerformanceTest64.exe, 00000006.00000003.44934144215.000000000064C000.00000004.00000020.00020000.00000000.sdmp, PerformanceTest64.exe, 00000006.00000003.44931596526.0000000000633000.00000004.00000020.00020000.00000000.sdmp, PerformanceTest64.exe, 00000006.00000003.44929614931.0000000000600000.00000004.00000020.00020000.00000000.sdmp, PerformanceTest64.exe, 00000006.00000003.44930463816.0000000000606000.00000004.00000020.00020000.00000000.sdmp, PerformanceTest64.exe, 00000006.00000003.44930631441.0000000000623000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.passmark.com/support/~
Source: PerformanceTest64.exe, 00000006.00000003.44922047096.000000000063C000.00000004.00000020.00020000.00000000.sdmp, PerformanceTest64.exe, 00000006.00000003.44920179311.0000000000601000.00000004.00000020.00020000.00000000.sdmp, PerformanceTest64.exe, 00000006.00000003.44923262705.0000000000645000.00000004.00000020.00020000.00000000.sdmp, PerformanceTest64.exe, 00000006.00000003.44922138250.0000000000643000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.passmark.comq
Source: petst.exe, 00000000.00000003.44367667503.000000007FB7B000.00000004.00001000.00020000.00000000.sdmp, petst.exe, 00000000.00000003.44366193671.0000000002950000.00000004.00001000.00020000.00000000.sdmp, petst.tmp, 00000002.00000000.44370223318.0000000000401000.00000020.00000001.01000000.00000004.sdmp	String found in binary or memory: https://www.remobjects.com/ps

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443

Source: unknown

HTTPS traffic detected: 216.146.212.71:443 -> 192.168.11.20:49768 version: TLS 1.2

Source: petst.tmp.0.dr	Static PE information: Resource name: RT_RCDATA type: PE32+ executable (console) x86-64, for MS Windows
Source: is-7N7GA.tmp.2.dr	Static PE information: Resource name: RT_RCDATA type: PE32+ executable (console) x86-64, for MS Windows
Source: is-HR90I.tmp.2.dr	Static PE information: Resource name: RT_VERSION type: x86 executable not stripped
Source: is-GESAC.tmp.2.dr	Static PE information: Resource name: RT_VERSION type: COM executable for DOS
Source: is-LAE8N.tmp.2.dr	Static PE information: Resource name: RT_VERSION type: COM executable for DOS

Source: is-03G0A.tmp.2.dr	Static PE information: Number of sections : 20 > 10
Source: is-0CERA.tmp.2.dr	Static PE information: Number of sections : 20 > 10
Source: is-7J8R7.tmp.2.dr	Static PE information: Number of sections : 12 > 10

Source: petst.exe, 00000000.00000003.44367667503.000000007FE2F000.00000004.00001000.00020000.00000000.sdmp	Binary or memory string: OriginalFileName vs petst.exe
Source: petst.exe, 00000000.00000000.44365091755.00000000004B9000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: OriginalFileName vs petst.exe
Source: petst.exe, 00000000.00000003.44366193671.0000000002A22000.00000004.00001000.00020000.00000000.sdmp	Binary or memory string: OriginalFileName vs petst.exe

Source: petst.exe

Static PE information: RELOCS_STRIPPED, EXECUTABLE_IMAGE, 32BIT_MACHINE

Source: is-R957H.tmp.2.dr

Static PE information: Section: .dummy1 ZLIB complexity 0.99859375

Source: classification engine

Classification label: sus38.spyw.evad.winEXE@8/681@1/1

Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp

File created: C:\Program Files\PerformanceTest

Jump to behavior

Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp

File created: C:\Users\user\Desktop\PerformanceTest.lnk

Jump to behavior

Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6360:304:WilStaging_02
Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6360:120:WilError_03

Source: C:\Users\user\Desktop\petst.exe

File created: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp

Jump to behavior

Source: C:\Users\user\Desktop\petst.exe	Key opened: HKEY_CURRENT_USER\Software\Borland\Delphi\Locales	Jump to behavior
Source: C:\Users\user\Desktop\petst.exe	Key opened: HKEY_CURRENT_USER\Software\Borland\Delphi\Locales	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Key opened: HKEY_CURRENT_USER\Software\Borland\Delphi\Locales	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Key opened: HKEY_CURRENT_USER\Software\Borland\Delphi\Locales	Jump to behavior

Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp

File read: C:\Program Files\desktop.ini

Jump to behavior

Source: C:\Users\user\Desktop\petst.exe

Key opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers

Jump to behavior

Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp

Key value created or modified: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion RegisteredOrganization

Jump to behavior

Source: C:\Users\user\Desktop\petst.exe

File read: C:\Users\user\Desktop\petst.exe

Jump to behavior

Source: C:\Users\user\AppData\Local\Temp\is-2T6FH.tmp\_isetup\_setup64.tmp

Evasive API call chain: GetCommandLine,DecisionNodes,ExitProcess

graph_3-67

Source: unknown	Process created: C:\Users\user\Desktop\petst.exe "C:\Users\user\Desktop\petst.exe"
Source: C:\Users\user\Desktop\petst.exe	Process created: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp "C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp" /SL5="$103CA,82096316,744960,C:\Users\user\Desktop\petst.exe"
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Process created: C:\Users\user\AppData\Local\Temp\is-2T6FH.tmp\_isetup\_setup64.tmp helper 105 0x4D8
Source: C:\Users\user\AppData\Local\Temp\is-2T6FH.tmp\_isetup\_setup64.tmp	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Process created: C:\Program Files\PerformanceTest\PerformanceTest64.exe "C:\Program Files\PerformanceTest\PerformanceTest64.exe" /l en
Source: C:\Users\user\Desktop\petst.exe	Process created: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp "C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp" /SL5="$103CA,82096316,744960,C:\Users\user\Desktop\petst.exe"	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Process created: C:\Users\user\AppData\Local\Temp\is-2T6FH.tmp\_isetup\_setup64.tmp helper 105 0x4D8	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Process created: C:\Program Files\PerformanceTest\PerformanceTest64.exe "C:\Program Files\PerformanceTest\PerformanceTest64.exe" /l en	Jump to behavior

Source: C:\Users\user\Desktop\petst.exe	Section loaded: edgegdi.dll	Jump to behavior
Source: C:\Users\user\Desktop\petst.exe	Section loaded: uxtheme.dll	Jump to behavior
Source: C:\Users\user\Desktop\petst.exe	Section loaded: apphelp.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Section loaded: mpr.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Section loaded: version.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Section loaded: winhttp.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Section loaded: edgegdi.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Section loaded: uxtheme.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Section loaded: wtsapi32.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Section loaded: winsta.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Section loaded: textinputframework.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Section loaded: coreuicomponents.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Section loaded: coremessaging.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Section loaded: ntmarta.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Section loaded: wintypes.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Section loaded: wintypes.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Section loaded: wintypes.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Section loaded: mscms.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Section loaded: userenv.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Section loaded: coloradapterclient.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Section loaded: icm32.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Section loaded: textshaping.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Section loaded: dwmapi.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Section loaded: shfolder.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Section loaded: rstrtmgr.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Section loaded: ncrypt.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Section loaded: ntasn1.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Section loaded: msftedit.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Section loaded: windows.globalization.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Section loaded: bcp47langs.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Section loaded: bcp47mrm.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Section loaded: globinputhost.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Section loaded: windows.ui.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Section loaded: windowmanagementapi.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Section loaded: inputhost.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Section loaded: twinapi.appcore.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Section loaded: twinapi.appcore.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Section loaded: propsys.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Section loaded: windows.storage.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Section loaded: wldp.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Section loaded: profapi.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Section loaded: sspicli.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Section loaded: explorerframe.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Section loaded: sfc.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Section loaded: sfc_os.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Section loaded: apphelp.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Section loaded: linkinfo.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Section loaded: ntshrui.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Section loaded: srvcli.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Section loaded: cscapi.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Section loaded: netutils.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-2T6FH.tmp\_isetup\_setup64.tmp	Section loaded: edgegdi.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-2T6FH.tmp\_isetup\_setup64.tmp	Section loaded: ntmarta.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: version.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: wininet.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: d2d1.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: d3d11.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: msimg32.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: winmm.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: urlmon.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: pdh.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: dxgi.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: iertutil.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: srvcli.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: netutils.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: edgegdi.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: msasn1.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: uxtheme.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: windows.storage.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: wldp.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: profapi.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: dwmapi.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: textinputframework.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: coreuicomponents.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: coremessaging.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: ntmarta.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: wintypes.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: wintypes.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: wintypes.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: dwrite.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: atiadlxx.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: atiadlxy.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: atiadlxx.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: atiadlxy.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: nvapi64.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: devobj.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: textshaping.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: d3dx9_43.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: d3d9.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: d3dx9_43.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: resourcepolicyclient.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: d3dref9.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: dxcore.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: usp10.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: wtsapi32.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: winsta.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: riched20.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: msls31.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: riched32.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: perfos.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: cryptsp.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: rsaenh.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: cryptbase.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: wbemcomn.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: amsi.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: userenv.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: gpapi.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: powrprof.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: umpdc.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: wbemcomn.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: vbscript.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: sxs.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: wbemcomn.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: nvapi64.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: atiadlxx.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: ati2edxx.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: ze_loader.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: resourcepolicyclient.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: igfxdbgxchg64.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: vbscript.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: sspicli.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: ondemandconnroutehelper.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: winhttp.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: mswsock.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: iphlpapi.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: winnsi.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: dnsapi.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: rasadhlp.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: fwpuclnt.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: schannel.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: mskeyprotect.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: ntasn1.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: dpapi.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: ncrypt.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: ncryptsslp.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: vbscript.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: vbscript.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: vbscript.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: vbscript.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: vbscript.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: vbscript.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: vbscript.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: vbscript.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: vbscript.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: vbscript.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: vbscript.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: vbscript.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: vbscript.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: vbscript.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: vbscript.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: vbscript.dll	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Section loaded: vbscript.dll	Jump to behavior

Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp

Key value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{00BB2765-6A77-11D0-A535-00C04FD7D062}\InProcServer32

Jump to behavior

Source: PerformanceTest.lnk.2.dr	LNK file: ..\..\..\..\..\..\Program Files\PerformanceTest\PerformanceTest64.exe
Source: PerformanceTest Documentation.lnk.2.dr	LNK file: ..\..\..\..\..\..\Program Files\PerformanceTest\PerformanceTest_Help.exe
Source: PerformanceTest.lnk0.2.dr	LNK file: ..\..\..\Program Files\PerformanceTest\PerformanceTest64.exe
Source: Uninstall PerformanceTest.lnk.2.dr	LNK file: ..\..\..\..\..\..\Program Files\PerformanceTest\unins000.exe

Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp

Key value created or modified: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion RegisteredOwner

Jump to behavior

Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp

Window found: window name: TSelectLanguageForm

Jump to behavior

Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Automated click: OK
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Automated click: I accept the agreement
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Automated click: Next
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Automated click: I accept the agreement
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Automated click: Next
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Automated click: Next
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Automated click: I accept the agreement
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Automated click: Install
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Automated click: I accept the agreement
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Automated click: Next
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Automated click: I accept the agreement
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Automated click: Next
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Automated click: I accept the agreement
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Automated click: Next
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Automated click: I accept the agreement
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Automated click: Continue

Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp

File opened: C:\Windows\SysWOW64\MSFTEDIT.DLL

Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Window detected: License AgreementPlease read the following important information before continuing.Please read the following License Agreement. You must accept the terms of this agreement before continuing with the installation.PassMark Software Pty Ltd (PassMark)End User License Agreement (EULA)IMPORTANT! PLEASE READ THE FOLLOWING TERMS AND CONDITIONS.YOU THE INSTALLER OF THIS SOFTWARE AGREE THAT ALL OF THE TERMS AND CONDITIONS DESCRIBED BELOW APPLY TO YOU AND ANYONE ELSE WHO USES THIS SOFTWARE IF EITHER;YOU CLICK THE ACCEPT BUTTON OR YOU COPY INSTALL OR USE THIS COPY OF PASSMARK SOFTWARE OR YOU PERMIT OR ENABLE OTHERS TO COPY INSTALL OR USE THIS PASSMARK SOFTWARE.IF YOU DO NOT AGREE TO BE BOUND BY THE TERMS AND CONDITIONS DESCRIBED BELOW PLEASE TERMINATE INSTALLATION IMMEDIATELY AND DO NOT USE THIS SOFTWARE.SOFTWARE COVERED BY THIS LICENCEThis license agreement (Agreement) applies only to the version of the software package PerformanceTest V11 with which this Agreement is included. Different license terms may apply to other software packages from PassMark and license terms for later versions of PerformanceTest may also be changed.TITLEPassMark or its licensors own the PerformanceTest software package including all materials included with the package. PassMark owns the names and marks of PassMark PerformanceTest under copyright trademark and intellectual property laws and all other applicable laws.TERMINATIONThis license will terminate automatically if you fail to comply with any of the terms and conditions limitations and obligations described herein. On termination you must destroy all copies of the PassMark package and all other materials downloaded as part of the package.Trial VersionIf you are using a trial version of PerformanceTest then you must uninstall the software after the trial period of thirty (30) days has elapsed.DISCLAIMER OF WARRANTYPassMark disclaims any and all warranties express or implied including any implied warranties as to merchantability or fitness for a particular purpose. You acknowledge and agree that you had full opportunity to test PerformanceTest before any live public or production use that you assume full responsibility for selecting and using PerformanceTest and any files that may created through the use of PerformanceTest and that if you use PerformanceTest improperly or against instructions you can cause damage to your files software data or business. The entire risk as to quality and performance of PerformanceTest is borne by you. This disclaimer of warranty constitutes an essential part of the agreement. Some jurisdictions do allow exclusions of an implied warranty so this disclaimer may not apply to you and you may have other legal rights that vary by jurisdiction.LIMITATION OF LIABILITYIn no event shall PassMark its officers employees affiliates contractors subsidiaries or parent organizations be liable for any incidental consequential or punitive damages whatsoever relating to the use of PerformanceTest f
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Window detected: License AgreementPlease read the following important information before continuing.Please read the following License Agreement. You must accept the terms of this agreement before continuing with the installation.PassMark Software Pty Ltd (PassMark)End User License Agreement (EULA)IMPORTANT! PLEASE READ THE FOLLOWING TERMS AND CONDITIONS.YOU THE INSTALLER OF THIS SOFTWARE AGREE THAT ALL OF THE TERMS AND CONDITIONS DESCRIBED BELOW APPLY TO YOU AND ANYONE ELSE WHO USES THIS SOFTWARE IF EITHER;YOU CLICK THE ACCEPT BUTTON OR YOU COPY INSTALL OR USE THIS COPY OF PASSMARK SOFTWARE OR YOU PERMIT OR ENABLE OTHERS TO COPY INSTALL OR USE THIS PASSMARK SOFTWARE.IF YOU DO NOT AGREE TO BE BOUND BY THE TERMS AND CONDITIONS DESCRIBED BELOW PLEASE TERMINATE INSTALLATION IMMEDIATELY AND DO NOT USE THIS SOFTWARE.SOFTWARE COVERED BY THIS LICENCEThis license agreement (Agreement) applies only to the version of the software package PerformanceTest V11 with which this Agreement is included. Different license terms may apply to other software packages from PassMark and license terms for later versions of PerformanceTest may also be changed.TITLEPassMark or its licensors own the PerformanceTest software package including all materials included with the package. PassMark owns the names and marks of PassMark PerformanceTest under copyright trademark and intellectual property laws and all other applicable laws.TERMINATIONThis license will terminate automatically if you fail to comply with any of the terms and conditions limitations and obligations described herein. On termination you must destroy all copies of the PassMark package and all other materials downloaded as part of the package.Trial VersionIf you are using a trial version of PerformanceTest then you must uninstall the software after the trial period of thirty (30) days has elapsed.DISCLAIMER OF WARRANTYPassMark disclaims any and all warranties express or implied including any implied warranties as to merchantability or fitness for a particular purpose. You acknowledge and agree that you had full opportunity to test PerformanceTest before any live public or production use that you assume full responsibility for selecting and using PerformanceTest and any files that may created through the use of PerformanceTest and that if you use PerformanceTest improperly or against instructions you can cause damage to your files software data or business. The entire risk as to quality and performance of PerformanceTest is borne by you. This disclaimer of warranty constitutes an essential part of the agreement. Some jurisdictions do allow exclusions of an implied warranty so this disclaimer may not apply to you and you may have other legal rights that vary by jurisdiction.LIMITATION OF LIABILITYIn no event shall PassMark its officers employees affiliates contractors subsidiaries or parent organizations be liable for any incidental consequential or punitive damages whatsoever relating to the use of PerformanceTest f

Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe

Window detected: Number of UI elements: 19

Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\unins000.dat	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-7N7GA.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-R957H.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-6CSRR.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-JQA2K.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-GC7AO.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-3U9IO.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-0QCMU.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-GJRP5.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-T9C6F.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-SDVKA.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-NLFHM.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-8DGTT.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-63OP6.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-FFCOU.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-UMOBR.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-CQ0FJ.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-4FNSM.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-TPV1C.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-KC594.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-JQP10.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-JVAEM.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-BTJ2D.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-CHTH9.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-BSMOR.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-BHLGV.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-FFQ4P.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-PKFG3.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-71PHT.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-C3G98.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-5U057.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-3BELA.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-B7QQU.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-7GI1A.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-5KHKG.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-2THKK.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-SS3MK.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-BM06S.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-3B1NB.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-3TG5S.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-1C2RQ.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-55SBN.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-D5G6G.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-HG14O.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-V32L6.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-KRI5I.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-4QFEO.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-VAOH0.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-84V1G.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-S15E6.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-AEAGR.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-5S5ED.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-5LRJH.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-AM03A.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-HJB1G.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-HCG4N.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-0UPI0.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-3606N.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-1UV9G.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-B7NVL.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-FVDNM.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-F25U4.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-D405I.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-D0HEV.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-ISMJA.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-8A1JA.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-B1N6E.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-KS46E.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-NSI7L.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-2M1K0.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-MO4GU.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-QN8TQ.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-2UKBF.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-8J0HV.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-CH4TN.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-DK7GQ.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-V1S9E.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-6UJ2U.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-JENPJ.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-91KV6.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-67B0D.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-BKM0M.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-3E55A.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-PAHCN.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-M1P32.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\SpaceBattle\is-1TS8U.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-1G3LJ.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-EV615.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-E2CO5.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-0ESTF.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-JLUJ7.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-87387.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-TIFQF.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-49140.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-M3RQT.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-0BUHL.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\Skybox	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\Skybox\is-EA5ON.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\Skybox\is-SBI69.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\Skybox\is-2O1TD.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\Skybox\is-SDGH8.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\Structures	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\Structures\is-1K1LM.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\Structures\is-H67I4.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\Terrain	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\Terrain\is-56TVG.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\Terrain\is-KEIUN.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\Terrain\is-TDS83.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\Terrain\is-RSKP6.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\Terrain\is-SC9PU.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\Transparency	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\Transparency\is-1AULR.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\UI	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\UI\is-EM9QN.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\misc	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\misc\is-8ANHA.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\Media\UI\is-J1HPE.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\models	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\models\FaceDetect	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\models\FaceDetect\is-U69MC.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\models\FaceDetect\is-ENGC9.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\is-5Q5K5.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Cobie Smulders	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Cobie Smulders\is-18QUP.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Cobie Smulders\is-L4541.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Cobie Smulders\is-0UTFI.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Cobie Smulders\is-HOQVI.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Cobie Smulders\is-FT8UM.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Cobie Smulders\is-MOR6I.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Cobie Smulders\is-6HSBA.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Cobie Smulders\is-G07L6.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Cobie Smulders\is-VO41T.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Cobie Smulders\is-43D9O.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Cobie Smulders\is-DFBQ7.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Cobie Smulders\is-BTTQR.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Cobie Smulders\is-TQV57.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Cobie Smulders\is-Q0HTB.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Cobie Smulders\is-8EKB4.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Cobie Smulders\is-6CVQ9.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Cobie Smulders\is-METPC.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Cobie Smulders\is-M6IL2.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Cobie Smulders\is-5AU0N.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Cobie Smulders\is-RGE17.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_drake	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_drake\is-08Q33.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_drake\is-KQA8L.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_drake\is-VC6HO.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_drake\is-JUL1E.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_drake\is-12AR5.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_drake\is-ED2JT.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_drake\is-ISN90.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_drake\is-TDRGL.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_drake\is-LO9E9.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_drake\is-5JIMI.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_drake\is-VRR56.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_drake\is-DHG8L.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_drake\is-ETNT7.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_drake\is-S5SKB.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_drake\is-GTKP3.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_drake\is-QOO75.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_drake\is-RK6SO.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_drake\is-EOBL0.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_drake\is-47KBE.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_drake\is-UTSDU.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Jason Momoa	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Jason Momoa\is-3ORLK.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Jason Momoa\is-UTI4A.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Jason Momoa\is-RQDN0.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Jason Momoa\is-UMO2N.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Jason Momoa\is-RMM4I.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Jason Momoa\is-R17I1.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Jason Momoa\is-2OEAH.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Jason Momoa\is-PM6F9.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Jason Momoa\is-2DMQB.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Jason Momoa\is-RC6HR.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Jason Momoa\is-SPJ8N.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Jason Momoa\is-EEH1B.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Jason Momoa\is-3V4RM.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Jason Momoa\is-K1ARJ.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Jason Momoa\is-TRV8D.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Jason Momoa\is-64TAM.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Jason Momoa\is-1EK1B.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Jason Momoa\is-33FAV.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Jason Momoa\is-F1GK9.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Jason Momoa\is-35R11.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Kumail Nanjiani	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Kumail Nanjiani\is-88AO3.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Kumail Nanjiani\is-AKBVN.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Kumail Nanjiani\is-EANB3.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Kumail Nanjiani\is-MAHU5.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Kumail Nanjiani\is-9S80M.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Kumail Nanjiani\is-DSJTK.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Kumail Nanjiani\is-UUAVK.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Kumail Nanjiani\is-5VFVP.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Kumail Nanjiani\is-DU9FR.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Kumail Nanjiani\is-HCJCE.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Kumail Nanjiani\is-7E0OJ.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Kumail Nanjiani\is-QRN7M.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Kumail Nanjiani\is-VRHEB.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Kumail Nanjiani\is-56DNS.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Kumail Nanjiani\is-381GP.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Kumail Nanjiani\is-DPBRJ.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Kumail Nanjiani\is-1KCOT.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Kumail Nanjiani\is-90RFM.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Kumail Nanjiani\is-L5VMT.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Kumail Nanjiani\is-PV259.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Pedro Alonso	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Pedro Alonso\is-LBP09.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Pedro Alonso\is-1J87L.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Pedro Alonso\is-G8DDO.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Pedro Alonso\is-VACIF.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Pedro Alonso\is-MRA99.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Pedro Alonso\is-UQGNH.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Pedro Alonso\is-KFIC2.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Pedro Alonso\is-8B9KU.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Pedro Alonso\is-6SHCI.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Pedro Alonso\is-Q70R1.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Pedro Alonso\is-511SH.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Pedro Alonso\is-F0I2D.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Pedro Alonso\is-HN1MU.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Pedro Alonso\is-T3HHT.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Pedro Alonso\is-5AGU0.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Pedro Alonso\is-456KL.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Pedro Alonso\is-23N95.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Pedro Alonso\is-656VU.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Pedro Alonso\is-IHC35.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Pedro Alonso\is-4UU9D.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Ryan Reynolds	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Ryan Reynolds\is-QKSNU.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Ryan Reynolds\is-DKECS.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Ryan Reynolds\is-MVDIO.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Ryan Reynolds\is-HTK2E.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Ryan Reynolds\is-MJHC2.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Ryan Reynolds\is-FUS4E.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Ryan Reynolds\is-SSJ7I.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Ryan Reynolds\is-2RL5F.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Ryan Reynolds\is-S1F28.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Ryan Reynolds\is-E29MC.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Ryan Reynolds\is-E5KGA.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Ryan Reynolds\is-RFES8.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Ryan Reynolds\is-GGGB8.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Ryan Reynolds\is-R0JMF.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Ryan Reynolds\is-MFOFP.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Ryan Reynolds\is-BTSKJ.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Ryan Reynolds\is-9UMBR.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Ryan Reynolds\is-MCNSE.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Ryan Reynolds\is-59BSM.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dataset\FaceDetect\pins-face-recognition\pins_Ryan Reynolds\is-GTM05.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-T7ESP.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-R0J42.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-L7N1Q.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-ERSKP.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-JPQAP.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-HBVD3.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-6HJTS.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-BHAC4.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-Q3HMK.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-TCHR8.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-1N43L.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-HOV41.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-01CL1.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-6UOM9.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-066PT.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-INEU5.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-D47EO.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-4NP9V.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-0CERA.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-03G0A.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-HR90I.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-OOE62.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-ILOMN.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-2V8K8.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-7J8R7.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-M94U9.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-KO0EQ.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-QIT7M.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-OQL3E.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-GESAC.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\css	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\css\is-ORNQB.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\css\is-MNUCD.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\css\is-IQOI0.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\css\is-P9264.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\css\is-UHS43.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dll_x64	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dll_x64\is-95MO4.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dll_x64\is-AM0JK.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dll_x64\is-08HH9.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dll_x64\is-A6CAP.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dll_x64\is-HEP4K.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dll_x64\is-6R392.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dll_x64\is-8FGFI.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dll_x64\is-GVV16.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dll_x64\is-EVEFK.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dll_x64\is-6T573.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\dll_x64\is-LAE8N.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-MSOE1.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\is-C0649.tmp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Directory created: C:\Program Files\PerformanceTest\unins000.msg	Jump to behavior

Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp

Registry value created: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PerformanceTest 11_is1

Jump to behavior

Source: petst.exe

Static PE information: certificate valid

Source: petst.exe

Static file information: File size 83004160 > 1048576

Source: petst.exe

Static PE information: DYNAMIC_BASE, NX_COMPAT, TERMINAL_SERVER_AWARE

Source:	Binary string: E:\opencv-build\bin\Release\opencv_imgproc460.pdb source: petst.tmp, 00000002.00000003.44920361218.0000000005B90000.00000004.00001000.00020000.00000000.sdmp
Source:	Binary string: D:\PerformanceTest\_Build\Release\debug64\PerformanceTest\PerformanceTest64.pdb source: PerformanceTest64.exe, 00000006.00000003.44940996317.000000000310E000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: d3d11ref.pdb"; source: petst.tmp, 00000002.00000003.44920361218.0000000005B90000.00000004.00001000.00020000.00000000.sdmp
Source:	Binary string: d3d11ref.pdb source: petst.tmp, 00000002.00000003.44920361218.0000000005B90000.00000004.00001000.00020000.00000000.sdmp

Source: is-8DGTT.tmp.2.dr

Static PE information: 0xB2BF685C [Sun Jan 11 08:35:40 2065 UTC]

Source: petst.exe	Static PE information: section name: .didata
Source: petst.tmp.0.dr	Static PE information: section name: .didata
Source: is-T9C6F.tmp.2.dr	Static PE information: section name: _RDATA
Source: is-8DGTT.tmp.2.dr	Static PE information: section name: _RDATA
Source: is-63OP6.tmp.2.dr	Static PE information: section name: .didat
Source: is-63OP6.tmp.2.dr	Static PE information: section name: _RDATA
Source: is-7N7GA.tmp.2.dr	Static PE information: section name: .didata
Source: is-R957H.tmp.2.dr	Static PE information: section name: .dummy1
Source: is-R957H.tmp.2.dr	Static PE information: section name: _RDATA
Source: is-R957H.tmp.2.dr	Static PE information: section name: .vlizer
Source: is-6CSRR.tmp.2.dr	Static PE information: section name: _RDATA
Source: is-JQA2K.tmp.2.dr	Static PE information: section name: _RDATA
Source: is-GC7AO.tmp.2.dr	Static PE information: section name: _RDATA
Source: is-0QCMU.tmp.2.dr	Static PE information: section name: _RDATA
Source: is-GJRP5.tmp.2.dr	Static PE information: section name: _RDATA
Source: is-D47EO.tmp.2.dr	Static PE information: section name: .00cfg
Source: is-4NP9V.tmp.2.dr	Static PE information: section name: .00cfg
Source: is-0CERA.tmp.2.dr	Static PE information: section name: .xdata
Source: is-0CERA.tmp.2.dr	Static PE information: section name: /4
Source: is-0CERA.tmp.2.dr	Static PE information: section name: /19
Source: is-0CERA.tmp.2.dr	Static PE information: section name: /31
Source: is-0CERA.tmp.2.dr	Static PE information: section name: /45
Source: is-0CERA.tmp.2.dr	Static PE information: section name: /57
Source: is-0CERA.tmp.2.dr	Static PE information: section name: /70
Source: is-0CERA.tmp.2.dr	Static PE information: section name: /81
Source: is-0CERA.tmp.2.dr	Static PE information: section name: /92
Source: is-03G0A.tmp.2.dr	Static PE information: section name: .xdata
Source: is-03G0A.tmp.2.dr	Static PE information: section name: /4
Source: is-03G0A.tmp.2.dr	Static PE information: section name: /19
Source: is-03G0A.tmp.2.dr	Static PE information: section name: /31
Source: is-03G0A.tmp.2.dr	Static PE information: section name: /45
Source: is-03G0A.tmp.2.dr	Static PE information: section name: /57
Source: is-03G0A.tmp.2.dr	Static PE information: section name: /70
Source: is-03G0A.tmp.2.dr	Static PE information: section name: /81
Source: is-03G0A.tmp.2.dr	Static PE information: section name: /92
Source: is-ILOMN.tmp.2.dr	Static PE information: section name: .00cfg
Source: is-2V8K8.tmp.2.dr	Static PE information: section name: .00cfg
Source: is-7J8R7.tmp.2.dr	Static PE information: section name: .xdata
Source: is-M94U9.tmp.2.dr	Static PE information: section name: .didat
Source: is-GESAC.tmp.2.dr	Static PE information: section name: _RDATA
Source: is-8FGFI.tmp.2.dr	Static PE information: section name: IPPCODE
Source: is-8FGFI.tmp.2.dr	Static PE information: section name: IPPDATA
Source: is-8FGFI.tmp.2.dr	Static PE information: section name: _RDATA
Source: is-GVV16.tmp.2.dr	Static PE information: section name: _RDATA
Source: is-6T573.tmp.2.dr	Static PE information: section name: _RDATA
Source: is-LAE8N.tmp.2.dr	Static PE information: section name: IPPCODE
Source: is-LAE8N.tmp.2.dr	Static PE information: section name: IPPDATA
Source: is-LAE8N.tmp.2.dr	Static PE information: section name: _RDATA
Source: is-MSOE1.tmp.2.dr	Static PE information: section name: _RDATA
Source: is-0ESTF.tmp.2.dr	Static PE information: section name: _RDATA
Source: is-87387.tmp.2.dr	Static PE information: section name: _RDATA
Source: is-49140.tmp.2.dr	Static PE information: section name: _RDATA

Source: is-R957H.tmp.2.dr

Static PE information: section name: .dummy1 entropy: 7.994320043285757

Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\libpq.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\PT-OpenCV64.exe (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\dll_x64\is-EVEFK.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\is-GC7AO.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\is-6UOM9.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\is-MSOE1.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\is-HBVD3.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\is-OQL3E.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\is-03G0A.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\Mandel.exe (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\libwinpthread-1.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\dll_x64\glew64.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\is-C0649.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\dll_x64\is-95MO4.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\is-TCHR8.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\d3dx10_43.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\PerformanceTest64.exe (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\PT-BulletPhysics64.exe (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\DirectIo64_legacy.sys (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\QJulia4D.exe (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\is-01CL1.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\dll_x64\is-LAE8N.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\is-0QCMU.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\is-M94U9.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\is-HR90I.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\PT-D3D11Test.exe (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\dll_x64\is-A6CAP.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\is-Q3HMK.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\is-R957H.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\is-SDVKA.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\clpeak64.exe (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\is-3U9IO.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\unins000.exe (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\is-HOV41.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\dll_x64\opencv_imgcodecs460.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\dll_x64\is-HEP4K.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\PerformanceTest_Help.exe (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\dll_x64\d3dx9_43.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\is-7N7GA.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\ze_loader.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\is-T7ESP.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\is-D47EO.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\libssl-3-x64.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\is-4NP9V.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\is-7J8R7.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\is-T9C6F.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\glut32.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\is-JPQAP.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\is-2V8K8.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\dll_x64\opencv_core460.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\dll_x64\opencv_highgui460.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\is-NLFHM.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\dll_x64\is-6R392.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\libiconv-2.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\dll_x64\opencv_dnn460.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\is-8DGTT.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\PT-InternetSpeedTest.exe (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\dll_x64\D3DCompiler_43.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\PT-DatabaseTest64.exe (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\is-1N43L.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\is-ILOMN.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\is-BHAC4.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\dstoragecore.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\is-GESAC.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\MSVCP140.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\is-GJRP5.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\is-TIFQF.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\dll_x64\is-08HH9.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\is-6HJTS.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\amd_ags_x64.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\libcrypto-3-x64.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\dll_x64\opencv_imgproc460.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\glew32.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\PT-DBBenchmark64.exe (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\dll_x64\is-8FGFI.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\Fluid3D.exe (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\libintl-9.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\is-63OP6.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\is-87387.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\dll_x64\d3dx11_43.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\dll_x64\is-AM0JK.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\is-6CSRR.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\DirectIo64.sys (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\freeglut.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\vcruntime140_1.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\D3DCompiler_43.dll (copy)	Jump to dropped file
Source: C:\Users\user\Desktop\petst.exe	File created: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\is-JLUJ7.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\dll_x64\is-6T573.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\d3dx11_43.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\dll_x64\d3dx10_43.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\dstorage.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\dll_x64\freeglut.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\PT-NBodyGravity.exe (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\is-49140.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\is-066PT.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\PT-D3D12Test64.exe (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\is-OOE62.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\d3dx9_43.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\libmysql.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\libcrypto-1_1-x64.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\libssl-1_1-x64.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\is-EV615.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\vcruntime140.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\PT-CPUTest64.exe (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Users\user\AppData\Local\Temp\is-2T6FH.tmp\_isetup\_setup64.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\is-E2CO5.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\is-0ESTF.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\is-JQA2K.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\PT-PDFTest.exe (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\dll_x64\is-GVV16.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\d3d11ref.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\is-0CERA.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\oclParticles.exe (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\Program Files\PerformanceTest\amd_ags_x86.dll (copy)	Jump to dropped file

Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PerformanceTest	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PerformanceTest\PerformanceTest.lnk	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PerformanceTest\PerformanceTest Documentation.lnk	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	File created: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PerformanceTest\Uninstall PerformanceTest.lnk	Jump to behavior

Source: C:\Users\user\Desktop\petst.exe	Process information set: FAILCRITICALERRORS \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Process information set: FAILCRITICALERRORS \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Process information set: FAILCRITICALERRORS \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Process information set: FAILCRITICALERRORS \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Process information set: FAILCRITICALERRORS \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Process information set: FAILCRITICALERRORS \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Process information set: FAILCRITICALERRORS \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Process information set: FAILCRITICALERRORS \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Process information set: FAILCRITICALERRORS \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Process information set: FAILCRITICALERRORS \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Process information set: FAILCRITICALERRORS \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior

Malware Analysis System Evasion

Queries memory information (via WMI often done to detect virtual machines)

Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe

WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PhysicalMemory

Queries sensitive disk information (via WMI, Win32_DiskDrive, often done to detect virtual machines)

Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT Name FROM Win32_DiskDrive
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_DiskDrive
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_DiskDrive

Queries sensitive network adapter information (via WMI, Win32_NetworkAdapter, often done to detect virtual machines)

Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_NetworkAdapter
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_NetworkAdapterConfiguration WHERE MacAddress = "D0:50:99:DB:23:98"
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_NetworkAdapterConfiguration WHERE MacAddress = "D0:50:99:DB:23:97"

Queries sensitive physical memory information (via WMI, Win32_PhysicalMemory, often done to detect virtual machines)

Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe

WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PhysicalMemory

Queries sensitive port information (via WMI, Win32_SerialPort, often done to detect virtual machines)

Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_SerialPort
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_ParallelPort

Query firmware table information (likely to detect VMs)

Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe

System information queried: FirmwareTableInformation

Jump to behavior

Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe

Registry key queried: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}\0001 name: DriverDesc

Jump to behavior

Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\libpq.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\PT-OpenCV64.exe (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\dll_x64\is-EVEFK.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\is-GC7AO.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\is-6UOM9.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\is-MSOE1.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\is-HBVD3.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\is-OQL3E.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\is-03G0A.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\Mandel.exe (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\libwinpthread-1.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\dll_x64\glew64.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\is-C0649.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\dll_x64\is-95MO4.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\d3dx10_43.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\is-TCHR8.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\PT-BulletPhysics64.exe (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\DirectIo64_legacy.sys (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\QJulia4D.exe (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\is-01CL1.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\dll_x64\is-LAE8N.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\is-0QCMU.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\is-M94U9.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\is-HR90I.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\PT-D3D11Test.exe (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\dll_x64\is-A6CAP.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\is-Q3HMK.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\is-SDVKA.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\clpeak64.exe (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\is-3U9IO.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\is-HOV41.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\dll_x64\opencv_imgcodecs460.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\dll_x64\is-HEP4K.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\PerformanceTest_Help.exe (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\is-T7ESP.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\is-D47EO.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\libssl-3-x64.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\is-4NP9V.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\is-7J8R7.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\is-T9C6F.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\glut32.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\is-JPQAP.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\is-2V8K8.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\dll_x64\opencv_core460.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\dll_x64\opencv_highgui460.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\is-NLFHM.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\dll_x64\is-6R392.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\libiconv-2.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\dll_x64\opencv_dnn460.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\PT-InternetSpeedTest.exe (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\is-8DGTT.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\dll_x64\D3DCompiler_43.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\PT-DatabaseTest64.exe (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\is-1N43L.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\is-ILOMN.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\dstoragecore.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\is-BHAC4.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\is-GESAC.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\MSVCP140.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\is-TIFQF.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\is-GJRP5.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\dll_x64\is-08HH9.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\is-6HJTS.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\amd_ags_x64.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\libcrypto-3-x64.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\dll_x64\opencv_imgproc460.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\glew32.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\PT-DBBenchmark64.exe (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\Fluid3D.exe (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\dll_x64\is-8FGFI.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\libintl-9.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\is-63OP6.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\is-87387.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\dll_x64\d3dx11_43.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\dll_x64\is-AM0JK.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\DirectIo64.sys (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\is-6CSRR.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\vcruntime140_1.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\freeglut.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\D3DCompiler_43.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\is-JLUJ7.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\d3dx11_43.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\dll_x64\is-6T573.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\dll_x64\d3dx10_43.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\dll_x64\freeglut.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\dstorage.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\PT-NBodyGravity.exe (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\is-49140.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\is-066PT.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\PT-D3D12Test64.exe (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\is-OOE62.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\libmysql.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\libcrypto-1_1-x64.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\libssl-1_1-x64.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\is-EV615.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\vcruntime140.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\PT-CPUTest64.exe (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\is-E2CO5.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\is-0ESTF.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\is-JQA2K.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\PT-PDFTest.exe (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\d3d11ref.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\dll_x64\is-GVV16.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\is-0CERA.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\oclParticles.exe (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Dropped PE file which has not been started: C:\Program Files\PerformanceTest\amd_ags_x86.dll (copy)	Jump to dropped file

Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe

File opened: PhysicalDrive0

Jump to behavior

Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_BaseBoard
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_BIOS
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_BaseBoard

Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe

WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_ComputerSystem

Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	File Volume queried: C:\ FullSizeInformation			Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	File Volume queried: C:\ FullSizeInformation			Jump to behavior

Source: PerformanceTest64.exe, 00000006.00000003.44940996317.000000000310E000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: VMware VMFS
Source: PerformanceTest64.exe, 00000006.00000000.44907833301.00000001443EA000.00000002.00000001.01000000.00000008.sdmp	Binary or memory string: NVmci
Source: PerformanceTest64.exe, 00000006.00000003.44940996317.000000000310E000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: VMware VMKCORE
Source: PerformanceTest64.exe, 00000006.00000003.44951858663.0000000002D91000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: ROOT\VMWARE\0001

Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp

Process information queried: ProcessInformation

Jump to behavior

Anti Debugging

Tries to detect sandboxes and other dynamic analysis tools (window names)

Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe

Open window title or class name: ollydbg

Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp

Process created: C:\Users\user\AppData\Local\Temp\is-2T6FH.tmp\_isetup\_setup64.tmp helper 105 0x4D8

Jump to behavior

Source: C:\Users\user\AppData\Local\Temp\is-2T6FH.tmp\_isetup\_setup64.tmp

Code function: 3_2_0000000140001000 GetNamedSecurityInfoW,AllocateAndInitializeSid,SetEntriesInAclW,SetNamedSecurityInfoW,LocalFree,FreeSid,LocalFree,GetLastError,

Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Queries volume information: C:\ VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Queries volume information: C:\ VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Queries volume information: C:\ VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp	Queries volume information: C:\ VolumeInformation	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Queries volume information: C:\ VolumeInformation	Jump to behavior

Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Device IO: \Device\Harddisk0\DR0	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Device IO: \Device\Harddisk0\DR0	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Device IO: \Device\Harddisk0\DR0	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Device IO: \Device\Harddisk0\DR0	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Device IO: \Device\Harddisk0\DR0	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Device IO: \Device\Harddisk0\DR0	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Device IO: \Device\Harddisk0\DR0	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Device IO: \Device\Harddisk0\DR0	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Device IO: \Device\Harddisk0\DR0	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Device IO: \Device\Harddisk0\DR0	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Device IO: \Device\Harddisk0\DR0	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Device IO: \Device\Harddisk0\DR0	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Device IO: \Device\Harddisk0\DR0	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Device IO: \Device\Harddisk0\DR0	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Device IO: \Device\Harddisk0\DR0	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Device IO: \Device\Harddisk0\DR0	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Device IO: \Device\Harddisk0\DR0	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Device IO: \Device\Harddisk0\DR0	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Device IO: \Device\Harddisk0\DR0	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Device IO: \Device\Harddisk0\DR0	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Device IO: \Device\Harddisk0\DR0	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Device IO: \Device\Harddisk0\DR0	Jump to behavior
Source: C:\Program Files\PerformanceTest\PerformanceTest64.exe	Device IO: \Device\Harddisk0\DR0	Jump to behavior

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	62 Windows Management Instrumentation	1 Windows Service	1 Windows Service	3 Masquerading	OS Credential Dumping	831 Security Software Discovery	Remote Services	Data from Local System	1 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	2 Command and Scripting Interpreter	1 Registry Run Keys / Startup Folder	11 Process Injection	63 Virtualization/Sandbox Evasion	LSASS Memory	63 Virtualization/Sandbox Evasion	Remote Desktop Protocol	Data from Removable Media	1 Ingress Tool Transfer	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	1 Native API	1 DLL Side-Loading	1 Registry Run Keys / Startup Folder	11 Process Injection	Security Account Manager	1 Process Discovery	SMB/Windows Admin Shares	Data from Network Shared Drive	2 Non-Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	1 DLL Side-Loading	1 Obfuscated Files or Information	NTDS	2 System Owner/User Discovery	Distributed Component Object Model	Input Capture	3 Application Layer Protocol	Traffic Duplication	Data Destruction
Gather Victim Network Information	Server	Cloud Accounts	Launchd	Network Logon Script	Network Logon Script	2 Software Packing	LSA Secrets	1 File and Directory Discovery	SSH	Keylogging	Fallback Channels	Scheduled Transfer	Data Encrypted for Impact
Domain Properties	Botnet	Replication Through Removable Media	Scheduled Task	RC Scripts	RC Scripts	1 Timestomp	Cached Domain Credentials	242 System Information Discovery	VNC	GUI Input Capture	Multiband Communication	Data Transfer Size Limits	Service Stop
DNS	Web Services	External Remote Services	Systemd Timers	Startup Items	Startup Items	1 DLL Side-Loading	DCSync	Remote System Discovery	Windows Remote Management	Web Portal Capture	Commonly Used Port	Exfiltration Over C2 Channel	Inhibit System Recovery

Source	Detection	Scanner
C:\Program Files\PerformanceTest\D3DCompiler_43.dll (copy)	3%	ReversingLabs
C:\Program Files\PerformanceTest\DirectIo64.sys (copy)	0%	ReversingLabs
C:\Program Files\PerformanceTest\DirectIo64_legacy.sys (copy)	0%	ReversingLabs
C:\Program Files\PerformanceTest\Fluid3D.exe (copy)	0%	ReversingLabs
C:\Program Files\PerformanceTest\MSVCP140.dll (copy)	0%	ReversingLabs
C:\Program Files\PerformanceTest\PT-BulletPhysics64.exe (copy)	0%	ReversingLabs
C:\Program Files\PerformanceTest\PT-CPUTest64.exe (copy)	0%	ReversingLabs
C:\Program Files\PerformanceTest\PT-D3D11Test.exe (copy)	0%	ReversingLabs
C:\Program Files\PerformanceTest\PT-DBBenchmark64.exe (copy)	0%	ReversingLabs
C:\Program Files\PerformanceTest\PT-DatabaseTest64.exe (copy)	0%	ReversingLabs
C:\Program Files\PerformanceTest\PT-InternetSpeedTest.exe (copy)	0%	ReversingLabs
C:\Program Files\PerformanceTest\PT-OpenCV64.exe (copy)	0%	ReversingLabs
C:\Program Files\PerformanceTest\PT-PDFTest.exe (copy)	0%	ReversingLabs
C:\Program Files\PerformanceTest\QJulia4D.exe (copy)	0%	ReversingLabs
C:\Program Files\PerformanceTest\amd_ags_x64.dll (copy)	0%	ReversingLabs
C:\Program Files\PerformanceTest\amd_ags_x86.dll (copy)	0%	ReversingLabs
C:\Program Files\PerformanceTest\clpeak64.exe (copy)	0%	ReversingLabs
C:\Program Files\PerformanceTest\d3d11ref.dll (copy)	0%	ReversingLabs
C:\Program Files\PerformanceTest\d3dx10_43.dll (copy)	0%	ReversingLabs
C:\Program Files\PerformanceTest\d3dx11_43.dll (copy)	0%	ReversingLabs
C:\Program Files\PerformanceTest\d3dx9_43.dll (copy)	3%	ReversingLabs
C:\Program Files\PerformanceTest\dll_x64\D3DCompiler_43.dll (copy)	0%	ReversingLabs
C:\Program Files\PerformanceTest\dll_x64\d3dx10_43.dll (copy)	0%	ReversingLabs
C:\Program Files\PerformanceTest\dll_x64\d3dx11_43.dll (copy)	0%	ReversingLabs
C:\Program Files\PerformanceTest\dll_x64\d3dx9_43.dll (copy)	0%	ReversingLabs
C:\Program Files\PerformanceTest\dll_x64\freeglut.dll (copy)	2%	ReversingLabs
C:\Program Files\PerformanceTest\dll_x64\glew64.dll (copy)	0%	ReversingLabs
C:\Program Files\PerformanceTest\dll_x64\is-08HH9.tmp	0%	ReversingLabs
C:\Program Files\PerformanceTest\dll_x64\is-6R392.tmp	0%	ReversingLabs
C:\Program Files\PerformanceTest\dll_x64\is-6T573.tmp	0%	ReversingLabs
C:\Program Files\PerformanceTest\dll_x64\is-8FGFI.tmp	0%	ReversingLabs
C:\Program Files\PerformanceTest\dll_x64\is-95MO4.tmp	0%	ReversingLabs
C:\Program Files\PerformanceTest\dll_x64\is-A6CAP.tmp	0%	ReversingLabs
C:\Program Files\PerformanceTest\dll_x64\is-AM0JK.tmp	0%	ReversingLabs
C:\Program Files\PerformanceTest\dll_x64\is-EVEFK.tmp	0%	ReversingLabs
C:\Program Files\PerformanceTest\dll_x64\is-GVV16.tmp	0%	ReversingLabs
C:\Program Files\PerformanceTest\dll_x64\is-HEP4K.tmp	2%	ReversingLabs
C:\Program Files\PerformanceTest\dll_x64\is-LAE8N.tmp	0%	ReversingLabs
C:\Program Files\PerformanceTest\dll_x64\opencv_core460.dll (copy)	0%	ReversingLabs
C:\Program Files\PerformanceTest\dll_x64\opencv_dnn460.dll (copy)	0%	ReversingLabs
C:\Program Files\PerformanceTest\dll_x64\opencv_highgui460.dll (copy)	0%	ReversingLabs
C:\Program Files\PerformanceTest\dll_x64\opencv_imgcodecs460.dll (copy)	0%	ReversingLabs
C:\Program Files\PerformanceTest\dll_x64\opencv_imgproc460.dll (copy)	0%	ReversingLabs
C:\Program Files\PerformanceTest\dstorage.dll (copy)	0%	ReversingLabs
C:\Program Files\PerformanceTest\dstoragecore.dll (copy)	0%	ReversingLabs
C:\Program Files\PerformanceTest\freeglut.dll (copy)	0%	ReversingLabs
C:\Program Files\PerformanceTest\glew32.dll (copy)	0%	ReversingLabs
C:\Program Files\PerformanceTest\glut32.dll (copy)	0%	ReversingLabs
C:\Program Files\PerformanceTest\is-01CL1.tmp	0%	ReversingLabs
C:\Program Files\PerformanceTest\is-03G0A.tmp	0%	ReversingLabs
C:\Program Files\PerformanceTest\is-066PT.tmp	0%	ReversingLabs
C:\Program Files\PerformanceTest\is-0CERA.tmp	0%	ReversingLabs
C:\Program Files\PerformanceTest\is-0ESTF.tmp	0%	ReversingLabs
C:\Program Files\PerformanceTest\is-1N43L.tmp	0%	ReversingLabs
C:\Program Files\PerformanceTest\is-2V8K8.tmp	0%	ReversingLabs
C:\Program Files\PerformanceTest\is-3U9IO.tmp	0%	ReversingLabs
C:\Program Files\PerformanceTest\is-49140.tmp	0%	ReversingLabs
C:\Program Files\PerformanceTest\is-4NP9V.tmp	0%	ReversingLabs
C:\Program Files\PerformanceTest\is-63OP6.tmp	0%	ReversingLabs
C:\Program Files\PerformanceTest\is-6CSRR.tmp	0%	ReversingLabs
C:\Program Files\PerformanceTest\is-6HJTS.tmp	3%	ReversingLabs
C:\Program Files\PerformanceTest\is-6UOM9.tmp	0%	ReversingLabs
C:\Program Files\PerformanceTest\is-7J8R7.tmp	0%	ReversingLabs
C:\Program Files\PerformanceTest\is-7N7GA.tmp	0%	ReversingLabs
C:\Program Files\PerformanceTest\is-87387.tmp	0%	ReversingLabs
C:\Program Files\PerformanceTest\is-8DGTT.tmp	0%	ReversingLabs
C:\Program Files\PerformanceTest\is-BHAC4.tmp	0%	ReversingLabs
C:\Program Files\PerformanceTest\is-C0649.tmp	0%	ReversingLabs
C:\Program Files\PerformanceTest\is-D47EO.tmp	0%	ReversingLabs
C:\Program Files\PerformanceTest\is-E2CO5.tmp	0%	ReversingLabs
C:\Program Files\PerformanceTest\is-GC7AO.tmp	0%	ReversingLabs
C:\Program Files\PerformanceTest\is-GESAC.tmp	0%	ReversingLabs
C:\Program Files\PerformanceTest\is-GJRP5.tmp	0%	ReversingLabs
C:\Program Files\PerformanceTest\is-HBVD3.tmp	0%	ReversingLabs
C:\Program Files\PerformanceTest\is-HOV41.tmp	0%	ReversingLabs
C:\Program Files\PerformanceTest\is-HR90I.tmp	0%	ReversingLabs
C:\Program Files\PerformanceTest\is-ILOMN.tmp	0%	ReversingLabs

Name	IP	Active	Malicious	Antivirus Detection	Reputation
passmark.com	216.146.212.71	true	false		unknown
www.passmark.com	unknown	unknown	false		unknown

Name	Malicious	Reputation
https://www.passmark.com/baselines/V10/modelList.php?key=TRIAL_DAY0&type=hdd	false	unknown
https://www.passmark.com/baselines/V10/modelList.php?key=TRIAL_DAY0&type=gpu	false	unknown
https://www.passmark.com/baselines/V10/modelList.php?key=TRIAL_DAY0&type=cpu	false	unknown
https://www.passmark.com/baselines/V10/modelList.php?key=TRIAL_DAY0&type=ram	false	unknown

Name	Source	Malicious	Reputation
https://jrsoftware.org/ishelp/index.php?topic=setupcmdlineSetupU	petst.exe, 00000000.00000000.44364781501.0000000000401000.00000020.00000001.01000000.00000003.sdmp	false	unknown
https://www.passmark.com/baselines/V11/generate_histdata.php	PerformanceTest64.exe, 00000006.00000003.44940996317.000000000310E000.00000004.00000020.00020000.00000000.sdmp	false	unknown
http://crt.sectigo.com/SectigoPublicTimeStampingCAR36.crt0#	petst.exe, 00000000.00000003.44367667503.000000007FE2F000.00000004.00001000.00020000.00000000.sdmp, petst.exe, 00000000.00000003.44366193671.0000000002A22000.00000004.00001000.00020000.00000000.sdmp	false	unknown
https://www.passmark.com/sales	PerformanceTest64.exe, 00000006.00000000.44907833301.0000000142F3F000.00000002.00000001.01000000.00000008.sdmp	false	unknown
http://crl.sectigo.com/SectigoPublicCodeSigningRootR46.crl0	petst.exe, 00000000.00000003.44367667503.000000007FE2F000.00000004.00001000.00020000.00000000.sdmp, petst.exe, 00000000.00000003.44366193671.0000000002A22000.00000004.00001000.00020000.00000000.sdmp	false	unknown
http://ocsp.sectigo.com0	petst.exe, 00000000.00000003.44367667503.000000007FE2F000.00000004.00001000.00020000.00000000.sdmp, petst.exe, 00000000.00000003.44366193671.0000000002A22000.00000004.00001000.00020000.00000000.sdmp	false	unknown
http://openclipart.org/detail/140179/mustang-500gt-by-rents	PerformanceTest64.exe, 00000006.00000003.44940996317.00000000033EE000.00000004.00000020.00020000.00000000.sdmp	false	unknown
https://www.passmark.com/support/jF	PerformanceTest64.exe, 00000006.00000003.44924228344.0000000002289000.00000004.00000020.00020000.00000000.sdmp, PerformanceTest64.exe, 00000006.00000003.44922223379.0000000002262000.00000004.00000020.00020000.00000000.sdmp	false	unknown
https://www.cpubenchmark.net;	PerformanceTest64.exe, 00000006.00000003.44935228125.0000000002352000.00000004.00000020.00020000.00000000.sdmp	false	unknown
http://sozi.baierouge.fr	PerformanceTest64.exe, 00000006.00000003.44940996317.00000000033EE000.00000004.00000020.00020000.00000000.sdmp	false	unknown
http://crt.sectigo.com/SectigoPublicCodeSigningRootR46.p7c0#	petst.exe, 00000000.00000003.44367667503.000000007FE2F000.00000004.00001000.00020000.00000000.sdmp, petst.exe, 00000000.00000003.44366193671.0000000002A22000.00000004.00001000.00020000.00000000.sdmp	false	unknown
https://www.passmark.comq	PerformanceTest64.exe, 00000006.00000003.44922047096.000000000063C000.00000004.00000020.00020000.00000000.sdmp, PerformanceTest64.exe, 00000006.00000003.44920179311.0000000000601000.00000004.00000020.00020000.00000000.sdmp, PerformanceTest64.exe, 00000006.00000003.44923262705.0000000000645000.00000004.00000020.00020000.00000000.sdmp, PerformanceTest64.exe, 00000006.00000003.44922138250.0000000000643000.00000004.00000020.00020000.00000000.sdmp	false	unknown
https://www.passmark.com/manage_services.phphttps://www.passmark.com/mybaselines/ADV_DBBENCHMARK_RES	PerformanceTest64.exe, 00000006.00000003.44940996317.000000000310E000.00000004.00000020.00020000.00000000.sdmp	false	unknown
http://openclipart.org/	PerformanceTest64.exe, 00000006.00000003.44940996317.00000000033EE000.00000004.00000020.00020000.00000000.sdmp	false	unknown
https://http://HTTP/1.0HttpSendRequestThread	PerformanceTest64.exe, 00000006.00000003.44940996317.000000000310E000.00000004.00000020.00020000.00000000.sdmp	false	unknown
https://openclipart.org/detail/188361/a-10-thunderbolt-by-charner1963-188361	PerformanceTest64.exe, 00000006.00000003.44940996317.00000000033EE000.00000004.00000020.00020000.00000000.sdmp	false	unknown
https://www.passmark.com/baselines/V10/modelList.php	PerformanceTest64.exe, 00000006.00000003.44940996317.000000000310E000.00000004.00000020.00020000.00000000.sdmp	false	unknown
https://www.passmark.com/support/~	PerformanceTest64.exe, 00000006.00000003.44934144215.000000000064C000.00000004.00000020.00020000.00000000.sdmp, PerformanceTest64.exe, 00000006.00000003.44931596526.0000000000633000.00000004.00000020.00020000.00000000.sdmp, PerformanceTest64.exe, 00000006.00000003.44929614931.0000000000600000.00000004.00000020.00020000.00000000.sdmp, PerformanceTest64.exe, 00000006.00000003.44930463816.0000000000606000.00000004.00000020.00020000.00000000.sdmp, PerformanceTest64.exe, 00000006.00000003.44930631441.0000000000623000.00000004.00000020.00020000.00000000.sdmp	false	unknown
http://creativecommons.org/ns#DerivativeWorks	PerformanceTest64.exe, 00000006.00000003.44940996317.00000000033EE000.00000004.00000020.00020000.00000000.sdmp	false	unknown
http://crl.sectigo.com/SectigoPublicTimeStampingRootR46.crl0	petst.exe, 00000000.00000003.44367667503.000000007FE2F000.00000004.00001000.00020000.00000000.sdmp, petst.exe, 00000000.00000003.44366193671.0000000002A22000.00000004.00001000.00020000.00000000.sdmp	false	unknown
https://www.passmark.com/baselines/V11/display.php?id=%d%05d6#%lld.ptx8open1Copyhttps://www.passmark	PerformanceTest64.exe, 00000006.00000003.44940996317.000000000310E000.00000004.00000020.00020000.00000000.sdmp	false	unknown
https://www.passmark.com/checkversion/keytoapi.phpa=%shttps://www.passmark.com/checkversion/validate	PerformanceTest64.exe, 00000006.00000003.44940996317.0000000002B95000.00000004.00000020.00020000.00000000.sdmp, PerformanceTest64.exe, 00000006.00000000.44906865086.000000014055C000.00000002.00000001.01000000.00000008.sdmp	false	unknown
http://creativecommons.org/ns#Distribution	PerformanceTest64.exe, 00000006.00000003.44940996317.00000000033EE000.00000004.00000020.00020000.00000000.sdmp	false	unknown
https://www.passmark.com/support/	PerformanceTest64.exe, 00000006.00000003.44924228344.0000000002289000.00000004.00000020.00020000.00000000.sdmp, PerformanceTest64.exe, 00000006.00000003.44931596526.0000000000633000.00000004.00000020.00020000.00000000.sdmp, PerformanceTest64.exe, 00000006.00000003.44924981661.0000000002263000.00000004.00000020.00020000.00000000.sdmp, PerformanceTest64.exe, 00000006.00000003.44929614931.0000000000600000.00000004.00000020.00020000.00000000.sdmp, PerformanceTest64.exe, 00000006.00000003.44922223379.0000000002262000.00000004.00000020.00020000.00000000.sdmp, PerformanceTest64.exe, 00000006.00000003.44930463816.0000000000606000.00000004.00000020.00020000.00000000.sdmp, PerformanceTest64.exe, 00000006.00000003.44930631441.0000000000623000.00000004.00000020.00020000.00000000.sdmp, PerformanceTest64.exe, 00000006.00000000.44907833301.0000000142F3F000.00000002.00000001.01000000.00000008.sdmp, PerformanceTest64.exe, 00000006.00000003.44925702619.000000000226B000.00000004.00000020.00020000.00000000.sdmp	false	unknown
https://www.passmark.com	PerformanceTest64.exe, 00000006.00000000.44907833301.0000000142F3F000.00000002.00000001.01000000.00000008.sdmp	false	unknown
https://www.passmark.com/AhI	petst.exe, 00000000.00000003.44933747576.0000000002496000.00000004.00001000.00020000.00000000.sdmp	false	unknown
https://www.remobjects.com/ps	petst.exe, 00000000.00000003.44367667503.000000007FB7B000.00000004.00001000.00020000.00000000.sdmp, petst.exe, 00000000.00000003.44366193671.0000000002950000.00000004.00001000.00020000.00000000.sdmp, petst.tmp, 00000002.00000000.44370223318.0000000000401000.00000020.00000001.01000000.00000004.sdmp	false	unknown
https://www.innosetup.com/	petst.exe, 00000000.00000003.44367667503.000000007FB7B000.00000004.00001000.00020000.00000000.sdmp, petst.exe, 00000000.00000003.44366193671.0000000002950000.00000004.00001000.00020000.00000000.sdmp, petst.tmp, 00000002.00000000.44370223318.0000000000401000.00000020.00000001.01000000.00000004.sdmp	false	unknown
https://www.passmark.com/newuser.phphttps://www.passmark.com/manage_services.phphttps://www.passmark	PerformanceTest64.exe, 00000006.00000003.44940996317.000000000310E000.00000004.00000020.00020000.00000000.sdmp	false	unknown
https://www.passmark.com/support	PerformanceTest64.exe, 00000006.00000003.44920179311.0000000000601000.00000004.00000020.00020000.00000000.sdmp, PerformanceTest64.exe, 00000006.00000000.44907833301.0000000142F3F000.00000002.00000001.01000000.00000008.sdmp	false	unknown
https://www.passmark.com/salesz	PerformanceTest64.exe, 00000006.00000003.44931363172.0000000002440000.00000004.00000020.00020000.00000000.sdmp	false	unknown
https://www.passmark.com/support/b	PerformanceTest64.exe, 00000006.00000003.44934144215.000000000064C000.00000004.00000020.00020000.00000000.sdmp, PerformanceTest64.exe, 00000006.00000003.44931596526.0000000000633000.00000004.00000020.00020000.00000000.sdmp, PerformanceTest64.exe, 00000006.00000003.44929614931.0000000000600000.00000004.00000020.00020000.00000000.sdmp, PerformanceTest64.exe, 00000006.00000003.44930463816.0000000000606000.00000004.00000020.00020000.00000000.sdmp, PerformanceTest64.exe, 00000006.00000003.44930631441.0000000000623000.00000004.00000020.00020000.00000000.sdmp	false	unknown
https://www.passmark.com/baselines/V11/upload.php%d%05duserFile=&DEBUG&apikey=DebugLogSuccessDEBUG:	PerformanceTest64.exe, 00000006.00000003.44940996317.000000000310E000.00000004.00000020.00020000.00000000.sdmp	false	unknown
https://www.passmark.com/baselinesyCould	PerformanceTest64.exe, 00000006.00000000.44907833301.0000000142F3F000.00000002.00000001.01000000.00000008.sdmp	false	unknown
https://www.passmark.com/support/XE	PerformanceTest64.exe, 00000006.00000003.44924228344.0000000002289000.00000004.00000020.00020000.00000000.sdmp, PerformanceTest64.exe, 00000006.00000003.44922223379.0000000002262000.00000004.00000020.00020000.00000000.sdmp	false	unknown
https://www.passmark.com/baselines/V10/archive/%s%d/%d%S.ziphttps://www.passmark.com/baselines/V9/ar	PerformanceTest64.exe, 00000006.00000003.44940996317.000000000310E000.00000004.00000020.00020000.00000000.sdmp	false	unknown
http://crt.sectigo.com/SectigoPublicTimeStampingRootR46.p7c0#	petst.exe, 00000000.00000003.44367667503.000000007FE2F000.00000004.00001000.00020000.00000000.sdmp, petst.exe, 00000000.00000003.44366193671.0000000002A22000.00000004.00001000.00020000.00000000.sdmp	false	unknown
https://www.passmark.com/baselines/V11/display.php?id=	PerformanceTest64.exe, 00000006.00000000.44907833301.0000000142F3F000.00000002.00000001.01000000.00000008.sdmp	false	unknown
https://sectigo.com/CPS0	petst.exe, 00000000.00000003.44367667503.000000007FE2F000.00000004.00001000.00020000.00000000.sdmp, petst.exe, 00000000.00000003.44366193671.0000000002A22000.00000004.00001000.00020000.00000000.sdmp	false	unknown
https://www.passmark.com/support/T	PerformanceTest64.exe, 00000006.00000003.44934144215.000000000064C000.00000004.00000020.00020000.00000000.sdmp, PerformanceTest64.exe, 00000006.00000003.44931596526.0000000000633000.00000004.00000020.00020000.00000000.sdmp, PerformanceTest64.exe, 00000006.00000003.44929614931.0000000000600000.00000004.00000020.00020000.00000000.sdmp, PerformanceTest64.exe, 00000006.00000003.44930463816.0000000000606000.00000004.00000020.00020000.00000000.sdmp, PerformanceTest64.exe, 00000006.00000003.44930631441.0000000000623000.00000004.00000020.00020000.00000000.sdmp	false	unknown
https://www.cpubenchmark.netz	PerformanceTest64.exe, 00000006.00000003.44925786973.000000000232E000.00000004.00000020.00020000.00000000.sdmp, PerformanceTest64.exe, 00000006.00000003.44920045860.0000000002312000.00000004.00000020.00020000.00000000.sdmp	false	unknown
https://www.passmark.com/baselines/V10/upload-v1031000.php%s	PerformanceTest64.exe, 00000006.00000003.44940996317.000000000310E000.00000004.00000020.00020000.00000000.sdmp	false	unknown
https://www.passmark.com/support/lF	PerformanceTest64.exe, 00000006.00000003.44924228344.0000000002289000.00000004.00000020.00020000.00000000.sdmp, PerformanceTest64.exe, 00000006.00000003.44922223379.0000000002262000.00000004.00000020.00020000.00000000.sdmp	false	unknown
http://crt.sectigo.com/SectigoPublicCodeSigningCAR36.crt0#	petst.exe, 00000000.00000003.44367667503.000000007FE2F000.00000004.00001000.00020000.00000000.sdmp, petst.exe, 00000000.00000003.44366193671.0000000002A22000.00000004.00001000.00020000.00000000.sdmp	false	unknown
http://iptc.org/std/Iptc4xmpCore/1.0/xmlns/	PerformanceTest64.exe, 00000006.00000000.44907833301.0000000142F3F000.00000002.00000001.01000000.00000008.sdmp	false	unknown
http://creativecommons.org/licenses/publicdomain/	PerformanceTest64.exe, 00000006.00000003.44940996317.00000000033EE000.00000004.00000020.00020000.00000000.sdmp	false	unknown
https://www.passmark.com/salesY	PerformanceTest64.exe, 00000006.00000003.44931363172.0000000002440000.00000004.00000020.00020000.00000000.sdmp	false	unknown
https://www.passmark.com/https://www.passmark.com/openResultsResultsTemperatureResultsTemperatureRes	PerformanceTest64.exe, 00000006.00000003.44940996317.000000000310E000.00000004.00000020.00020000.00000000.sdmp	false	unknown
https://www.passmark.com/baselines/V11/generate_histdata.php&chartType=&modelId=cacheServerTimeout	PerformanceTest64.exe, 00000006.00000003.44940996317.000000000310E000.00000004.00000020.00020000.00000000.sdmp	false	unknown
https://www.passmark.com/support/keyhelp.htm	PerformanceTest64.exe, 00000006.00000000.44907833301.0000000142F3F000.00000002.00000001.01000000.00000008.sdmp	false	unknown
https://www.passmark.com/salesordering.htmhttps://www.passmark.com/support/keyhelp.htmopenNo	PerformanceTest64.exe, 00000006.00000003.44940996317.000000000310E000.00000004.00000020.00020000.00000000.sdmp	false	unknown
https://www.passmark.com/	petst.exe, 00000000.00000003.44365337848.0000000002950000.00000004.00001000.00020000.00000000.sdmp, petst.exe, 00000000.00000003.44367667503.000000007FE2F000.00000004.00001000.00020000.00000000.sdmp, petst.exe, 00000000.00000003.44366193671.0000000002A22000.00000004.00001000.00020000.00000000.sdmp, petst.tmp, 00000002.00000003.44372501121.0000000002DA0000.00000004.00001000.00020000.00000000.sdmp	false	unknown
https://www.passmark.com/baselines5	PerformanceTest64.exe, 00000006.00000003.44922047096.000000000063C000.00000004.00000020.00020000.00000000.sdmp, PerformanceTest64.exe, 00000006.00000003.44920179311.0000000000601000.00000004.00000020.00020000.00000000.sdmp, PerformanceTest64.exe, 00000006.00000003.44923262705.0000000000645000.00000004.00000020.00020000.00000000.sdmp, PerformanceTest64.exe, 00000006.00000003.44922138250.0000000000643000.00000004.00000020.00020000.00000000.sdmp	false	unknown
http://creativecommons.org/ns#	PerformanceTest64.exe, 00000006.00000003.44940996317.00000000033EE000.00000004.00000020.00020000.00000000.sdmp	false	unknown
https://www.passmark.com/salesJ	PerformanceTest64.exe, 00000006.00000003.44922047096.000000000063C000.00000004.00000020.00020000.00000000.sdmp, PerformanceTest64.exe, 00000006.00000003.44920179311.0000000000601000.00000004.00000020.00020000.00000000.sdmp, PerformanceTest64.exe, 00000006.00000003.44923262705.0000000000645000.00000004.00000020.00020000.00000000.sdmp, PerformanceTest64.exe, 00000006.00000003.44922138250.0000000000643000.00000004.00000020.00020000.00000000.sdmp	false	unknown
https://www.cpubenchmark.netPA	PerformanceTest64.exe, 00000006.00000000.44907833301.0000000142F3F000.00000002.00000001.01000000.00000008.sdmp	false	unknown
https://www.passmark.com/baselines	PerformanceTest64.exe, 00000006.00000003.44922138250.0000000000643000.00000004.00000020.00020000.00000000.sdmp, PerformanceTest64.exe, 00000006.00000000.44907833301.0000000142F3F000.00000002.00000001.01000000.00000008.sdmp	false	unknown
https://www.passmark.com/padfiles/petst.xml	PerformanceTest64.exe, 00000006.00000003.44940996317.000000000310E000.00000004.00000020.00020000.00000000.sdmp	false	unknown
https://www.cpubenchmark.netopenhttps://www.passmark.com/baselinesPerformanceTest%0.1fthstndrdth%d%s	PerformanceTest64.exe, 00000006.00000003.44940996317.000000000310E000.00000004.00000020.00020000.00000000.sdmp	false	unknown
http://crl.sectigo.com/SectigoPublicCodeSigningCAR36.crl0y	petst.exe, 00000000.00000003.44367667503.000000007FE2F000.00000004.00001000.00020000.00000000.sdmp, petst.exe, 00000000.00000003.44366193671.0000000002A22000.00000004.00001000.00020000.00000000.sdmp	false	unknown
https://www.passmark.com/support/openDebug:	PerformanceTest64.exe, 00000006.00000003.44940996317.000000000310E000.00000004.00000020.00020000.00000000.sdmp	false	unknown
http://opencv.org/D	petst.tmp, 00000002.00000003.44920361218.0000000005F79000.00000004.00001000.00020000.00000000.sdmp	false	unknown
http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd	PerformanceTest64.exe, 00000006.00000003.44940996317.00000000033EE000.00000004.00000020.00020000.00000000.sdmp	false	unknown
https://www.passmark.com/mybaselines/openhttps://www.passmark.com/mybaselines/https://www.passmark.c	PerformanceTest64.exe, 00000006.00000003.44940996317.000000000310E000.00000004.00000020.00020000.00000000.sdmp	false	unknown
https://www.cpubenchmark.net_	PerformanceTest64.exe, 00000006.00000003.44935228125.0000000002352000.00000004.00000020.00020000.00000000.sdmp	false	unknown
http://crl.sectigo.com/SectigoPublicTimeStampingCAR36.crl0z	petst.exe, 00000000.00000003.44367667503.000000007FE2F000.00000004.00001000.00020000.00000000.sdmp, petst.exe, 00000000.00000003.44366193671.0000000002A22000.00000004.00001000.00020000.00000000.sdmp	false	unknown
https://www.passmark.com/baselinessts:_	PerformanceTest64.exe, 00000006.00000003.44931363172.0000000002440000.00000004.00000020.00020000.00000000.sdmp	false	unknown
https://www.passmark.com/baselinescorrect	PerformanceTest64.exe, 00000006.00000003.44931363172.0000000002440000.00000004.00000020.00020000.00000000.sdmp	false	unknown
https://www.passmark.com/sales/upgradeopenArialx:	PerformanceTest64.exe, 00000006.00000003.44940996317.000000000310E000.00000004.00000020.00020000.00000000.sdmp	false	unknown
http://creativecommons.org/ns#Reproduction	PerformanceTest64.exe, 00000006.00000003.44940996317.00000000033EE000.00000004.00000020.00020000.00000000.sdmp	false	unknown
https://www.passmark.com/sales/upgrade	PerformanceTest64.exe, 00000006.00000000.44907833301.0000000142F3F000.00000002.00000001.01000000.00000008.sdmp	false	unknown
https://www.cpubenchmark.net	PerformanceTest64.exe, 00000006.00000003.44935228125.0000000002352000.00000004.00000020.00020000.00000000.sdmp, PerformanceTest64.exe, 00000006.00000003.44920045860.0000000002312000.00000004.00000020.00020000.00000000.sdmp	false	unknown
https://www.passmark.com/support/keyhelp.htmNoise	PerformanceTest64.exe, 00000006.00000003.44940996317.000000000310E000.00000004.00000020.00020000.00000000.sdmp	false	unknown
http://www.inkscape.org/namespaces/inkscape	PerformanceTest64.exe, 00000006.00000003.44940996317.00000000033EE000.00000004.00000020.00020000.00000000.sdmp	false	unknown
https://www.passmark.com/checkversion/index.phpa=%d&v=%d&k=%sresult=trueIBLK	PerformanceTest64.exe, 00000006.00000003.44940996317.000000000310E000.00000004.00000020.00020000.00000000.sdmp	false	unknown

Joe Sandbox version:	41.0.0 Charoite
Analysis ID:	1524335
Start date and time:	2024-10-02 17:46:44 +02:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 13m 18s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	default.jbs
Analysis system description:	Windows 10 64 bit 20H2 Native physical Machine for testing VM-aware malware (Office 2019, Chrome 128, Firefox 91, Adobe Reader DC 21, Java 8 Update 301
Run name:	Suspected VM Detection
Number of analysed new started processes analysed:	8
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Sample name:	petst.exe
Detection:	SUS
Classification:	sus38.spyw.evad.winEXE@8/681@1/1
EGA Information:	Successful, ratio: 100%
HCA Information:	Successful, ratio: 88% Number of executed functions: 3 Number of non-executed functions: 0
Cookbook Comments:	Found application associated with file extension: .exe Override analysis time to 240000 for current running targets taking high CPU consumption

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link	Context
PAIR-NETWORKSUS	http://www.thailand-villas.com/img/destinations/tw/	Get hash	malicious	Unknown	Browse	216.92.148.24
	https://www.gbt-inc.com/	Get hash	malicious	Unknown	Browse	65.181.135.198
	firmware.armv4l.elf	Get hash	malicious	Unknown	Browse	66.39.106.222
	arm7.elf	Get hash	malicious	Mirai	Browse	216.93.93.67
	Yg4Sqy06Al.exe	Get hash	malicious	FormBook	Browse	65.181.132.188
	mirai.arm7.elf	Get hash	malicious	Mirai	Browse	65.181.178.8
	OPEN BALANCE.exe	Get hash	malicious	FormBook	Browse	65.181.134.177
	file.exe	Get hash	malicious	FormBook, PureLog Stealer	Browse	65.181.132.188
	statment-document.scr.exe	Get hash	malicious	FormBook, PureLog Stealer	Browse	216.92.3.120
	https://softworldinc.wpengine.com	Get hash	malicious	Unknown	Browse	216.92.222.31

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link	Context
37f463bf4616ecd445d4a1937da06e19	66fb252fe232b_Patksl.exe	Get hash	malicious	LummaC, PrivateLoader, Stealc, Vidar	Browse	216.146.212.71
	file.exe	Get hash	malicious	LummaC, Stealc, Vidar	Browse	216.146.212.71
	lFsYXvJPWw.exe	Get hash	malicious	XRed	Browse	216.146.212.71
	file.exe	Get hash	malicious	LummaC, PrivateLoader, Stealc, Vidar	Browse	216.146.212.71
	563299efce875400a8d9b44b96597c8e-sample (1).zip	Get hash	malicious	Unknown	Browse	216.146.212.71
	file.exe	Get hash	malicious	LummaC, PrivateLoader, Stealc, Vidar	Browse	216.146.212.71
	PERMINTAAN ANGGARAN (Universitas IPB) ID177888#U00b7pdf.vbs	Get hash	malicious	GuLoader, Lokibot	Browse	216.146.212.71
	AMG Cargo Logistic.docx	Get hash	malicious	Unknown	Browse	216.146.212.71
	Cn3E2Kp2LP.exe	Get hash	malicious	CobaltStrike	Browse	216.146.212.71
	Cn3E2Kp2LP.exe	Get hash	malicious	CobaltStrike	Browse	216.146.212.71

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link
C:\Program Files\PerformanceTest\D3DCompiler_43.dll (copy)	SecuriteInfo.com.Win32.Trojan-Downloader.Generic.XVN7C1.21480.14818.exe	Get hash	malicious	Unknown	Browse
	SecuriteInfo.com.Win32.Trojan-Downloader.Generic.XVN7C1.21480.14818.exe	Get hash	malicious	Unknown	Browse
	HDKuOe.exe	Get hash	malicious	Unknown	Browse
	HDKuOe.exe	Get hash	malicious	Unknown	Browse
	#U7968#U6613#U901a#U7edf#U4e00#U5ba2#U6237#U7aef_5.6.6.0513.exe	Get hash	malicious	Unknown	Browse
	LisectAVT_2403002A_314.exe	Get hash	malicious	Unknown	Browse
	SecuriteInfo.com.FileRepPup.20032.2399.exe	Get hash	malicious	Unknown	Browse
	file.exe	Get hash	malicious	LummaC, SmokeLoader	Browse
	file.exe	Get hash	malicious	SmokeLoader	Browse
	file.exe	Get hash	malicious	LummaC, SmokeLoader	Browse

Process:	C:\Users\user\AppData\Local\Temp\is-8M1N8.tmp\petst.tmp
File Type:	ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	9503
Entropy (8bit):	4.817152255534874
Encrypted:	false
SSDEEP:	192:YdsIAUalucu/855IAUaXCuNgu+eByIAUaJavkOKRB2IAUaUjuKB:YdsIAUalucu/K5IAUaXCuNgu+eByIAUG
MD5:	6789508AEDA31B044EA3C726D58E159A
SHA1:	0F9B23610EAE435EE785C0302424CE346CDA1CEE
SHA-256:	8199C235AE6003EF5FF7F8D32709B6E4A44ACBBA187D7B3F3F45981A1E1635A7
SHA-512:	D012DB35E8594B6F6383F5FF2C2ABA5FDC228FB616FF99C972025F8E80D31707F93A2FA8B836C56E71075A146C603FD9AF6FBFAC7EBBF0B2BF479D43AC3341AC
Malicious:	false
Reputation:	low
Preview:	/.. Copyright 1993-2010 NVIDIA Corporation. All rights reserved... .. Please refer to the NVIDIA end user license agreement (EULA) associated.. * with this source code for terms and conditions that govern your use of.. * this software. Any use, reproduction, disclosure, or distribution of.. * this software and related documentation outside the terms of the EULA.. * is strictly prohibited... .. /....#define LOCAL_SIZE_LIMIT 512U....inline void ComparatorPrivate(.. uint keyA,.. uint valA,.. uint keyB,.. uint valB,.. uint dir..){.. if( (keyA > keyB) == dir ){.. uint t;.. t = keyA; keyA = keyB; keyB = t;.. t = valA; valA = valB; valB = t;.. }..}....inline void ComparatorLocal(.. __local uint keyA,.. __local uint valA,.. __local uint keyB,.. __local uint valB,.. uint dir..){.. if( (keyA > keyB) == dir ){.. uint t;.. t = keyA; keyA = keyB; keyB = t;.. t = valA; valA = valB; v

Process:	C:\Program Files\PerformanceTest\PerformanceTest64.exe
File Type:	CSV text
Category:	dropped
Size (bytes):	959396
Entropy (8bit):	5.121578800944886
Encrypted:	false
SSDEEP:
MD5:	E719EE0E1BA26E83958F5F855845F596
SHA1:	351E8436850AE436252AE42A57A8298EBFA05C18
SHA-256:	3012FFE83633B02D51BEEEBD24C268AB08685DF00C2BD035E407616AF367B79B
SHA-512:	BC7C36EA06DDE595FCD2D406C0BEBF8ABF82940E226700689926B6ED5AB0A72E3C05C5B4F657C591712F59B76F72841335B00FE59991D357E74C389489FB8C2B
Malicious:	false
Preview:	"AMD Ryzen 5 3600 6-Core Processor",3481,"AMD Ryzen 5 3600",AuthenticAMD,23,113,,,AM4,3600,4200,6,2,65,1,1561528800."AMD Ryzen 5 5600X 6-Core Processor",3859,"AMD Ryzen 5 5600X",AuthenticAMD,25,33,,,AM4,3700,4600,6,2,65,1,1603173600."AMD Ryzen 9 5900X 12-Core Processor",3870,"AMD Ryzen 9 5900X",AuthenticAMD,25,33,,,AM4,3700,4800,12,2,105,1,1604646000."AMD Ryzen 7 5800X 8-Core Processor",3869,"AMD Ryzen 7 5800X",AuthenticAMD,25,33,,,AM4,3800,4700,8,2,105,1,1604559600."AMD Ryzen 7 3700X 8-Core Processor",3485,"AMD Ryzen 7 3700X",AuthenticAMD,23,113,,,AM4,3600,4400,8,2,65,1,1561960800."AMD Ryzen 9 5950X 16-Core Processor",3862,"AMD Ryzen 9 5950X",AuthenticAMD,25,33,,,AM4,3400,4900,16,2,105,1,1603605600."AMD Ryzen 9 3900X 12-Core Processor",3493,"AMD Ryzen 9 3900X",AuthenticAMD,23,113,,,AM4,3800,4600,12,2,105,1,1562479200."AMD Ryzen 5 5600G with Radeon Graphics",4325,"AMD Ryzen 5 5600G",AuthenticAMD,25,80,,,AM4,3900,4400,6,2,65,1,1620194400."AMD Ryzen 7 7800X3D 8-Core Processor",5299,"AMD

Process:	C:\Users\user\Desktop\petst.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	3066664
Entropy (8bit):	6.42514483922237
Encrypted:	false
SSDEEP:
MD5:	AB942603C465178E12D15C75401CD965
SHA1:	DE3ECE0B30ABB36B6BB7B1704607BE60F55C22CA
SHA-256:	44E243948D08EFF80E8CC089DEEDDE42CAD2740377DA10AC05E40704C84A09A6
SHA-512:	99188B0A8101A524FB68158D6D901A6F1EA764D289EE2F75B1228C8E8BAFFE7DC9E6A7CDB19083890E8F3A7DA726299A0820EFB3031101E7F50CE00FFF55A249
Malicious:	false
Preview:	MZP.....................@.......................InUn....................!..L.!..This program must be run under Win32..$7........................................................................................................................................PE..L...et~f.......................................@..........................p/......./...@......@...................P,.n.....,.j:....,.................(+...................................p,.......................,......@,.(....................text............................. ..`.itext..$.......0................. ..`.data................*.............@....bss.....\|....+..........................idata..j:....,..<...f+.............@....didata.(....@,.......+.............@....edata..n....P,.......+.............@..@.tls....X....`,..........................rdata..]....p,.......+.............@..@.rsrc.........,.......+.............@..@.............`0......./.............@..@........................................................

Entrypoint:	0x4a83bc
Entrypoint Section:	.itext
Digitally signed:	true
Imagebase:	0x400000
Subsystem:	windows gui
Image File Characteristics:	RELOCS_STRIPPED, EXECUTABLE_IMAGE, 32BIT_MACHINE
DLL Characteristics:	DYNAMIC_BASE, NX_COMPAT, TERMINAL_SERVER_AWARE
Time Stamp:	0x667E7465 [Fri Jun 28 08:29:25 2024 UTC]
TLS Callbacks:
CLR (.Net) Version:
OS Version Major:	6
OS Version Minor:	1
File Version Major:	6
File Version Minor:	1
Subsystem Version Major:	6
Subsystem Version Minor:	1
Import Hash:	40ab50289f7ef5fae60801f88d4541fc

Signature Valid:	true
Signature Issuer:	CN=Sectigo Public Code Signing CA EV R36, O=Sectigo Limited, C=GB
Signature Validation Error:	The operation completed successfully
Error Number:	0
Not Before, Not After	18/01/2024 01:00:00 18/01/2027 00:59:59
Subject Chain	CN=PassMark Software Pty Ltd, O=PassMark Software Pty Ltd, S=New South Wales, C=AU, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.3=AU, SERIALNUMBER=49 099 321 392
Version:	3
Thumbprint MD5:	4EE5D5A5EBA3452FAFF2CE1106FD1342
Thumbprint SHA-1:	D5F610256B2389222A83893D3360DAC4BD0ADC16
Thumbprint SHA-256:	44E351B70CE20EF3A95D0410E299DC31AAD27CE2698FF216C3738573DB6EA8C4
Serial:	00988B27911AF5C9AC0EBC4E3F1240DACD

Name	Virtual Address	Virtual Size	Is in Section
IMAGE_DIRECTORY_ENTRY_EXPORT	0xb7000	0x71	.edata
IMAGE_DIRECTORY_ENTRY_IMPORT	0xb5000	0xfec	.idata
IMAGE_DIRECTORY_ENTRY_RESOURCE	0xba000	0x9498	.rsrc
IMAGE_DIRECTORY_ENTRY_EXCEPTION	0x0	0x0
IMAGE_DIRECTORY_ENTRY_SECURITY	0x4f25c08	0x2ef8
IMAGE_DIRECTORY_ENTRY_BASERELOC	0x0	0x0
IMAGE_DIRECTORY_ENTRY_DEBUG	0x0	0x0
IMAGE_DIRECTORY_ENTRY_COPYRIGHT	0x0	0x0
IMAGE_DIRECTORY_ENTRY_GLOBALPTR	0x0	0x0
IMAGE_DIRECTORY_ENTRY_TLS	0xb9000	0x18	.rdata
IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG	0x0	0x0
IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT	0x0	0x0
IMAGE_DIRECTORY_ENTRY_IAT	0xb52d4	0x25c	.idata
IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT	0xb6000	0x1a4	.didata
IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR	0x0	0x0
IMAGE_DIRECTORY_ENTRY_RESERVED	0x0	0x0

Name	Virtual Address	Virtual Size	Raw Size	MD5	Xored PE	ZLIB Complexity	File Type	Entropy	Characteristics
.text	0x1000	0xa568c	0xa5800	b889d302f6fc48a904de33d8d947ae80	False	0.3620185045317221	data	6.377190161826806	IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
.itext	0xa7000	0x1b64	0x1c00	588dd0a8ab499300d3701cbd11b017d9	False	0.548828125	data	6.109264411030635	IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
.data	0xa9000	0x3838	0x3a00	5c0c76e77aef52ebc6702430837ccb6e	False	0.35338092672413796	data	4.95916338709992	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
.bss	0xad000	0x7258	0x0	d41d8cd98f00b204e9800998ecf8427e	False	0	empty	0.0	IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
.idata	0xb5000	0xfec	0x1000	627340dff539ef99048969aa4824fb2d	False	0.380615234375	data	5.020404933181373	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
.didata	0xb6000	0x1a4	0x200	fd11c1109737963cc6cb7258063abfd6	False	0.34765625	data	2.729290535217263	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
.edata	0xb7000	0x71	0x200	7de8ca0c7a61668a728fd3a88dc0942d	False	0.1796875	data	1.305578535725827	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
.tls	0xb8000	0x18	0x0	d41d8cd98f00b204e9800998ecf8427e	False	0	empty	0.0	IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
.rdata	0xb9000	0x5d	0x200	d84006640084dc9f74a07c2ff9c7d656	False	0.189453125	data	1.3892750148744617	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
.rsrc	0xba000	0x9498	0x9600	1584da664a97722e9955568f7d55b32b	False	0.39091145833333335	data	5.486635315680033	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ

Name	RVA	Size	Type	Language	Country	ZLIB Complexity
RT_ICON	0xba5b8	0x668	Device independent bitmap graphic, 48 x 96 x 4, image size 1152, 16 important colors	English	United States	0.2969512195121951
RT_ICON	0xbac20	0x2e8	Device independent bitmap graphic, 32 x 64 x 4, image size 0	English	United States	0.4475806451612903
RT_ICON	0xbaf08	0x128	Device independent bitmap graphic, 16 x 32 x 4, image size 0	English	United States	0.5675675675675675
RT_ICON	0xbb030	0x12e0	PNG image data, 256 x 256, 8-bit/color RGB, non-interlaced	English	United States	0.9809602649006622
RT_ICON	0xbc310	0xbfb	PNG image data, 128 x 128, 8-bit/color RGB, non-interlaced	English	United States	0.9853276817737202
RT_ICON	0xbcf0c	0x1ca8	Device independent bitmap graphic, 48 x 96 x 24, image size 6912	English	United States	0.09187568157033806
RT_ICON	0xbebb4	0xca8	Device independent bitmap graphic, 32 x 64 x 24, image size 0	English	United States	0.1398148148148148
RT_ICON	0xbf85c	0x748	Device independent bitmap graphic, 24 x 48 x 24, image size 0	English	United States	0.1432403433476395
RT_ICON	0xbffa4	0x368	Device independent bitmap graphic, 16 x 32 x 24, image size 0	English	United States	0.21444954128440366
RT_STRING	0xc030c	0x3f8	data			0.3198818897637795
RT_STRING	0xc0704	0x2dc	data			0.36475409836065575
RT_STRING	0xc09e0	0x430	data			0.40578358208955223
RT_STRING	0xc0e10	0x44c	data			0.38636363636363635
RT_STRING	0xc125c	0x2d4	data			0.39226519337016574
RT_STRING	0xc1530	0xb8	data			0.6467391304347826
RT_STRING	0xc15e8	0x9c	data			0.6410256410256411
RT_STRING	0xc1684	0x374	data			0.4230769230769231
RT_STRING	0xc19f8	0x398	data			0.3358695652173913
RT_STRING	0xc1d90	0x368	data			0.3795871559633027
RT_STRING	0xc20f8	0x2a4	data			0.4275147928994083
RT_RCDATA	0xc239c	0x10	data			1.5
RT_RCDATA	0xc23ac	0x310	data			0.6173469387755102
RT_RCDATA	0xc26bc	0x2c	data			1.25
RT_GROUP_ICON	0xc26e8	0x84	data	English	United States	0.7272727272727273
RT_VERSION	0xc276c	0x584	data	English	United States	0.29745042492917845
RT_MANIFEST	0xc2cf0	0x7a8	XML 1.0 document, ASCII text, with CRLF line terminators	English	United States	0.3377551020408163

DLL	Import
kernel32.dll	GetACP, GetExitCodeProcess, CloseHandle, LocalFree, SizeofResource, VirtualProtect, QueryPerformanceFrequency, VirtualFree, GetFullPathNameW, GetProcessHeap, ExitProcess, HeapAlloc, GetCPInfoExW, RtlUnwind, GetCPInfo, GetStdHandle, GetModuleHandleW, FreeLibrary, HeapDestroy, ReadFile, CreateProcessW, GetLastError, GetModuleFileNameW, SetLastError, FindResourceW, CreateThread, CompareStringW, LoadLibraryA, ResetEvent, GetVolumeInformationW, GetVersion, GetDriveTypeW, RaiseException, FormatMessageW, SwitchToThread, GetExitCodeThread, GetCurrentThread, LoadLibraryExW, LockResource, GetCurrentThreadId, UnhandledExceptionFilter, VirtualQuery, VirtualQueryEx, Sleep, EnterCriticalSection, SetFilePointer, LoadResource, SuspendThread, GetTickCount, GetFileSize, GetStartupInfoW, GetFileAttributesW, InitializeCriticalSection, GetSystemWindowsDirectoryW, GetThreadPriority, SetThreadPriority, GetCurrentProcess, VirtualAlloc, GetCommandLineW, GetSystemInfo, LeaveCriticalSection, GetProcAddress, ResumeThread, GetVersionExW, VerifyVersionInfoW, HeapCreate, GetWindowsDirectoryW, LCMapStringW, VerSetConditionMask, GetDiskFreeSpaceW, FindFirstFileW, GetUserDefaultUILanguage, lstrlenW, QueryPerformanceCounter, SetEndOfFile, HeapFree, WideCharToMultiByte, FindClose, MultiByteToWideChar, LoadLibraryW, SetEvent, CreateFileW, GetLocaleInfoW, GetSystemDirectoryW, DeleteFileW, GetLocalTime, GetEnvironmentVariableW, WaitForSingleObject, WriteFile, ExitThread, DeleteCriticalSection, TlsGetValue, GetDateFormatW, SetErrorMode, IsValidLocale, TlsSetValue, CreateDirectoryW, GetSystemDefaultUILanguage, EnumCalendarInfoW, LocalAlloc, GetUserDefaultLangID, RemoveDirectoryW, CreateEventW, SetThreadLocale, GetThreadLocale
comctl32.dll	InitCommonControls
user32.dll	CreateWindowExW, TranslateMessage, CharLowerBuffW, CallWindowProcW, CharUpperW, PeekMessageW, GetSystemMetrics, SetWindowLongW, MessageBoxW, DestroyWindow, CharUpperBuffW, CharNextW, MsgWaitForMultipleObjects, LoadStringW, ExitWindowsEx, DispatchMessageW
oleaut32.dll	SysAllocStringLen, SafeArrayPtrOfIndex, VariantCopy, SafeArrayGetLBound, SafeArrayGetUBound, VariantInit, VariantClear, SysFreeString, SysReAllocStringLen, VariantChangeType, SafeArrayCreate
advapi32.dll	ConvertStringSecurityDescriptorToSecurityDescriptorW, OpenThreadToken, AdjustTokenPrivileges, LookupPrivilegeValueW, RegOpenKeyExW, OpenProcessToken, FreeSid, AllocateAndInitializeSid, EqualSid, RegQueryValueExW, GetTokenInformation, ConvertSidToStringSidW, RegCloseKey

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report petst.exe

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Yara Signatures

Sigma Signatures

Suricata Signatures

Joe Sandbox Signatures

Compliance

Networking

System Summary

Data Obfuscation

Persistence and Installation Behavior

Boot Survival

Hooking and other Techniques for Hiding and Protection

Malware Analysis System Evasion

Anti Debugging

HIPS / PFW / Operating System Protection Evasion

Language, Device and Operating System Detection

Stealing of Sensitive Information

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

World Map of Contacted IPs

Public IPs

General Information

Warnings

Simulations

Behavior and APIs

Joe Sandbox View / Context

IPs

Domains

ASNs

JA3 Fingerprints

Dropped Files

Created / dropped Files

C:\Program Files\PerformanceTest\BitonicSort_b.cl (copy)

C:\Program Files\PerformanceTest\D3DCompiler_43.dll (copy)

C:\Program Files\PerformanceTest\DirectIo64.sys (copy)

C:\Program Files\PerformanceTest\DirectIo64_legacy.sys (copy)

C:\Program Files\PerformanceTest\Fluid3D.exe (copy)

C:\Program Files\PerformanceTest\MSVCP140.dll (copy)

C:\Program Files\PerformanceTest\Mandel.exe (copy)

C:\Program Files\PerformanceTest\Media\Skybox\StarColours.jpg (copy)

C:\Program Files\PerformanceTest\Media\Skybox\StarShape1.dds (copy)

C:\Program Files\PerformanceTest\Media\Skybox\is-2O1TD.tmp

C:\Program Files\PerformanceTest\Media\Skybox\is-EA5ON.tmp

C:\Program Files\PerformanceTest\Media\Skybox\is-SBI69.tmp

C:\Program Files\PerformanceTest\Media\Skybox\is-SDGH8.tmp

C:\Program Files\PerformanceTest\Media\Skybox\planet.dds (copy)

C:\Program Files\PerformanceTest\Media\Skybox\planet.sdkmesh (copy)

C:\Program Files\PerformanceTest\Media\SpaceBattle\SF_Battleship-G6-Diffuse_V3.dds (copy)

C:\Program Files\PerformanceTest\Media\SpaceBattle\SF_Battleship-G6-Gloss.dds (copy)

C:\Program Files\PerformanceTest\Media\SpaceBattle\SF_Battleship-G6-Glow.dds (copy)

C:\Program Files\PerformanceTest\Media\SpaceBattle\SF_Battleship-G6-NormalMap.dds (copy)

C:\Program Files\PerformanceTest\Media\SpaceBattle\SF_Battleship-G6-Specular.dds (copy)

C:\Program Files\PerformanceTest\Media\SpaceBattle\SF_Bomber-X4_Diffuse-V2.dds (copy)

C:\Program Files\PerformanceTest\Media\SpaceBattle\SF_Bomber-X4_Gloss.dds (copy)

Windows Analysis Report
petst.exe

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Oct 2, 2024 17:50:03.925343990 CEST	60597	53	192.168.11.20	1.1.1.1
Oct 2, 2024 17:50:04.156950951 CEST	53	60597	1.1.1.1	192.168.11.20

Timestamp	Bytes transferred	Direction	Data
2024-10-02 15:50:04 UTC	193	OUT	GET /baselines/V10/modelList.php?key=TRIAL_DAY0&type=cpu HTTP/1.1 Accept-Encoding: gzip,deflate User-Agent: PerformanceTest - passmark.com Host: www.passmark.com Cache-Control: no-cache
2024-10-02 15:50:04 UTC	314	IN	HTTP/1.1 200 OK Date: Wed, 02 Oct 2024 15:50:04 GMT Server: Apache Upgrade: h2,h2c Connection: Upgrade, close Cache-Control: max-age=86400 Expires: Thu, 03 Oct 2024 15:50:04 GMT Strict-Transport-Security: max-age=600; includeSubDomains Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8
2024-10-02 15:50:04 UTC	7878	IN	Data Raw: 31 31 66 66 38 0d 0a 22 41 4d 44 20 52 79 7a 65 6e 20 35 20 33 36 30 30 20 36 2d 43 6f 72 65 20 50 72 6f 63 65 73 73 6f 72 22 2c 33 34 38 31 2c 22 41 4d 44 20 52 79 7a 65 6e 20 35 20 33 36 30 30 22 2c 41 75 74 68 65 6e 74 69 63 41 4d 44 2c 32 33 2c 31 31 33 2c 2c 2c 41 4d 34 2c 33 36 30 30 2c 34 32 30 30 2c 36 2c 32 2c 36 35 2c 31 2c 31 35 36 31 35 32 38 38 30 30 0a 22 41 4d 44 20 52 79 7a 65 6e 20 35 20 35 36 30 30 58 20 36 2d 43 6f 72 65 20 50 72 6f 63 65 73 73 6f 72 22 2c 33 38 35 39 2c 22 41 4d 44 20 52 79 7a 65 6e 20 35 20 35 36 30 30 58 22 2c 41 75 74 68 65 6e 74 69 63 41 4d 44 2c 32 35 2c 33 33 2c 2c 2c 41 4d 34 2c 33 37 30 30 2c 34 36 30 30 2c 36 2c 32 2c 36 35 2c 31 2c 31 36 30 33 31 37 33 36 30 30 0a 22 41 4d 44 20 52 79 7a 65 6e 20 39 20 35 39 Data Ascii: 11ff8"AMD Ryzen 5 3600 6-Core Processor",3481,"AMD Ryzen 5 3600",AuthenticAMD,23,113,,,AM4,3600,4200,6,2,65,1,1561528800"AMD Ryzen 5 5600X 6-Core Processor",3859,"AMD Ryzen 5 5600X",AuthenticAMD,25,33,,,AM4,3700,4600,6,2,65,1,1603173600"AMD Ryzen 9 59
2024-10-02 15:50:04 UTC	321	IN	Data Raw: 50 72 6f 63 65 73 73 6f 72 22 2c 32 39 38 34 2c 22 41 4d 44 20 52 79 7a 65 6e 20 35 20 31 36 30 30 22 2c 41 75 74 68 65 6e 74 69 63 41 4d 44 2c 32 33 2c 31 2c 31 2c 2c 41 4d 34 2c 33 32 30 30 2c 33 36 30 30 2c 36 2c 32 2c 36 35 2c 31 2c 31 34 39 30 32 34 38 38 30 30 0a 22 49 6e 74 65 6c 28 52 29 20 43 6f 72 65 28 54 4d 29 20 69 35 2d 38 32 35 30 55 20 43 50 55 20 40 20 31 2e 36 30 47 48 7a 22 2c 33 30 34 32 2c 22 49 6e 74 65 6c 20 43 6f 72 65 20 69 35 2d 38 32 35 30 55 20 40 20 31 2e 36 30 47 48 7a 22 2c 47 65 6e 75 69 6e 65 49 6e 74 65 6c 2c 36 2c 31 34 32 2c 31 30 2c 2c 22 20 46 43 2d 42 47 41 31 33 35 36 22 2c 31 36 30 30 2c 33 34 30 30 2c 34 2c 32 2c 31 35 2c 32 2c 31 34 39 38 39 37 35 32 30 30 0a 22 49 6e 74 65 6c 20 43 6f 72 65 20 69 35 2d 38 32 35 Data Ascii: Processor",2984,"AMD Ryzen 5 1600",AuthenticAMD,23,1,1,,AM4,3200,3600,6,2,65,1,1490248800"Intel(R) Core(TM) i5-8250U CPU @ 1.60GHz",3042,"Intel Core i5-8250U @ 1.60GHz",GenuineIntel,6,142,10,," FC-BGA1356",1600,3400,4,2,15,2,1498975200"Intel Core i5-825
2024-10-02 15:50:05 UTC	8192	IN	Data Raw: 6c 2c 36 2c 31 34 32 2c 31 30 2c 2c 22 20 46 43 2d 42 47 41 31 33 35 36 22 2c 31 36 30 30 2c 33 34 30 30 2c 34 2c 32 2c 31 35 2c 32 2c 31 34 39 38 39 37 35 32 30 30 0a 22 49 6e 74 65 6c 28 52 29 20 43 6f 72 65 28 54 4d 29 20 69 37 2d 31 30 37 30 30 4b 20 43 50 55 20 40 20 33 2e 38 30 47 48 7a 22 2c 33 37 33 33 2c 22 49 6e 74 65 6c 20 43 6f 72 65 20 69 37 2d 31 30 37 30 30 4b 20 40 20 33 2e 38 30 47 48 7a 22 2c 47 65 6e 75 69 6e 65 49 6e 74 65 6c 2c 36 2c 31 36 35 2c 35 2c 2c 46 43 4c 47 41 31 32 30 30 2c 33 38 30 30 2c 35 31 30 30 2c 38 2c 32 2c 31 32 35 2c 31 2c 31 35 39 30 30 34 30 38 30 30 0a 22 49 6e 74 65 6c 20 43 6f 72 65 20 69 37 2d 31 30 37 30 30 4b 20 43 50 55 20 40 20 33 2e 38 30 47 48 7a 22 2c 33 37 33 33 2c 22 49 6e 74 65 6c 20 43 6f 72 65 20 Data Ascii: l,6,142,10,," FC-BGA1356",1600,3400,4,2,15,2,1498975200"Intel(R) Core(TM) i7-10700K CPU @ 3.80GHz",3733,"Intel Core i7-10700K @ 3.80GHz",GenuineIntel,6,165,5,,FCLGA1200,3800,5100,8,2,125,1,1590040800"Intel Core i7-10700K CPU @ 3.80GHz",3733,"Intel Core
2024-10-02 15:50:05 UTC	8192	IN	Data Raw: 2c 32 2c 31 32 35 2c 31 2c 31 36 36 36 30 37 32 38 30 30 0a 22 41 4d 44 20 52 79 7a 65 6e 20 35 20 32 36 30 30 58 20 53 69 78 2d 43 6f 72 65 20 50 72 6f 63 65 73 73 6f 72 22 2c 33 32 33 35 2c 22 41 4d 44 20 52 79 7a 65 6e 20 35 20 32 36 30 30 58 22 2c 41 75 74 68 65 6e 74 69 63 41 4d 44 2c 32 33 2c 38 2c 32 2c 2c 41 4d 34 2c 33 36 30 30 2c 34 32 30 30 2c 36 2c 32 2c 39 35 2c 31 2c 31 35 32 33 36 38 35 36 30 30 0a 22 49 6e 74 65 6c 28 52 29 20 43 6f 72 65 28 54 4d 29 20 69 35 2d 31 30 34 30 30 20 43 50 55 20 40 20 32 2e 39 30 47 48 7a 22 2c 33 37 33 37 2c 22 49 6e 74 65 6c 20 43 6f 72 65 20 69 35 2d 31 30 34 30 30 20 40 20 32 2e 39 30 47 48 7a 22 2c 47 65 6e 75 69 6e 65 49 6e 74 65 6c 2c 36 2c 31 36 35 2c 35 2c 2c 46 43 4c 47 41 31 32 30 30 2c 32 39 30 30 Data Ascii: ,2,125,1,1666072800"AMD Ryzen 5 2600X Six-Core Processor",3235,"AMD Ryzen 5 2600X",AuthenticAMD,23,8,2,,AM4,3600,4200,6,2,95,1,1523685600"Intel(R) Core(TM) i5-10400 CPU @ 2.90GHz",3737,"Intel Core i5-10400 @ 2.90GHz",GenuineIntel,6,165,5,,FCLGA1200,2900
2024-10-02 15:50:05 UTC	8192	IN	Data Raw: 49 6e 74 65 6c 20 43 6f 72 65 20 69 37 2d 38 35 36 35 55 20 43 50 55 20 40 20 31 2e 38 30 47 48 7a 22 2c 33 33 30 38 2c 22 49 6e 74 65 6c 20 43 6f 72 65 20 69 37 2d 38 35 36 35 55 20 40 20 31 2e 38 30 47 48 7a 22 2c 47 65 6e 75 69 6e 65 49 6e 74 65 6c 2c 36 2c 31 34 32 2c 31 31 2c 2c 46 43 42 47 41 31 33 35 36 2c 31 38 30 30 2c 34 36 30 30 2c 34 2c 32 2c 31 35 2c 32 2c 31 35 33 34 31 34 30 30 30 30 0a 22 41 4d 44 20 52 79 7a 65 6e 20 37 20 32 37 30 30 20 45 69 67 68 74 2d 43 6f 72 65 20 50 72 6f 63 65 73 73 6f 72 22 2c 33 32 34 30 2c 22 41 4d 44 20 52 79 7a 65 6e 20 37 20 32 37 30 30 22 2c 41 75 74 68 65 6e 74 69 63 41 4d 44 2c 32 33 2c 38 2c 32 2c 2c 41 4d 34 2c 33 32 30 30 2c 34 31 30 30 2c 38 2c 32 2c 36 35 2c 31 2c 31 35 32 34 30 33 31 32 30 30 0a 22 Data Ascii: Intel Core i7-8565U CPU @ 1.80GHz",3308,"Intel Core i7-8565U @ 1.80GHz",GenuineIntel,6,142,11,,FCBGA1356,1800,4600,4,2,15,2,1534140000"AMD Ryzen 7 2700 Eight-Core Processor",3240,"AMD Ryzen 7 2700",AuthenticAMD,23,8,2,,AM4,3200,4100,8,2,65,1,1524031200"
2024-10-02 15:50:05 UTC	8192	IN	Data Raw: 36 2c 32 2c 34 35 2c 32 2c 31 36 37 37 32 32 32 30 30 30 0a 22 31 32 74 68 20 47 65 6e 20 49 6e 74 65 6c 28 52 29 20 43 6f 72 65 28 54 4d 29 20 69 35 2d 31 32 35 30 30 48 22 2c 34 37 35 30 2c 22 49 6e 74 65 6c 20 43 6f 72 65 20 69 35 2d 31 32 35 30 30 48 22 2c 47 65 6e 75 69 6e 65 49 6e 74 65 6c 2c 36 2c 31 35 34 2c 33 2c 2c 46 43 42 47 41 31 37 34 34 2c 32 35 30 30 2c 34 35 30 30 2c 34 2c 32 2c 34 35 2c 32 2c 31 36 34 36 30 33 31 36 30 30 0a 22 31 32 74 68 20 47 65 6e 20 49 6e 74 65 6c 20 43 6f 72 65 20 69 35 2d 31 32 35 30 30 48 22 2c 34 37 35 30 2c 22 49 6e 74 65 6c 20 43 6f 72 65 20 69 35 2d 31 32 35 30 30 48 22 2c 47 65 6e 75 69 6e 65 49 6e 74 65 6c 2c 36 2c 31 35 34 2c 33 2c 2c 46 43 42 47 41 31 37 34 34 2c 32 35 30 30 2c 34 35 30 30 2c 34 2c 32 2c Data Ascii: 6,2,45,2,1677222000"12th Gen Intel(R) Core(TM) i5-12500H",4750,"Intel Core i5-12500H",GenuineIntel,6,154,3,,FCBGA1744,2500,4500,4,2,45,2,1646031600"12th Gen Intel Core i5-12500H",4750,"Intel Core i5-12500H",GenuineIntel,6,154,3,,FCBGA1744,2500,4500,4,2,
2024-10-02 15:50:05 UTC	8192	IN	Data Raw: 41 4d 34 2c 33 36 30 30 2c 33 39 30 30 2c 34 2c 32 2c 36 35 2c 31 2c 31 35 31 37 38 31 34 30 30 30 0a 22 49 6e 74 65 6c 28 52 29 20 43 6f 72 65 28 54 4d 29 20 69 35 2d 39 34 30 30 20 43 50 55 20 40 20 32 2e 39 30 47 48 7a 22 2c 33 34 31 34 2c 22 49 6e 74 65 6c 20 43 6f 72 65 20 69 35 2d 39 34 30 30 20 40 20 32 2e 39 30 47 48 7a 22 2c 47 65 6e 75 69 6e 65 49 6e 74 65 6c 2c 36 2c 31 35 38 2c 31 30 2c 2c 46 43 4c 47 41 31 31 35 31 2d 32 2c 32 39 30 30 2c 34 31 30 30 2c 36 2c 31 2c 36 35 2c 31 2c 31 35 35 32 32 30 31 32 30 30 0a 22 49 6e 74 65 6c 20 43 6f 72 65 20 69 35 2d 39 34 30 30 20 43 50 55 20 40 20 32 2e 39 30 47 48 7a 22 2c 33 34 31 34 2c 22 49 6e 74 65 6c 20 43 6f 72 65 20 69 35 2d 39 34 30 30 20 40 20 32 2e 39 30 47 48 7a 22 2c 47 65 6e 75 69 6e 65 Data Ascii: AM4,3600,3900,4,2,65,1,1517814000"Intel(R) Core(TM) i5-9400 CPU @ 2.90GHz",3414,"Intel Core i5-9400 @ 2.90GHz",GenuineIntel,6,158,10,,FCLGA1151-2,2900,4100,6,1,65,1,1552201200"Intel Core i5-9400 CPU @ 2.90GHz",3414,"Intel Core i5-9400 @ 2.90GHz",Genuine
2024-10-02 15:50:05 UTC	8192	IN	Data Raw: 6e 74 69 63 41 4d 44 2c 32 33 2c 31 31 33 2c 2c 2c 41 4d 34 2c 33 38 30 30 2c 34 35 30 30 2c 36 2c 32 2c 39 35 2c 31 2c 31 35 39 34 34 34 37 32 30 30 0a 22 41 4d 44 20 52 79 7a 65 6e 20 35 20 35 36 32 35 55 20 77 69 74 68 20 52 61 64 65 6f 6e 20 47 72 61 70 68 69 63 73 22 2c 34 37 36 30 2c 22 41 4d 44 20 52 79 7a 65 6e 20 35 20 35 36 32 35 55 22 2c 41 75 74 68 65 6e 74 69 63 41 4d 44 2c 32 35 2c 38 30 2c 2c 2c 46 50 36 2c 32 33 30 30 2c 34 33 30 30 2c 36 2c 32 2c 31 35 2c 32 2c 31 36 34 36 33 37 37 32 30 30 0a 22 41 4d 44 20 52 79 7a 65 6e 20 35 20 37 35 33 30 55 20 77 69 74 68 20 52 61 64 65 6f 6e 20 47 72 61 70 68 69 63 73 22 2c 35 31 32 36 2c 22 41 4d 44 20 52 79 7a 65 6e 20 35 20 37 35 33 30 55 22 2c 41 75 74 68 65 6e 74 69 63 41 4d 44 2c 32 35 2c 38 Data Ascii: nticAMD,23,113,,,AM4,3800,4500,6,2,95,1,1594447200"AMD Ryzen 5 5625U with Radeon Graphics",4760,"AMD Ryzen 5 5625U",AuthenticAMD,25,80,,,FP6,2300,4300,6,2,15,2,1646377200"AMD Ryzen 5 7530U with Radeon Graphics",5126,"AMD Ryzen 5 7530U",AuthenticAMD,25,8
2024-10-02 15:50:05 UTC	8184	IN	Data Raw: 30 38 30 30 0a 22 41 4d 44 20 52 79 7a 65 6e 20 33 20 31 32 30 30 20 51 75 61 64 2d 43 6f 72 65 20 50 72 6f 63 65 73 73 6f 72 22 2c 33 30 32 39 2c 22 41 4d 44 20 52 79 7a 65 6e 20 33 20 31 32 30 30 22 2c 41 75 74 68 65 6e 74 69 63 41 4d 44 2c 32 33 2c 31 2c 31 2c 2c 41 4d 34 2c 33 31 30 30 2c 33 34 30 30 2c 34 2c 31 2c 36 35 2c 31 2c 31 34 39 37 30 37 34 34 30 30 0a 22 49 6e 74 65 6c 28 52 29 20 43 6f 72 65 28 54 4d 29 20 69 35 2d 33 33 32 30 4d 20 43 50 55 20 40 20 32 2e 36 30 47 48 7a 22 2c 38 31 37 2c 22 49 6e 74 65 6c 20 43 6f 72 65 20 69 35 2d 33 33 32 30 4d 20 40 20 32 2e 36 30 47 48 7a 22 2c 47 65 6e 75 69 6e 65 49 6e 74 65 6c 2c 36 2c 35 38 2c 39 2c 2c 42 47 41 31 30 32 33 2c 32 36 30 30 2c 33 33 30 30 2c 32 2c 32 2c 33 35 2c 32 2c 31 33 33 33 39 Data Ascii: 0800"AMD Ryzen 3 1200 Quad-Core Processor",3029,"AMD Ryzen 3 1200",AuthenticAMD,23,1,1,,AM4,3100,3400,4,1,65,1,1497074400"Intel(R) Core(TM) i5-3320M CPU @ 2.60GHz",817,"Intel Core i5-3320M @ 2.60GHz",GenuineIntel,6,58,9,,BGA1023,2600,3300,2,2,35,2,13339
2024-10-02 15:50:05 UTC	8192	IN	Data Raw: 31 33 36 36 2c 32 36 37 30 2c 32 39 33 30 2c 34 2c 32 2c 31 33 30 2c 31 2c 31 32 32 38 30 32 38 34 30 30 0a 22 49 6e 74 65 6c 28 52 29 20 43 6f 72 65 28 54 4d 29 20 69 37 2d 31 30 38 35 30 48 20 43 50 55 20 40 20 32 2e 37 30 47 48 7a 22 2c 33 37 33 34 2c 22 49 6e 74 65 6c 20 43 6f 72 65 20 69 37 2d 31 30 38 35 30 48 20 40 20 32 2e 37 30 47 48 7a 22 2c 47 65 6e 75 69 6e 65 49 6e 74 65 6c 2c 36 2c 31 36 35 2c 32 2c 2c 46 43 42 47 41 31 34 34 30 2c 32 37 30 30 2c 35 31 30 30 2c 36 2c 32 2c 34 35 2c 32 2c 31 35 39 30 31 32 37 32 30 30 0a 22 49 6e 74 65 6c 20 43 6f 72 65 20 69 37 2d 31 30 38 35 30 48 20 43 50 55 20 40 20 32 2e 37 30 47 48 7a 22 2c 33 37 33 34 2c 22 49 6e 74 65 6c 20 43 6f 72 65 20 69 37 2d 31 30 38 35 30 48 20 40 20 32 2e 37 30 47 48 7a 22 2c Data Ascii: 1366,2670,2930,4,2,130,1,1228028400"Intel(R) Core(TM) i7-10850H CPU @ 2.70GHz",3734,"Intel Core i7-10850H @ 2.70GHz",GenuineIntel,6,165,2,,FCBGA1440,2700,5100,6,2,45,2,1590127200"Intel Core i7-10850H CPU @ 2.70GHz",3734,"Intel Core i7-10850H @ 2.70GHz",

Timestamp	Bytes transferred	Direction	Data
2024-10-02 15:50:06 UTC	193	OUT	GET /baselines/V10/modelList.php?key=TRIAL_DAY0&type=gpu HTTP/1.1 Accept-Encoding: gzip,deflate User-Agent: PerformanceTest - passmark.com Host: www.passmark.com Cache-Control: no-cache
2024-10-02 15:50:07 UTC	314	IN	HTTP/1.1 200 OK Date: Wed, 02 Oct 2024 15:50:07 GMT Server: Apache Upgrade: h2,h2c Connection: Upgrade, close Cache-Control: max-age=86400 Expires: Thu, 03 Oct 2024 15:50:07 GMT Strict-Transport-Security: max-age=600; includeSubDomains Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8
2024-10-02 15:50:07 UTC	7878	IN	Data Raw: 31 31 66 66 38 0d 0a 22 49 6e 74 65 6c 28 52 29 20 49 72 69 73 28 52 29 20 58 65 20 47 72 61 70 68 69 63 73 22 2c 34 32 36 35 2c 22 49 6e 74 65 6c 20 49 72 69 73 20 58 65 22 2c 2c 2c 2c 2c 2c 2c 2c 0a 22 4e 56 49 44 49 41 20 47 65 46 6f 72 63 65 20 52 54 58 20 33 30 36 30 22 2c 34 33 34 35 2c 22 47 65 46 6f 72 63 65 20 52 54 58 20 33 30 36 30 20 31 32 47 42 22 2c 22 50 43 49 65 20 34 2e 30 20 78 31 36 22 2c 31 32 32 38 38 2c 31 33 32 30 2c 31 35 30 30 30 2c 31 32 2c 34 2e 36 2c 31 37 30 2c 31 0a 22 4e 56 49 44 49 41 20 47 65 46 6f 72 63 65 20 52 54 58 20 33 30 37 30 22 2c 34 32 38 33 2c 22 47 65 46 6f 72 63 65 20 52 54 58 20 33 30 37 30 22 2c 22 50 43 49 65 20 34 2e 30 20 78 31 36 22 2c 38 31 39 32 2c 31 35 30 30 2c 31 37 35 30 2c 31 32 2c 34 2e 36 2c 32 Data Ascii: 11ff8"Intel(R) Iris(R) Xe Graphics",4265,"Intel Iris Xe",,,,,,,,"NVIDIA GeForce RTX 3060",4345,"GeForce RTX 3060 12GB","PCIe 4.0 x16",12288,1320,15000,12,4.6,170,1"NVIDIA GeForce RTX 3070",4283,"GeForce RTX 3070","PCIe 4.0 x16",8192,1500,1750,12,4.6,2
2024-10-02 15:50:07 UTC	321	IN	Data Raw: 22 2c 22 50 43 49 65 20 33 2e 30 20 78 31 36 22 2c 38 31 39 32 2c 31 32 36 36 2c 32 30 30 30 2c 31 32 2e 30 2c 34 2e 35 2c 31 35 30 2c 31 0a 22 41 4d 44 20 52 61 64 65 6f 6e 20 52 58 20 37 39 30 30 20 58 54 22 2c 34 36 34 36 2c 22 52 61 64 65 6f 6e 20 52 58 20 37 39 30 30 20 58 54 22 2c 22 50 43 49 65 20 34 2e 30 20 78 31 36 22 2c 32 30 34 38 30 2c 32 30 30 30 2c 32 35 30 30 2c 31 32 5f 32 2c 34 2e 36 2c 33 31 35 2c 31 0a 22 49 6e 74 65 6c 28 52 29 20 49 72 69 73 28 52 29 20 50 6c 75 73 20 47 72 61 70 68 69 63 73 22 2c 34 31 32 30 2c 22 49 6e 74 65 6c 20 49 72 69 73 20 50 6c 75 73 22 2c 2c 2c 2c 2c 2c 2c 2c 0a 22 4e 56 49 44 49 41 20 47 65 46 6f 72 63 65 20 52 54 58 20 34 30 37 30 20 54 69 20 53 55 50 45 52 22 2c 34 39 38 30 2c 22 47 65 46 6f 72 63 65 20 Data Ascii: ","PCIe 3.0 x16",8192,1266,2000,12.0,4.5,150,1"AMD Radeon RX 7900 XT",4646,"Radeon RX 7900 XT","PCIe 4.0 x16",20480,2000,2500,12_2,4.6,315,1"Intel(R) Iris(R) Plus Graphics",4120,"Intel Iris Plus",,,,,,,,"NVIDIA GeForce RTX 4070 Ti SUPER",4980,"GeForce
2024-10-02 15:50:07 UTC	8192	IN	Data Raw: 44 20 52 61 64 65 6f 6e 20 52 58 20 36 39 35 30 20 58 54 22 2c 34 35 34 30 2c 22 52 61 64 65 6f 6e 20 52 58 20 36 39 35 30 20 58 54 22 2c 22 50 43 49 65 20 34 2e 30 20 78 31 36 22 2c 31 36 33 38 34 2c 31 39 32 35 2c 32 32 35 30 2c 31 32 5f 32 2c 34 2e 36 2c 33 33 35 2c 31 0a 22 41 4d 44 20 52 61 64 65 6f 6e 20 52 58 20 35 38 30 20 32 30 34 38 53 50 22 2c 34 30 34 39 2c 22 52 61 64 65 6f 6e 20 52 58 20 35 38 30 20 32 30 34 38 53 50 22 2c 22 50 43 49 65 20 33 2e 30 20 78 31 36 22 2c 31 36 33 38 34 2c 31 31 36 38 2c 31 37 35 30 2c 31 32 2e 30 2c 34 2e 36 2c 31 35 30 2c 31 0a 22 4e 56 49 44 49 41 20 47 65 46 6f 72 63 65 20 52 54 58 20 34 30 38 30 20 53 55 50 45 52 22 2c 34 39 38 34 2c 22 47 65 46 6f 72 63 65 20 52 54 58 20 34 30 38 30 20 53 55 50 45 52 22 2c Data Ascii: D Radeon RX 6950 XT",4540,"Radeon RX 6950 XT","PCIe 4.0 x16",16384,1925,2250,12_2,4.6,335,1"AMD Radeon RX 580 2048SP",4049,"Radeon RX 580 2048SP","PCIe 3.0 x16",16384,1168,1750,12.0,4.6,150,1"NVIDIA GeForce RTX 4080 SUPER",4984,"GeForce RTX 4080 SUPER",
2024-10-02 15:50:07 UTC	8192	IN	Data Raw: 44 65 73 69 67 6e 22 2c 33 39 32 32 2c 22 47 65 46 6f 72 63 65 20 47 54 58 20 31 30 35 30 20 54 69 20 77 69 74 68 20 4d 61 78 2d 51 20 44 65 73 69 67 6e 22 2c 22 50 43 49 65 20 33 2e 30 20 78 31 36 22 2c 34 30 39 36 2c 31 31 35 31 2c 31 37 35 32 2c 31 32 2c 2c 2c 32 0a 22 4e 56 49 44 49 41 20 52 54 58 20 41 32 30 30 30 20 31 32 47 42 22 2c 34 35 33 33 2c 22 52 54 58 20 41 32 30 30 30 20 31 32 47 42 22 2c 2c 2c 2c 2c 2c 2c 2c 0a 22 49 6e 74 65 6c 28 52 29 20 55 48 44 20 47 72 61 70 68 69 63 73 20 36 31 30 22 2c 33 39 31 30 2c 22 49 6e 74 65 6c 20 55 48 44 20 47 72 61 70 68 69 63 73 20 36 31 30 22 2c 2c 2c 2c 2c 2c 2c 2c 0a 22 4e 56 49 44 49 41 20 47 65 46 6f 72 63 65 20 4d 58 33 33 30 20 28 4d 6f 62 69 6c 65 29 22 2c 34 32 30 33 2c 22 47 65 46 6f 72 63 65 Data Ascii: Design",3922,"GeForce GTX 1050 Ti with Max-Q Design","PCIe 3.0 x16",4096,1151,1752,12,,,2"NVIDIA RTX A2000 12GB",4533,"RTX A2000 12GB",,,,,,,,"Intel(R) UHD Graphics 610",3910,"Intel UHD Graphics 610",,,,,,,,"NVIDIA GeForce MX330 (Mobile)",4203,"GeForce
2024-10-02 15:50:07 UTC	8192	IN	Data Raw: 38 37 36 2c 32 35 30 30 2c 31 31 2e 32 2c 34 2e 35 2c 34 30 2c 32 0a 22 4e 56 49 44 49 41 20 51 75 61 64 72 6f 20 36 30 30 22 2c 39 31 2c 22 51 75 61 64 72 6f 20 36 30 30 22 2c 22 50 43 49 65 20 32 2e 30 20 78 31 36 22 2c 31 30 32 34 2c 36 34 30 2c 31 36 30 30 2c 31 31 2c 34 2e 35 2c 34 30 2c 34 0a 22 4e 56 49 44 49 41 20 47 65 46 6f 72 63 65 20 47 54 20 36 35 30 4d 22 2c 31 32 32 2c 22 47 65 46 6f 72 63 65 20 47 54 20 36 35 30 4d 22 2c 22 50 43 49 65 20 33 2e 30 20 78 31 36 22 2c 32 30 34 38 2c 22 38 33 35 2c 37 34 35 2c 39 30 30 22 2c 38 33 35 2c 31 31 2e 32 2c 34 2e 35 2c 34 35 2c 32 0a 22 41 4d 44 20 52 79 7a 65 6e 20 33 20 35 33 30 30 55 20 77 69 74 68 20 52 61 64 65 6f 6e 20 47 72 61 70 68 69 63 73 22 2c 34 35 30 38 2c 22 52 79 7a 65 6e 20 33 20 35 Data Ascii: 876,2500,11.2,4.5,40,2"NVIDIA Quadro 600",91,"Quadro 600","PCIe 2.0 x16",1024,640,1600,11,4.5,40,4"NVIDIA GeForce GT 650M",122,"GeForce GT 650M","PCIe 3.0 x16",2048,"835,745,900",835,11.2,4.5,45,2"AMD Ryzen 3 5300U with Radeon Graphics",4508,"Ryzen 3 5
2024-10-02 15:50:07 UTC	8192	IN	Data Raw: 63 65 20 47 54 20 36 33 35 4d 22 2c 22 50 43 49 65 20 32 2e 30 20 78 31 36 22 2c 31 35 33 36 2c 36 37 35 2c 2c 31 31 2c 34 2e 35 2c 33 35 2c 32 0a 22 4e 56 49 44 49 41 20 47 65 46 6f 72 63 65 20 47 54 20 37 33 30 4d 22 2c 32 34 31 37 2c 22 47 65 46 6f 72 63 65 20 47 54 20 37 33 30 4d 22 2c 22 50 43 49 65 20 33 2e 30 20 78 38 22 2c 32 30 34 38 2c 37 31 39 2c 2c 31 31 2c 34 2e 35 2c 33 33 2c 32 0a 22 41 4d 44 20 52 61 64 65 6f 6e 20 50 72 6f 20 57 35 37 30 30 22 2c 34 31 38 32 2c 22 52 61 64 65 6f 6e 20 50 72 6f 20 57 35 37 30 30 22 2c 22 50 43 49 65 20 34 2e 30 20 78 31 36 22 2c 38 31 39 32 2c 31 32 34 33 2c 31 34 30 30 30 2c 31 32 2c 34 2e 36 2c 32 30 35 2c 31 0a 22 41 4d 44 20 52 61 64 65 6f 6e 28 54 4d 29 20 47 72 61 70 68 69 63 73 20 52 79 7a 65 6e 20 Data Ascii: ce GT 635M","PCIe 2.0 x16",1536,675,,11,4.5,35,2"NVIDIA GeForce GT 730M",2417,"GeForce GT 730M","PCIe 3.0 x8",2048,719,,11,4.5,33,2"AMD Radeon Pro W5700",4182,"Radeon Pro W5700","PCIe 4.0 x16",8192,1243,14000,12,4.6,205,1"AMD Radeon(TM) Graphics Ryzen
2024-10-02 15:50:07 UTC	8192	IN	Data Raw: 30 55 20 22 2c 34 36 39 33 2c 22 52 61 64 65 6f 6e 20 56 65 67 61 20 33 20 52 79 7a 65 6e 20 33 20 33 32 30 30 55 22 2c 2c 2c 2c 2c 2c 2c 2c 0a 22 52 61 64 65 6f 6e 20 28 54 4d 29 20 52 58 20 35 35 30 58 22 2c 34 30 36 39 2c 22 52 61 64 65 6f 6e 20 52 58 20 35 35 30 58 22 2c 22 50 43 49 65 20 33 2e 30 20 78 38 22 2c 34 30 39 36 2c 31 31 30 30 2c 31 35 30 30 2c 31 32 2e 30 2c 34 2e 36 2c 35 30 2c 31 0a 22 4e 56 49 44 49 41 20 47 65 46 6f 72 63 65 20 47 54 58 20 31 36 33 30 22 2c 34 35 37 31 2c 22 47 65 46 6f 72 63 65 20 47 54 58 20 31 36 33 30 22 2c 2c 2c 2c 2c 2c 2c 2c 0a 22 4e 56 49 44 49 41 20 51 75 61 64 72 6f 20 46 58 20 31 38 30 30 22 2c 31 35 36 36 2c 22 51 75 61 64 72 6f 20 46 58 20 31 38 30 30 22 2c 22 50 43 49 65 20 32 2e 30 20 78 31 36 22 2c 37 Data Ascii: 0U ",4693,"Radeon Vega 3 Ryzen 3 3200U",,,,,,,,"Radeon (TM) RX 550X",4069,"Radeon RX 550X","PCIe 3.0 x8",4096,1100,1500,12.0,4.6,50,1"NVIDIA GeForce GTX 1630",4571,"GeForce GTX 1630",,,,,,,,"NVIDIA Quadro FX 1800",1566,"Quadro FX 1800","PCIe 2.0 x16",7
2024-10-02 15:50:07 UTC	8192	IN	Data Raw: 2c 2c 2c 2c 2c 2c 2c 2c 0a 22 52 61 64 65 6f 6e 20 35 30 30 20 53 65 72 69 65 73 22 2c 33 37 34 34 2c 22 52 61 64 65 6f 6e 20 35 30 30 20 53 65 72 69 65 73 22 2c 2c 2c 2c 2c 2c 2c 2c 0a 22 4e 56 49 44 49 41 20 47 65 46 6f 72 63 65 20 47 54 20 37 34 35 4d 22 2c 32 35 36 34 2c 22 47 65 46 6f 72 63 65 20 47 54 20 37 34 35 4d 22 2c 22 50 43 49 65 20 33 2e 30 20 78 31 36 22 2c 32 30 34 38 2c 38 33 37 2c 2c 31 31 2c 34 2e 35 2c 34 35 2c 32 0a 22 41 4d 44 20 52 61 64 65 6f 6e 28 54 4d 29 20 56 65 67 61 20 38 20 4d 6f 62 69 6c 65 20 47 72 61 70 68 69 63 73 22 2c 33 38 34 35 2c 22 52 61 64 65 6f 6e 20 56 65 67 61 20 38 20 4d 6f 62 69 6c 65 22 2c 2c 2c 2c 2c 2c 2c 2c 0a 22 41 4d 44 20 52 61 64 65 6f 6e 20 48 44 20 36 33 32 30 22 2c 32 35 38 2c 22 52 61 64 65 6f 6e Data Ascii: ,,,,,,,,"Radeon 500 Series",3744,"Radeon 500 Series",,,,,,,,"NVIDIA GeForce GT 745M",2564,"GeForce GT 745M","PCIe 3.0 x16",2048,837,,11,4.5,45,2"AMD Radeon(TM) Vega 8 Mobile Graphics",3845,"Radeon Vega 8 Mobile",,,,,,,,"AMD Radeon HD 6320",258,"Radeon
2024-10-02 15:50:07 UTC	8184	IN	Data Raw: 73 28 54 4d 29 20 50 72 6f 20 47 72 61 70 68 69 63 73 20 36 32 30 30 22 2c 33 32 35 38 2c 22 49 6e 74 65 6c 20 49 72 69 73 20 50 72 6f 20 47 72 61 70 68 69 63 73 20 36 32 30 30 22 2c 2c 2c 2c 2c 2c 2c 2c 0a 22 4e 56 49 44 49 41 20 51 75 61 64 72 6f 20 46 58 20 38 38 30 4d 22 2c 31 36 31 32 2c 22 51 75 61 64 72 6f 20 46 58 20 38 38 30 4d 22 2c 22 50 43 49 65 20 32 2e 30 20 78 31 36 22 2c 31 30 32 34 2c 35 35 30 2c 31 36 30 30 2c 31 30 2e 31 2c 33 2e 33 2c 33 35 2c 34 0a 22 41 4d 44 20 52 61 64 65 6f 6e 20 48 44 20 37 37 33 30 4d 22 2c 32 39 39 35 2c 22 52 61 64 65 6f 6e 20 48 44 20 37 37 33 30 4d 22 2c 22 50 43 49 65 20 32 2e 31 20 78 31 36 22 2c 32 30 34 38 2c 22 35 37 35 2c 36 37 35 22 2c 22 39 30 30 2c 39 30 30 22 2c 31 31 2e 31 2c 34 2e 34 2c 32 35 2c Data Ascii: s(TM) Pro Graphics 6200",3258,"Intel Iris Pro Graphics 6200",,,,,,,,"NVIDIA Quadro FX 880M",1612,"Quadro FX 880M","PCIe 2.0 x16",1024,550,1600,10.1,3.3,35,4"AMD Radeon HD 7730M",2995,"Radeon HD 7730M","PCIe 2.1 x16",2048,"575,675","900,900",11.1,4.4,25,
2024-10-02 15:50:07 UTC	8192	IN	Data Raw: 2c 38 30 30 2c 39 30 30 2d 31 31 32 35 2c 31 31 2e 32 2c 34 2e 32 2c 34 37 2c 31 0a 22 4e 56 49 44 49 41 20 47 65 46 6f 72 63 65 20 47 54 20 37 31 30 4d 22 2c 32 37 34 34 2c 22 47 65 46 6f 72 63 65 20 47 54 20 37 31 30 4d 22 2c 2c 2c 2c 2c 2c 2c 2c 32 0a 22 41 4d 44 20 52 79 7a 65 6e 20 33 20 37 33 33 30 55 20 77 69 74 68 20 52 61 64 65 6f 6e 20 47 72 61 70 68 69 63 73 22 2c 34 38 37 35 2c 22 52 79 7a 65 6e 20 33 20 37 33 33 30 55 20 77 69 74 68 20 52 61 64 65 6f 6e 20 47 72 61 70 68 69 63 73 22 2c 2c 2c 2c 2c 2c 2c 2c 0a 22 4e 56 49 44 49 41 20 47 65 46 6f 72 63 65 20 47 54 20 33 33 35 4d 22 2c 31 34 31 37 2c 22 47 65 46 6f 72 63 65 20 47 54 20 33 33 35 4d 22 2c 22 50 43 49 65 20 32 2e 30 20 78 31 36 22 2c 31 30 32 34 2c 34 35 30 2c 31 36 30 30 2c 31 30 Data Ascii: ,800,900-1125,11.2,4.2,47,1"NVIDIA GeForce GT 710M",2744,"GeForce GT 710M",,,,,,,,2"AMD Ryzen 3 7330U with Radeon Graphics",4875,"Ryzen 3 7330U with Radeon Graphics",,,,,,,,"NVIDIA GeForce GT 335M",1417,"GeForce GT 335M","PCIe 2.0 x16",1024,450,1600,10

Timestamp	Bytes transferred	Direction	Data
2024-10-02 15:50:08 UTC	193	OUT	GET /baselines/V10/modelList.php?key=TRIAL_DAY0&type=ram HTTP/1.1 Accept-Encoding: gzip,deflate User-Agent: PerformanceTest - passmark.com Host: www.passmark.com Cache-Control: no-cache
2024-10-02 15:50:08 UTC	314	IN	HTTP/1.1 200 OK Date: Wed, 02 Oct 2024 15:50:08 GMT Server: Apache Upgrade: h2,h2c Connection: Upgrade, close Cache-Control: max-age=86400 Expires: Thu, 03 Oct 2024 15:50:08 GMT Strict-Transport-Security: max-age=600; includeSubDomains Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8
2024-10-02 15:50:08 UTC	7878	IN	Data Raw: 31 31 66 66 38 0d 0a 43 6f 72 73 61 69 72 2c 22 43 4d 4b 31 36 47 58 34 4d 32 42 33 32 30 30 43 31 36 20 20 22 2c 37 39 36 36 2c 22 43 6f 72 73 61 69 72 20 43 4d 4b 31 36 47 58 34 4d 32 42 33 32 30 30 43 31 36 20 38 47 42 22 2c 38 31 39 32 2c 31 32 2c 31 2e 32 56 2c 31 30 36 36 2e 36 37 2c 50 43 34 2d 31 37 30 30 30 2c 22 39 20 31 30 20 31 31 20 31 32 20 31 33 20 31 34 20 31 35 20 31 36 20 22 2c 30 2e 39 33 38 2c 31 33 2e 35 2c 31 33 2e 35 2c 31 33 2e 35 2c 33 33 2c 33 2e 37 30 31 2c 34 36 2e 35 2c 32 36 30 0a 22 54 65 61 6d 20 47 72 6f 75 70 20 49 6e 63 2e 22 2c 22 54 45 41 4d 47 52 4f 55 50 2d 55 44 34 2d 33 32 30 30 20 20 22 2c 39 33 32 32 2c 22 54 65 61 6d 20 47 72 6f 75 70 20 49 6e 63 2e 20 54 45 41 4d 47 52 4f 55 50 2d 55 44 34 2d 33 32 30 30 20 38 Data Ascii: 11ff8Corsair,"CMK16GX4M2B3200C16 ",7966,"Corsair CMK16GX4M2B3200C16 8GB",8192,12,1.2V,1066.67,PC4-17000,"9 10 11 12 13 14 15 16 ",0.938,13.5,13.5,13.5,33,3.701,46.5,260"Team Group Inc.","TEAMGROUP-UD4-3200 ",9322,"Team Group Inc. TEAMGROUP-UD4-3200 8
2024-10-02 15:50:08 UTC	321	IN	Data Raw: 2e 31 56 2c 32 34 30 33 2e 38 35 2c 50 43 35 2d 33 38 34 30 30 2c 22 32 32 20 32 38 20 33 30 20 33 32 20 33 36 20 34 30 20 34 32 20 22 2c 30 2e 34 31 36 2c 31 36 2e 36 36 36 2c 31 36 2e 36 36 36 2c 31 36 2e 36 36 36 2c 33 32 2c 30 2c 34 38 2e 36 36 36 2c 30 2e 32 39 35 0a 22 53 4b 20 48 79 6e 69 78 22 2c 22 48 4d 41 38 31 47 53 36 4a 4a 52 38 4e 2d 56 4b 20 20 20 20 22 2c 31 32 39 32 35 2c 22 53 4b 20 48 79 6e 69 78 20 48 4d 41 38 31 47 53 36 4a 4a 52 38 4e 2d 56 4b 20 38 47 42 22 2c 38 31 39 32 2c 31 32 2c 31 2e 32 56 2c 31 33 33 33 2e 33 33 2c 50 43 34 2d 32 31 33 30 30 2c 22 31 30 20 31 31 20 31 32 20 31 33 20 31 34 20 31 35 20 31 36 20 31 37 20 31 38 20 31 39 20 32 30 20 22 2c 30 2e 37 35 2c 31 33 2e 37 35 2c 31 33 2e 37 35 2c 31 33 2e 37 35 2c 33 32 Data Ascii: .1V,2403.85,PC5-38400,"22 28 30 32 36 40 42 ",0.416,16.666,16.666,16.666,32,0,48.666,0.295"SK Hynix","HMA81GS6JJR8N-VK ",12925,"SK Hynix HMA81GS6JJR8N-VK 8GB",8192,12,1.2V,1333.33,PC4-21300,"10 11 12 13 14 15 16 17 18 19 20 ",0.75,13.75,13.75,13.75,32
2024-10-02 15:50:08 UTC	8192	IN	Data Raw: 72 6f 6e 20 54 65 63 68 6e 6f 6c 6f 67 79 20 34 41 54 46 31 47 36 34 48 5a 2d 33 47 32 45 32 20 38 47 42 22 2c 38 31 39 32 2c 31 32 2c 31 2e 32 56 2c 31 36 30 30 2c 50 43 34 2d 32 35 36 30 30 2c 22 31 30 20 31 31 20 31 32 20 31 33 20 31 34 20 31 35 20 31 36 20 31 37 20 31 38 20 31 39 20 32 30 20 32 31 20 32 32 20 32 33 20 32 34 20 32 35 20 32 36 20 32 38 20 22 2c 30 2e 36 32 35 2c 31 33 2e 37 35 2c 31 33 2e 37 35 2c 31 33 2e 37 35 2c 33 32 2c 35 2e 33 2c 34 35 2e 37 35 2c 33 35 30 0a 22 47 20 53 6b 69 6c 6c 20 49 6e 74 6c 22 2c 22 46 35 2d 36 30 30 30 4a 33 32 33 38 46 31 36 47 20 20 20 20 20 20 20 20 20 20 20 20 20 20 22 2c 31 39 35 30 30 2c 22 47 20 53 6b 69 6c 6c 20 49 6e 74 6c 20 46 35 2d 36 30 30 30 4a 33 32 33 38 46 31 36 47 20 31 36 47 42 22 2c 31 Data Ascii: ron Technology 4ATF1G64HZ-3G2E2 8GB",8192,12,1.2V,1600,PC4-25600,"10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 28 ",0.625,13.75,13.75,13.75,32,5.3,45.75,350"G Skill Intl","F5-6000J3238F16G ",19500,"G Skill Intl F5-6000J3238F16G 16GB",1
2024-10-02 15:50:08 UTC	8192	IN	Data Raw: 32 56 2c 31 33 33 33 2e 33 33 2c 50 43 34 2d 32 31 33 30 30 2c 22 37 20 38 20 39 20 31 30 20 31 31 20 31 32 20 31 33 20 31 34 20 31 35 20 31 36 20 31 37 20 31 38 20 31 39 20 32 30 20 32 31 20 32 32 20 32 33 20 32 34 20 22 2c 30 2e 37 35 2c 31 33 2e 35 2c 31 34 2e 32 35 2c 31 34 2e 32 35 2c 32 39 2e 32 35 2c 33 2e 37 35 2c 34 33 2e 35 2c 33 35 30 0a 22 53 4b 20 48 79 6e 69 78 22 2c 22 48 4d 41 38 32 47 53 36 41 46 52 38 4e 2d 55 48 20 20 20 20 22 2c 31 30 30 37 37 2c 22 53 4b 20 48 79 6e 69 78 20 48 4d 41 38 32 47 53 36 41 46 52 38 4e 2d 55 48 20 31 36 47 42 22 2c 31 36 33 38 34 2c 31 32 2c 31 2e 32 56 2c 31 32 30 30 2e 34 38 2c 50 43 34 2d 31 39 32 30 30 2c 22 31 30 20 31 31 20 31 32 20 31 33 20 31 34 20 31 35 20 31 36 20 31 37 20 31 38 20 22 2c 30 2e 38 Data Ascii: 2V,1333.33,PC4-21300,"7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 ",0.75,13.5,14.25,14.25,29.25,3.75,43.5,350"SK Hynix","HMA82GS6AFR8N-UH ",10077,"SK Hynix HMA82GS6AFR8N-UH 16GB",16384,12,1.2V,1200.48,PC4-19200,"10 11 12 13 14 15 16 17 18 ",0.8
2024-10-02 15:50:08 UTC	8192	IN	Data Raw: 37 35 2c 33 32 2c 35 2e 33 2c 34 35 2e 37 35 2c 33 35 30 0a 22 53 4b 20 48 79 6e 69 78 22 2c 22 48 4d 41 38 31 47 55 36 44 4a 52 38 4e 2d 58 4e 20 20 20 20 22 2c 31 35 31 34 36 2c 22 53 4b 20 48 79 6e 69 78 20 48 4d 41 38 31 47 55 36 44 4a 52 38 4e 2d 58 4e 20 38 47 42 22 2c 38 31 39 32 2c 31 32 2c 31 2e 32 56 2c 31 36 30 30 2c 50 43 34 2d 32 35 36 30 30 2c 22 31 30 20 31 31 20 31 32 20 31 33 20 31 34 20 31 35 20 31 36 20 31 37 20 31 38 20 31 39 20 32 30 20 32 31 20 32 32 20 32 34 20 22 2c 30 2e 36 32 35 2c 31 33 2e 37 35 2c 31 33 2e 37 35 2c 31 33 2e 37 35 2c 33 32 2c 32 2e 35 2c 34 35 2e 37 35 2c 33 35 30 0a 22 47 20 53 6b 69 6c 6c 20 49 6e 74 6c 22 2c 46 34 2d 32 34 30 30 43 31 35 2d 38 47 56 52 2c 37 37 35 31 2c 22 47 20 53 6b 69 6c 6c 20 49 6e 74 6c Data Ascii: 75,32,5.3,45.75,350"SK Hynix","HMA81GU6DJR8N-XN ",15146,"SK Hynix HMA81GU6DJR8N-XN 8GB",8192,12,1.2V,1600,PC4-25600,"10 11 12 13 14 15 16 17 18 19 20 21 22 24 ",0.625,13.75,13.75,13.75,32,2.5,45.75,350"G Skill Intl",F4-2400C15-8GVR,7751,"G Skill Intl
2024-10-02 15:50:08 UTC	8192	IN	Data Raw: 32 2c 31 2e 32 56 2c 31 36 30 30 2c 50 43 34 2d 32 35 36 30 30 2c 22 31 30 20 31 31 20 31 32 20 31 33 20 31 34 20 31 35 20 31 36 20 31 37 20 31 38 20 31 39 20 32 30 20 32 31 20 32 32 20 32 34 20 22 2c 30 2e 36 32 35 2c 31 33 2e 37 35 2c 31 33 2e 37 35 2c 31 33 2e 37 35 2c 33 32 2c 32 2e 35 2c 34 35 2e 37 35 2c 33 35 30 0a 43 6f 72 73 61 69 72 2c 43 4d 48 33 32 47 58 35 4d 32 45 36 30 30 30 43 33 36 2c 32 32 33 30 32 2c 22 43 6f 72 73 61 69 72 20 43 4d 48 33 32 47 58 35 4d 32 45 36 30 30 30 43 33 36 20 31 36 47 42 22 2c 31 36 33 38 34 2c 31 38 2c 31 2e 31 56 2c 32 34 30 30 2c 50 43 35 2d 33 38 34 30 30 2c 22 32 32 20 32 38 20 33 30 20 33 32 20 33 36 20 34 30 20 34 32 20 22 2c 30 2e 34 31 36 2c 31 36 2e 36 36 36 2c 31 36 2e 36 36 36 2c 31 36 2e 36 36 36 2c Data Ascii: 2,1.2V,1600,PC4-25600,"10 11 12 13 14 15 16 17 18 19 20 21 22 24 ",0.625,13.75,13.75,13.75,32,2.5,45.75,350Corsair,CMH32GX5M2E6000C36,22302,"Corsair CMH32GX5M2E6000C36 16GB",16384,18,1.1V,2400,PC5-38400,"22 28 30 32 36 40 42 ",0.416,16.666,16.666,16.666,
2024-10-02 15:50:09 UTC	8192	IN	Data Raw: 38 30 30 2c 50 43 35 2d 34 34 38 30 30 2c 22 32 32 20 32 36 20 32 38 20 33 30 20 33 32 20 33 36 20 34 30 20 34 32 20 34 36 20 35 30 20 22 2c 30 2e 33 35 37 2c 31 36 2c 31 36 2c 31 36 2c 33 32 2c 30 2c 34 38 2c 30 2e 32 39 35 0a 4b 69 6e 67 73 74 6f 6e 2c 22 4b 46 35 36 30 43 33 32 2d 31 36 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 22 2c 31 39 36 36 34 2c 22 4b 69 6e 67 73 74 6f 6e 20 4b 46 35 36 30 43 33 32 2d 31 36 20 31 36 47 42 22 2c 31 36 33 38 34 2c 31 38 2c 31 2e 31 56 2c 32 34 30 33 2e 38 35 2c 50 43 35 2d 31 39 32 30 30 2c 22 32 32 20 32 36 20 32 38 20 33 30 20 33 32 20 33 36 20 34 30 20 34 32 20 22 2c 30 2e 34 31 36 2c 31 36 2c 31 36 2c 31 36 2c 33 32 2c 30 2c 34 38 2c 30 2e 32 39 35 0a 22 47 20 53 6b 69 6c 6c 20 49 6e 74 6c 22 2c Data Ascii: 800,PC5-44800,"22 26 28 30 32 36 40 42 46 50 ",0.357,16,16,16,32,0,48,0.295Kingston,"KF560C32-16 ",19664,"Kingston KF560C32-16 16GB",16384,18,1.1V,2403.85,PC5-19200,"22 26 28 30 32 36 40 42 ",0.416,16,16,16,32,0,48,0.295"G Skill Intl",
2024-10-02 15:50:09 UTC	8192	IN	Data Raw: 53 61 6d 73 75 6e 67 20 4d 34 32 35 52 32 47 41 33 42 42 30 2d 43 57 4d 4f 44 20 31 36 47 42 22 2c 31 36 33 38 34 2c 31 38 2c 31 2e 31 56 2c 32 38 30 30 2c 50 43 35 2d 34 34 38 30 30 2c 22 32 32 20 32 36 20 32 38 20 33 30 20 33 32 20 33 36 20 34 30 20 34 32 20 34 36 20 35 30 20 22 2c 30 2e 33 35 37 2c 31 36 2c 31 36 2c 31 36 2c 33 32 2c 30 2c 34 38 2c 30 2e 32 39 35 0a 22 43 72 75 63 69 61 6c 20 54 65 63 68 6e 6f 6c 6f 67 79 22 2c 43 54 31 36 47 34 53 46 52 41 33 32 41 2e 4d 31 36 46 52 2c 31 37 35 36 39 2c 22 43 72 75 63 69 61 6c 20 54 65 63 68 6e 6f 6c 6f 67 79 20 43 54 31 36 47 34 53 46 52 41 33 32 41 2e 4d 31 36 46 52 20 31 36 47 42 22 2c 31 36 33 38 34 2c 31 32 2c 31 2e 32 56 2c 31 36 30 30 2c 50 43 34 2d 32 35 36 30 30 2c 22 31 30 20 31 31 20 31 32 Data Ascii: Samsung M425R2GA3BB0-CWMOD 16GB",16384,18,1.1V,2800,PC5-44800,"22 26 28 30 32 36 40 42 46 50 ",0.357,16,16,16,32,0,48,0.295"Crucial Technology",CT16G4SFRA32A.M16FR,17569,"Crucial Technology CT16G4SFRA32A.M16FR 16GB",16384,12,1.2V,1600,PC4-25600,"10 11 12
2024-10-02 15:50:09 UTC	8184	IN	Data Raw: 32 35 2c 33 35 2c 36 2c 34 38 2e 31 32 35 2c 32 36 30 0a 22 50 61 74 72 69 6f 74 20 4d 65 6d 6f 72 79 20 28 50 44 50 20 53 79 73 74 65 6d 73 29 22 2c 50 53 44 34 38 47 32 36 36 36 38 31 2c 31 32 32 39 38 2c 22 50 61 74 72 69 6f 74 20 4d 65 6d 6f 72 79 20 28 50 44 50 20 53 79 73 74 65 6d 73 29 20 50 53 44 34 38 47 32 36 36 36 38 31 20 38 47 42 22 2c 38 31 39 32 2c 31 32 2c 31 2e 32 56 2c 31 33 33 33 2e 33 33 2c 50 43 34 2d 32 31 33 30 30 2c 22 31 30 20 31 31 20 31 32 20 31 33 20 31 34 20 31 35 20 31 36 20 31 37 20 31 38 20 31 39 20 32 30 20 22 2c 30 2e 37 35 2c 31 34 2e 32 35 2c 31 34 2e 32 35 2c 31 34 2e 32 35 2c 33 32 2c 33 2c 34 36 2e 32 35 2c 33 35 30 0a 22 53 4b 20 48 79 6e 69 78 22 2c 22 48 4d 41 38 31 47 55 36 4a 4a 52 38 4e 2d 56 4b 20 20 20 20 22 Data Ascii: 25,35,6,48.125,260"Patriot Memory (PDP Systems)",PSD48G266681,12298,"Patriot Memory (PDP Systems) PSD48G266681 8GB",8192,12,1.2V,1333.33,PC4-21300,"10 11 12 13 14 15 16 17 18 19 20 ",0.75,14.25,14.25,14.25,32,3,46.25,350"SK Hynix","HMA81GU6JJR8N-VK "
2024-10-02 15:50:09 UTC	8192	IN	Data Raw: 2d 58 4e 20 31 36 47 42 22 2c 31 36 33 38 34 2c 31 32 2c 31 2e 32 56 2c 31 36 30 30 2c 50 43 34 2d 32 35 36 30 30 2c 22 31 30 20 31 31 20 31 32 20 31 33 20 31 34 20 31 35 20 31 36 20 31 37 20 31 38 20 31 39 20 32 30 20 32 31 20 32 32 20 32 34 20 22 2c 30 2e 36 32 35 2c 31 33 2e 37 35 2c 31 33 2e 37 35 2c 31 33 2e 37 35 2c 33 32 2c 32 2e 35 2c 34 35 2e 37 35 2c 33 35 30 0a 43 6f 72 73 61 69 72 2c 43 4d 57 33 32 47 58 34 4d 32 5a 33 32 30 30 43 31 36 2c 31 33 36 39 32 2c 22 43 6f 72 73 61 69 72 20 43 4d 57 33 32 47 58 34 4d 32 5a 33 32 30 30 43 31 36 20 31 36 47 42 22 2c 31 36 33 38 34 2c 31 32 2c 31 2e 32 56 2c 31 33 33 33 2e 33 33 2c 50 43 34 2d 32 31 33 30 30 2c 22 37 20 38 20 39 20 31 30 20 31 31 20 31 32 20 31 33 20 31 34 20 31 35 20 31 36 20 31 37 20 Data Ascii: -XN 16GB",16384,12,1.2V,1600,PC4-25600,"10 11 12 13 14 15 16 17 18 19 20 21 22 24 ",0.625,13.75,13.75,13.75,32,2.5,45.75,350Corsair,CMW32GX4M2Z3200C16,13692,"Corsair CMW32GX4M2Z3200C16 16GB",16384,12,1.2V,1333.33,PC4-21300,"7 8 9 10 11 12 13 14 15 16 17

Timestamp	Bytes transferred	Direction	Data
2024-10-02 15:50:13 UTC	193	OUT	GET /baselines/V10/modelList.php?key=TRIAL_DAY0&type=hdd HTTP/1.1 Accept-Encoding: gzip,deflate User-Agent: PerformanceTest - passmark.com Host: www.passmark.com Cache-Control: no-cache
2024-10-02 15:50:13 UTC	314	IN	HTTP/1.1 200 OK Date: Wed, 02 Oct 2024 15:50:13 GMT Server: Apache Upgrade: h2,h2c Connection: Upgrade, close Cache-Control: max-age=86400 Expires: Thu, 03 Oct 2024 15:50:13 GMT Strict-Transport-Security: max-age=600; includeSubDomains Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8
2024-10-02 15:50:13 UTC	7878	IN	Data Raw: 31 31 66 62 38 0d 0a 22 55 6e 6b 6e 6f 77 6e 20 44 72 69 76 65 22 2c 31 33 36 38 31 2c 22 55 6e 6b 6e 6f 77 6e 20 44 72 69 76 65 22 2c 2c 2c 2c 0a 22 53 61 6d 73 75 6e 67 20 53 53 44 20 39 38 30 20 50 52 4f 20 31 54 42 22 2c 32 36 38 35 37 2c 22 53 61 6d 73 75 6e 67 20 53 53 44 20 39 38 30 20 50 52 4f 20 31 54 42 22 2c 31 30 30 30 32 30 32 32 37 33 32 38 30 2c 2c 31 2c 35 31 32 0a 22 4e 56 4d 65 20 53 61 6d 73 75 6e 67 20 53 53 44 20 39 38 30 20 50 52 4f 20 31 54 42 22 2c 32 36 38 35 37 2c 22 53 61 6d 73 75 6e 67 20 53 53 44 20 39 38 30 20 50 52 4f 20 31 54 42 22 2c 31 30 30 30 32 30 32 32 37 33 32 38 30 2c 2c 31 2c 35 31 32 0a 22 53 61 6d 73 75 6e 67 20 53 53 44 20 39 37 30 20 45 56 4f 20 50 6c 75 73 20 31 54 42 22 2c 32 32 38 39 35 2c 22 53 61 6d 73 75 Data Ascii: 11fb8"Unknown Drive",13681,"Unknown Drive",,,,"Samsung SSD 980 PRO 1TB",26857,"Samsung SSD 980 PRO 1TB",1000202273280,,1,512"NVMe Samsung SSD 980 PRO 1TB",26857,"Samsung SSD 980 PRO 1TB",1000202273280,,1,512"Samsung SSD 970 EVO Plus 1TB",22895,"Samsu
2024-10-02 15:50:13 UTC	257	IN	Data Raw: 57 44 43 20 50 43 20 53 4e 35 33 30 20 53 44 42 50 4e 50 5a 2d 35 31 32 47 2d 31 30 30 36 22 2c 32 36 30 30 32 2c 22 57 44 20 50 43 20 53 4e 35 33 30 20 53 44 42 50 4e 50 5a 20 35 31 32 47 42 22 2c 35 31 32 31 30 35 39 33 32 38 30 30 2c 2c 31 2c 35 31 32 0a 22 4e 56 4d 65 20 57 44 43 20 50 43 20 53 4e 35 33 30 20 53 44 42 50 4e 50 5a 2d 35 31 32 47 2d 31 31 31 34 22 2c 32 36 30 30 32 2c 22 57 44 20 50 43 20 53 4e 35 33 30 20 53 44 42 50 4e 50 5a 20 35 31 32 47 42 22 2c 35 31 32 31 30 35 39 33 32 38 30 30 2c 2c 31 2c 35 31 32 0a 22 57 44 43 20 50 43 20 53 4e 35 33 30 20 53 44 42 50 4e 50 5a 2d 35 31 32 47 2d 31 31 31 34 22 2c 32 36 30 30 32 2c 22 57 44 20 50 43 20 53 4e 35 33 30 20 53 44 42 50 4e 50 5a 20 35 31 32 47 42 22 2c 35 31 32 31 30 35 39 33 32 38 Data Ascii: WDC PC SN530 SDBPNPZ-512G-1006",26002,"WD PC SN530 SDBPNPZ 512GB",512105932800,,1,512"NVMe WDC PC SN530 SDBPNPZ-512G-1114",26002,"WD PC SN530 SDBPNPZ 512GB",512105932800,,1,512"WDC PC SN530 SDBPNPZ-512G-1114",26002,"WD PC SN530 SDBPNPZ 512GB",5121059328
2024-10-02 15:50:13 UTC	8192	IN	Data Raw: 2c 2c 31 2c 35 31 32 0a 22 4e 56 4d 65 20 50 43 20 53 4e 35 33 30 20 4e 56 4d 65 20 57 44 43 20 35 31 32 47 42 22 2c 32 36 30 30 32 2c 22 57 44 20 50 43 20 53 4e 35 33 30 20 53 44 42 50 4e 50 5a 20 35 31 32 47 42 22 2c 35 31 32 31 30 35 39 33 32 38 30 30 2c 2c 31 2c 35 31 32 0a 22 4e 56 4d 65 20 57 44 43 20 50 43 20 53 4e 35 33 30 20 53 44 42 50 4e 50 5a 2d 35 31 32 47 2d 31 30 30 32 22 2c 32 36 30 30 32 2c 22 57 44 20 50 43 20 53 4e 35 33 30 20 53 44 42 50 4e 50 5a 20 35 31 32 47 42 22 2c 35 31 32 31 30 35 39 33 32 38 30 30 2c 2c 31 2c 35 31 32 0a 22 57 44 43 20 50 43 20 53 4e 35 33 30 20 53 44 42 50 4e 50 5a 2d 35 31 32 47 22 2c 32 36 30 30 32 2c 22 57 44 20 50 43 20 53 4e 35 33 30 20 53 44 42 50 4e 50 5a 20 35 31 32 47 42 22 2c 35 31 32 31 30 35 39 33 Data Ascii: ,,1,512"NVMe PC SN530 NVMe WDC 512GB",26002,"WD PC SN530 SDBPNPZ 512GB",512105932800,,1,512"NVMe WDC PC SN530 SDBPNPZ-512G-1002",26002,"WD PC SN530 SDBPNPZ 512GB",512105932800,,1,512"WDC PC SN530 SDBPNPZ-512G",26002,"WD PC SN530 SDBPNPZ 512GB",51210593
2024-10-02 15:50:13 UTC	8192	IN	Data Raw: 31 32 0a 43 54 31 30 30 30 4d 58 35 30 30 53 53 44 31 2c 31 35 31 37 37 2c 43 54 31 30 30 30 4d 58 35 30 30 53 53 44 31 2c 31 30 30 30 32 30 32 32 37 33 32 38 30 2c 2c 31 2c 35 31 32 0a 22 43 54 31 30 30 30 4d 58 35 30 30 53 53 44 31 20 53 43 53 49 20 44 69 73 6b 20 44 65 76 69 63 65 22 2c 31 35 31 37 37 2c 43 54 31 30 30 30 4d 58 35 30 30 53 53 44 31 2c 31 30 30 30 32 30 32 32 37 33 32 38 30 2c 2c 31 2c 35 31 32 0a 22 57 44 20 42 6c 75 65 20 53 4e 35 37 30 20 31 54 42 22 2c 32 39 36 32 30 2c 22 57 44 20 42 6c 75 65 20 53 4e 35 37 30 20 31 54 42 22 2c 31 30 30 30 32 30 32 32 37 33 32 38 30 2c 2c 31 2c 35 31 32 0a 22 53 41 4d 53 55 4e 47 20 4d 5a 56 4c 42 32 35 36 48 41 48 51 2d 30 30 30 30 30 22 2c 31 36 32 36 34 2c 22 53 61 6d 73 75 6e 67 20 50 4d 39 38 Data Ascii: 12CT1000MX500SSD1,15177,CT1000MX500SSD1,1000202273280,,1,512"CT1000MX500SSD1 SCSI Disk Device",15177,CT1000MX500SSD1,1000202273280,,1,512"WD Blue SN570 1TB",29620,"WD Blue SN570 1TB",1000202273280,,1,512"SAMSUNG MZVLB256HAHQ-00000",16264,"Samsung PM98
2024-10-02 15:50:13 UTC	8192	IN	Data Raw: 22 53 61 6d 73 75 6e 67 20 53 53 44 20 50 4d 39 39 31 20 4e 56 4d 65 20 32 35 36 47 42 22 2c 32 35 36 30 35 32 39 36 36 34 30 30 2c 2c 31 2c 35 31 32 0a 22 53 41 4d 53 55 4e 47 20 4d 5a 56 4c 51 32 35 36 48 41 4a 44 2d 30 30 30 30 30 22 2c 32 35 30 34 30 2c 22 53 61 6d 73 75 6e 67 20 53 53 44 20 50 4d 39 39 31 20 4e 56 4d 65 20 32 35 36 47 42 22 2c 32 35 36 30 35 32 39 36 36 34 30 30 2c 2c 31 2c 35 31 32 0a 22 4e 56 4d 65 20 50 4d 39 39 31 20 4e 56 4d 65 20 53 61 6d 73 75 22 2c 32 35 30 34 30 2c 22 53 61 6d 73 75 6e 67 20 53 53 44 20 50 4d 39 39 31 20 4e 56 4d 65 20 32 35 36 47 42 22 2c 32 35 36 30 35 32 39 36 36 34 30 30 2c 2c 31 2c 35 31 32 0a 22 4e 56 4d 65 20 53 41 4d 53 55 4e 47 20 4d 5a 56 4c 51 32 35 36 48 41 4a 44 2d 30 30 30 30 30 22 2c 32 35 30 Data Ascii: "Samsung SSD PM991 NVMe 256GB",256052966400,,1,512"SAMSUNG MZVLQ256HAJD-00000",25040,"Samsung SSD PM991 NVMe 256GB",256052966400,,1,512"NVMe PM991 NVMe Samsu",25040,"Samsung SSD PM991 NVMe 256GB",256052966400,,1,512"NVMe SAMSUNG MZVLQ256HAJD-00000",250
2024-10-02 15:50:13 UTC	8192	IN	Data Raw: 20 32 35 36 47 42 22 2c 32 35 36 30 35 32 39 36 36 34 30 30 2c 2c 31 2c 35 31 32 0a 22 57 44 43 20 50 43 20 53 4e 35 32 30 20 53 44 41 50 4e 55 57 2d 32 35 36 47 22 2c 31 36 37 35 30 2c 22 57 44 43 20 50 43 20 53 4e 35 32 30 20 4e 56 4d 65 20 53 53 44 20 32 35 36 47 42 22 2c 32 35 36 30 35 32 39 36 36 34 30 30 2c 2c 31 2c 35 31 32 0a 22 57 44 43 20 50 43 20 53 4e 35 32 30 20 53 44 41 50 4d 55 57 2d 32 35 36 47 2d 31 31 30 31 22 2c 31 36 37 35 30 2c 22 57 44 43 20 50 43 20 53 4e 35 32 30 20 4e 56 4d 65 20 53 53 44 20 32 35 36 47 42 22 2c 32 35 36 30 35 32 39 36 36 34 30 30 2c 2c 31 2c 35 31 32 0a 22 57 44 43 20 50 43 20 53 4e 35 32 30 20 53 44 41 50 4e 55 57 2d 32 35 36 47 2d 31 30 30 32 22 2c 31 36 37 35 30 2c 22 57 44 43 20 50 43 20 53 4e 35 32 30 20 4e Data Ascii: 256GB",256052966400,,1,512"WDC PC SN520 SDAPNUW-256G",16750,"WDC PC SN520 NVMe SSD 256GB",256052966400,,1,512"WDC PC SN520 SDAPMUW-256G-1101",16750,"WDC PC SN520 NVMe SSD 256GB",256052966400,,1,512"WDC PC SN520 SDAPNUW-256G-1002",16750,"WDC PC SN520 N
2024-10-02 15:50:14 UTC	8192	IN	Data Raw: 30 5a 4e 56 32 35 36 47 20 4b 49 4f 58 49 41 22 2c 32 36 37 34 31 2c 22 4b 42 47 34 30 5a 4e 56 32 35 36 47 20 4b 49 4f 58 49 41 22 2c 32 35 36 30 35 32 39 36 36 34 30 30 2c 2c 30 2c 35 31 32 0a 22 53 50 43 43 20 4d 2e 32 20 50 43 49 65 20 53 53 44 22 2c 31 36 34 38 33 2c 22 53 50 43 43 20 4d 2e 32 20 50 43 49 65 20 53 53 44 22 2c 32 35 36 30 35 32 39 36 36 34 30 30 2c 35 39 34 30 2c 31 2c 35 31 32 0a 22 53 50 43 43 20 53 6f 6c 69 64 20 53 74 61 74 65 20 44 69 73 6b 20 41 54 41 20 44 65 76 69 63 65 22 2c 31 38 34 30 30 2c 22 53 50 43 43 20 53 6f 6c 69 64 20 53 74 61 74 65 22 2c 32 35 36 30 35 32 39 36 36 34 30 30 2c 2c 31 2c 35 31 32 0a 22 53 50 43 43 20 53 6f 6c 69 64 20 53 74 61 74 65 20 53 43 53 49 20 44 69 73 6b 20 44 65 76 69 63 65 22 2c 31 38 34 30 Data Ascii: 0ZNV256G KIOXIA",26741,"KBG40ZNV256G KIOXIA",256052966400,,0,512"SPCC M.2 PCIe SSD",16483,"SPCC M.2 PCIe SSD",256052966400,5940,1,512"SPCC Solid State Disk ATA Device",18400,"SPCC Solid State",256052966400,,1,512"SPCC Solid State SCSI Disk Device",1840
2024-10-02 15:50:14 UTC	8192	IN	Data Raw: 31 54 42 22 2c 32 39 36 35 35 2c 22 57 44 20 47 72 65 65 6e 20 53 4e 33 35 30 20 31 54 42 22 2c 31 30 30 30 32 30 32 32 37 33 32 38 30 2c 2c 31 2c 35 31 32 0a 22 57 44 20 47 72 65 65 6e 20 53 4e 33 35 30 20 31 54 42 20 32 47 30 43 22 2c 32 39 36 35 35 2c 22 57 44 20 47 72 65 65 6e 20 53 4e 33 35 30 20 31 54 42 22 2c 31 30 30 30 32 30 32 32 37 33 32 38 30 2c 2c 31 2c 35 31 32 0a 22 57 44 20 42 6c 75 65 20 53 4e 35 38 30 20 31 54 42 22 2c 33 35 33 34 36 2c 22 57 44 20 42 6c 75 65 20 53 4e 35 38 30 20 31 54 42 22 2c 31 30 30 30 32 30 32 32 37 33 32 38 30 2c 2c 31 2c 35 31 32 0a 22 4e 56 4d 65 20 57 44 20 42 6c 75 65 20 53 4e 35 38 30 20 31 54 42 22 2c 33 35 33 34 36 2c 22 57 44 20 42 6c 75 65 20 53 4e 35 38 30 20 31 54 42 22 2c 31 30 30 30 32 30 32 32 37 33 Data Ascii: 1TB",29655,"WD Green SN350 1TB",1000202273280,,1,512"WD Green SN350 1TB 2G0C",29655,"WD Green SN350 1TB",1000202273280,,1,512"WD Blue SN580 1TB",35346,"WD Blue SN580 1TB",1000202273280,,1,512"NVMe WD Blue SN580 1TB",35346,"WD Blue SN580 1TB",1000202273
2024-10-02 15:50:14 UTC	8192	IN	Data Raw: 47 22 2c 33 31 31 30 33 2c 22 57 44 20 50 43 20 53 4e 38 31 30 20 53 44 43 50 4e 52 59 20 35 31 32 47 42 22 2c 35 31 32 31 30 35 39 33 32 38 30 30 2c 2c 31 2c 35 31 32 0a 22 57 44 20 50 43 20 53 4e 38 31 30 20 53 44 43 50 4e 52 59 2d 35 31 32 47 2d 31 31 30 31 22 2c 33 31 31 30 33 2c 22 57 44 20 50 43 20 53 4e 38 31 30 20 53 44 43 50 4e 52 59 20 35 31 32 47 42 22 2c 35 31 32 31 30 35 39 33 32 38 30 30 2c 2c 31 2c 35 31 32 0a 22 4d 69 63 72 6f 6e 20 4d 54 46 44 48 42 41 35 31 32 51 46 44 22 2c 32 37 39 37 30 2c 22 4d 69 63 72 6f 6e 20 4d 54 46 44 48 42 41 35 31 32 51 46 44 22 2c 35 31 32 31 30 35 39 33 32 38 30 30 2c 2c 31 2c 35 31 32 0a 22 41 44 41 54 41 20 53 55 38 30 30 22 2c 31 32 38 38 39 2c 22 41 44 41 54 41 20 53 55 38 30 30 20 53 53 44 20 32 35 36 Data Ascii: G",31103,"WD PC SN810 SDCPNRY 512GB",512105932800,,1,512"WD PC SN810 SDCPNRY-512G-1101",31103,"WD PC SN810 SDCPNRY 512GB",512105932800,,1,512"Micron MTFDHBA512QFD",27970,"Micron MTFDHBA512QFD",512105932800,,1,512"ADATA SU800",12889,"ADATA SU800 SSD 256
2024-10-02 15:50:14 UTC	56	IN	Data Raw: 44 65 76 69 63 65 22 2c 31 37 33 30 39 2c 22 53 61 6d 73 75 6e 67 20 53 53 44 20 38 34 30 20 53 65 72 69 65 73 22 2c 32 35 30 30 35 36 37 33 37 32 38 30 2c 2c 31 2c 35 Data Ascii: Device",17309,"Samsung SSD 840 Series",250056737280,,1,5

Target ID:	0
Start time:	11:48:54
Start date:	02/10/2024
Path:	C:\Users\user\Desktop\petst.exe
Wow64 process (32bit):	true
Commandline:	"C:\Users\user\Desktop\petst.exe"
Imagebase:	0x400000
File size:	83'004'160 bytes
MD5 hash:	2ED275F10D8631382B8339E77E686261
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	Borland Delphi
Reputation:	low
Has exited:	true

Target ID:	3
Start time:	11:49:43
Start date:	02/10/2024
Path:	C:\Users\user\AppData\Local\Temp\is-2T6FH.tmp\_isetup\_setup64.tmp
Wow64 process (32bit):	false
Commandline:	helper 105 0x4D8
Imagebase:	0x140000000
File size:	6'144 bytes
MD5 hash:	E4211D6D009757C078A9FAC7FF4F03D4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	moderate
Has exited:	true

Target ID:	6
Start time:	11:49:48
Start date:	02/10/2024
Path:	C:\Program Files\PerformanceTest\PerformanceTest64.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\PerformanceTest\PerformanceTest64.exe" /l en
Imagebase:	0x140000000
File size:	58'993'504 bytes
MD5 hash:	EBE5F6D02582E010284354194E233C3C
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Execution Coverage:	56.4%
Dynamic/Decrypted Code Coverage:	0%
Signature Coverage:	33.3%
Total number of Nodes:	33
Total number of Limit Nodes:	5

Description:	Adversaries may abuse Windows Management Instrumentation (WMI) to execute malicious commands and payloads. WMI is an administration feature that provides a uniform environment to access Windows system components. The WMI service enables both local and remote access, though the latter is facilitated by Remote Services such as Distributed Component Object Model (DCOM) and Windows Remote Management (WinRM).Remote WMI over DCOM operates using port 135, whereas WMI over WinRM operates over port 5985 when using HTTP and 5986 for HTTPS.
Tactics:	Execution
Data Sources:	Command: Command Execution, Network Traffic: Network Connection Creation, Process: Process Creation, WMI: WMI Creation
Platforms:	Windows
Url:	Open detailed description by Mitre