Source: file.exe, 00000000.00000003.1457042277.0000000005250000.00000004.00000020.00020000.00000000.sdmp, fopholde.exe.2.dr |
String found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0 |
Source: file.exe |
String found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0E |
Source: file.exe, 00000000.00000003.1457042277.0000000005250000.00000004.00000020.00020000.00000000.sdmp, fopholde.exe.2.dr |
String found in binary or memory: http://cacerts.digicert.com/DigiCertSHA2AssuredIDCodeSigningCA.crt0 |
Source: file.exe |
String found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crt0 |
Source: file.exe |
String found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedRootG4.crt0C |
Source: fopholde.exe, 00000004.00000000.1460684596.0000000001262000.00000002.00000001.01000000.00000004.sdmp, fopholde.exe, 00000004.00000002.1485725540.0000000001262000.00000002.00000001.01000000.00000004.sdmp, fopholde.exe.2.dr, ekkmphakhofqv.iiun.0.dr |
String found in binary or memory: http://code.google.com/p/v8/wiki/DebuggerProtocol |
Source: file.exe, 00000000.00000003.1457042277.0000000005250000.00000004.00000020.00020000.00000000.sdmp, fopholde.exe.2.dr |
String found in binary or memory: http://crl.globalsign.com/gs/gstimestampingg2.crl0T |
Source: file.exe, 00000000.00000003.1457042277.0000000005250000.00000004.00000020.00020000.00000000.sdmp, fopholde.exe.2.dr |
String found in binary or memory: http://crl.globalsign.net/root.crl0 |
Source: file.exe |
String found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0 |
Source: file.exe, 00000000.00000003.1457042277.0000000005250000.00000004.00000020.00020000.00000000.sdmp, fopholde.exe.2.dr |
String found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0O |
Source: file.exe |
String found in binary or memory: http://crl3.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crl0 |
Source: file.exe |
String found in binary or memory: http://crl3.digicert.com/DigiCertTrustedRootG4.crl0 |
Source: file.exe, 00000000.00000003.1457042277.0000000005250000.00000004.00000020.00020000.00000000.sdmp, fopholde.exe.2.dr |
String found in binary or memory: http://crl3.digicert.com/sha2-assured-cs-g1.crl05 |
Source: file.exe, 00000000.00000003.1457042277.0000000005250000.00000004.00000020.00020000.00000000.sdmp, fopholde.exe.2.dr |
String found in binary or memory: http://crl4.digicert.com/DigiCertAssuredIDRootCA.crl0: |
Source: file.exe, 00000000.00000003.1457042277.0000000005250000.00000004.00000020.00020000.00000000.sdmp, fopholde.exe.2.dr |
String found in binary or memory: http://crl4.digicert.com/sha2-assured-cs-g1.crl0L |
Source: fopholde.exe, 00000004.00000000.1460684596.0000000001262000.00000002.00000001.01000000.00000004.sdmp, fopholde.exe, 00000004.00000002.1485725540.0000000001262000.00000002.00000001.01000000.00000004.sdmp, fopholde.exe.2.dr, ekkmphakhofqv.iiun.0.dr |
String found in binary or memory: http://daniel.haxx.se/blog/2011/02/21/localhost-hack-on-windows/ |
Source: fopholde.exe, 00000004.00000000.1460684596.0000000001262000.00000002.00000001.01000000.00000004.sdmp, fopholde.exe, 00000004.00000002.1485725540.0000000001262000.00000002.00000001.01000000.00000004.sdmp, fopholde.exe.2.dr, ekkmphakhofqv.iiun.0.dr |
String found in binary or memory: http://foo.com |
Source: fopholde.exe, 00000004.00000000.1460684596.0000000001262000.00000002.00000001.01000000.00000004.sdmp, fopholde.exe, 00000004.00000002.1488521547.0000000027A08000.00000004.00001000.00020000.00000000.sdmp, fopholde.exe, 00000004.00000002.1485725540.0000000001262000.00000002.00000001.01000000.00000004.sdmp, fopholde.exe.2.dr, ekkmphakhofqv.iiun.0.dr |
String found in binary or memory: http://insanecoding.blogspot.com/2007/11/pathmax-simply-isnt.html |
Source: fopholde.exe, 00000004.00000000.1460684596.0000000001262000.00000002.00000001.01000000.00000004.sdmp, fopholde.exe, 00000004.00000002.1485725540.0000000001262000.00000002.00000001.01000000.00000004.sdmp, fopholde.exe.2.dr, ekkmphakhofqv.iiun.0.dr |
String found in binary or memory: http://invisible-island.net/xterm/ctlseqs/ctlseqs.html |
Source: ekkmphakhofqv.iiun.0.dr |
String found in binary or memory: http://mathiasbynens.be/notes/javascript-encoding |
Source: fopholde.exe, 00000004.00000000.1460684596.0000000001262000.00000002.00000001.01000000.00000004.sdmp, fopholde.exe, 00000004.00000002.1485725540.0000000001262000.00000002.00000001.01000000.00000004.sdmp, fopholde.exe.2.dr, ekkmphakhofqv.iiun.0.dr |
String found in binary or memory: http://mths.be/punycode |
Source: fopholde.exe, 00000004.00000000.1460684596.0000000001262000.00000002.00000001.01000000.00000004.sdmp, fopholde.exe, 00000004.00000002.1488521547.0000000027A08000.00000004.00001000.00020000.00000000.sdmp, fopholde.exe, 00000004.00000002.1485725540.0000000001262000.00000002.00000001.01000000.00000004.sdmp, fopholde.exe.2.dr, ekkmphakhofqv.iiun.0.dr |
String found in binary or memory: http://narwhaljs.org) |
Source: fopholde.exe, 00000004.00000000.1460684596.0000000001262000.00000002.00000001.01000000.00000004.sdmp, fopholde.exe, 00000004.00000002.1485725540.0000000001262000.00000002.00000001.01000000.00000004.sdmp, fopholde.exe.2.dr, ekkmphakhofqv.iiun.0.dr |
String found in binary or memory: http://nodejs.org/ |
Source: file.exe |
String found in binary or memory: http://ocsp.digicert.com0A |
Source: file.exe, fopholde.exe.2.dr |
String found in binary or memory: http://ocsp.digicert.com0C |
Source: file.exe, 00000000.00000003.1457042277.0000000005250000.00000004.00000020.00020000.00000000.sdmp, fopholde.exe.2.dr |
String found in binary or memory: http://ocsp.digicert.com0N |
Source: file.exe |
String found in binary or memory: http://ocsp.digicert.com0X |
Source: fopholde.exe, 00000004.00000000.1460684596.0000000001262000.00000002.00000001.01000000.00000004.sdmp, fopholde.exe, 00000004.00000002.1485725540.0000000001262000.00000002.00000001.01000000.00000004.sdmp, fopholde.exe.2.dr, ekkmphakhofqv.iiun.0.dr |
String found in binary or memory: http://pod.tst.eu/http://cvs.schmorp.de/libev/ev.pod#Be_smart_about_timeouts |
Source: file.exe, 00000000.00000003.1457042277.0000000005250000.00000004.00000020.00020000.00000000.sdmp, fopholde.exe.2.dr |
String found in binary or memory: http://secure.globalsign.com/cacert/gstimestampingg2.crt0 |
Source: fopholde.exe, 00000004.00000000.1460684596.0000000001262000.00000002.00000001.01000000.00000004.sdmp, fopholde.exe, 00000004.00000002.1488165504.0000000014208000.00000004.00001000.00020000.00000000.sdmp, fopholde.exe, 00000004.00000002.1485725540.0000000001262000.00000002.00000001.01000000.00000004.sdmp, fopholde.exe.2.dr, ekkmphakhofqv.iiun.0.dr |
String found in binary or memory: http://stackoverflow.com/a/5501711/3561 |
Source: fopholde.exe, 00000004.00000000.1460684596.0000000001262000.00000002.00000001.01000000.00000004.sdmp, fopholde.exe, 00000004.00000002.1485725540.0000000001262000.00000002.00000001.01000000.00000004.sdmp, fopholde.exe.2.dr, ekkmphakhofqv.iiun.0.dr |
String found in binary or memory: http://tools.ietf.org/html/rfc3492#section-3.4 |
Source: fopholde.exe, 00000004.00000000.1460684596.0000000001262000.00000002.00000001.01000000.00000004.sdmp, fopholde.exe, 00000004.00000002.1488521547.0000000027A08000.00000004.00001000.00020000.00000000.sdmp, fopholde.exe, 00000004.00000002.1485725540.0000000001262000.00000002.00000001.01000000.00000004.sdmp, fopholde.exe.2.dr, ekkmphakhofqv.iiun.0.dr |
String found in binary or memory: http://wiki.commonjs.org/wiki/Unit_Testing/1.0 |
Source: fopholde.exe, 00000004.00000000.1460684596.0000000001262000.00000002.00000001.01000000.00000004.sdmp, fopholde.exe, 00000004.00000002.1485725540.0000000001262000.00000002.00000001.01000000.00000004.sdmp, fopholde.exe.2.dr, ekkmphakhofqv.iiun.0.dr |
String found in binary or memory: http://wiki.squid-cache.org/SquidFaq/InnerWorkings#What_is_a_half-closed_filedescriptor.3F |
Source: fopholde.exe, 00000004.00000000.1460684596.0000000001262000.00000002.00000001.01000000.00000004.sdmp, fopholde.exe, 00000004.00000002.1485725540.0000000001262000.00000002.00000001.01000000.00000004.sdmp, fopholde.exe.2.dr, ekkmphakhofqv.iiun.0.dr |
String found in binary or memory: http://www.3waylabs.com/nw/WWW/products/wizcon/vt220.html |
Source: fopholde.exe, 00000004.00000000.1460684596.0000000001262000.00000002.00000001.01000000.00000004.sdmp, fopholde.exe, 00000004.00000002.1485725540.0000000001262000.00000002.00000001.01000000.00000004.sdmp, fopholde.exe.2.dr, ekkmphakhofqv.iiun.0.dr |
String found in binary or memory: http://www.ecma-international.org/publications/standards/Ecma-262.htm) |
Source: fopholde.exe, 00000004.00000000.1460684596.0000000001262000.00000002.00000001.01000000.00000004.sdmp, fopholde.exe, 00000004.00000002.1485725540.0000000001262000.00000002.00000001.01000000.00000004.sdmp, fopholde.exe.2.dr, ekkmphakhofqv.iiun.0.dr |
String found in binary or memory: http://www.midnight-commander.org/browser/lib/tty/key.c |
Source: file.exe, 00000000.00000003.1457042277.0000000005250000.00000004.00000020.00020000.00000000.sdmp, fopholde.exe, 00000004.00000000.1460684596.0000000001262000.00000002.00000001.01000000.00000004.sdmp, fopholde.exe, 00000004.00000002.1485725540.0000000001262000.00000002.00000001.01000000.00000004.sdmp, fopholde.exe.2.dr |
String found in binary or memory: http://www.openssl.org/support/faq.html |
Source: fopholde.exe, 00000004.00000000.1460684596.0000000001262000.00000002.00000001.01000000.00000004.sdmp, fopholde.exe, 00000004.00000002.1485725540.0000000001262000.00000002.00000001.01000000.00000004.sdmp, fopholde.exe.2.dr, ekkmphakhofqv.iiun.0.dr |
String found in binary or memory: http://www.squid-cache.org/Doc/config/half_closed_clients/ |
Source: fopholde.exe, 00000004.00000000.1460684596.0000000001262000.00000002.00000001.01000000.00000004.sdmp, fopholde.exe, 00000004.00000002.1485725540.0000000001262000.00000002.00000001.01000000.00000004.sdmp, fopholde.exe.2.dr, ekkmphakhofqv.iiun.0.dr |
String found in binary or memory: https://code.google.com/p/chromium/issues/detail?id=25916 |
Source: fopholde.exe, 00000004.00000000.1460684596.0000000001262000.00000002.00000001.01000000.00000004.sdmp, fopholde.exe, 00000004.00000002.1488165504.0000000014208000.00000004.00001000.00020000.00000000.sdmp, fopholde.exe, 00000004.00000002.1485725540.0000000001262000.00000002.00000001.01000000.00000004.sdmp, fopholde.exe.2.dr, ekkmphakhofqv.iiun.0.dr |
String found in binary or memory: https://codereview.chromium.org/121173009/ |
Source: fopholde.exe, 00000004.00000000.1460684596.0000000001262000.00000002.00000001.01000000.00000004.sdmp, fopholde.exe, 00000004.00000002.1485725540.0000000001262000.00000002.00000001.01000000.00000004.sdmp, fopholde.exe.2.dr, ekkmphakhofqv.iiun.0.dr |
String found in binary or memory: https://github.com/antirez/linenoise |
Source: fopholde.exe, 00000004.00000000.1460684596.0000000001262000.00000002.00000001.01000000.00000004.sdmp, fopholde.exe, 00000004.00000002.1488521547.0000000027A08000.00000004.00001000.00020000.00000000.sdmp, fopholde.exe, 00000004.00000002.1485725540.0000000001262000.00000002.00000001.01000000.00000004.sdmp, fopholde.exe.2.dr, ekkmphakhofqv.iiun.0.dr |
String found in binary or memory: https://github.com/isaacs/readable-stream/issues/16 |
Source: fopholde.exe, 00000004.00000000.1460684596.0000000001262000.00000002.00000001.01000000.00000004.sdmp, fopholde.exe, 00000004.00000002.1488521547.0000000027A08000.00000004.00001000.00020000.00000000.sdmp, fopholde.exe, 00000004.00000002.1485725540.0000000001262000.00000002.00000001.01000000.00000004.sdmp, fopholde.exe.2.dr, ekkmphakhofqv.iiun.0.dr |
String found in binary or memory: https://github.com/joyent/node/issues/1707 |
Source: fopholde.exe, 00000004.00000000.1460684596.0000000001262000.00000002.00000001.01000000.00000004.sdmp, fopholde.exe, 00000004.00000002.1485725540.0000000001262000.00000002.00000001.01000000.00000004.sdmp, fopholde.exe.2.dr, ekkmphakhofqv.iiun.0.dr |
String found in binary or memory: https://github.com/joyent/node/issues/1726 |
Source: fopholde.exe, 00000004.00000000.1460684596.0000000001262000.00000002.00000001.01000000.00000004.sdmp, fopholde.exe, 00000004.00000002.1485725540.0000000001262000.00000002.00000001.01000000.00000004.sdmp, fopholde.exe.2.dr, ekkmphakhofqv.iiun.0.dr |
String found in binary or memory: https://github.com/joyent/node/issues/2631 |
Source: fopholde.exe, 00000004.00000000.1460684596.0000000001262000.00000002.00000001.01000000.00000004.sdmp, fopholde.exe, 00000004.00000002.1485725540.0000000001262000.00000002.00000001.01000000.00000004.sdmp, fopholde.exe.2.dr, ekkmphakhofqv.iiun.0.dr |
String found in binary or memory: https://github.com/joyent/node/issues/3295. |
Source: fopholde.exe, 00000004.00000000.1460684596.0000000001262000.00000002.00000001.01000000.00000004.sdmp, fopholde.exe, 00000004.00000002.1485725540.0000000001262000.00000002.00000001.01000000.00000004.sdmp, fopholde.exe.2.dr, ekkmphakhofqv.iiun.0.dr |
String found in binary or memory: https://groups.google.com/forum/?pli=1# |
Source: file.exe, 00000000.00000003.1457042277.0000000005250000.00000004.00000020.00020000.00000000.sdmp, fopholde.exe.2.dr |
String found in binary or memory: https://www.digicert.com/CPS0 |
Source: file.exe, 00000000.00000003.1457042277.0000000005250000.00000004.00000020.00020000.00000000.sdmp, fopholde.exe.2.dr |
String found in binary or memory: https://www.globalsign.com/repository/0 |
Source: file.exe, 00000000.00000003.1457042277.0000000005250000.00000004.00000020.00020000.00000000.sdmp, fopholde.exe.2.dr |
String found in binary or memory: https://www.globalsign.com/repository/03 |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_00D53D86 |
0_2_00D53D86 |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_00D538C7 |
0_2_00D538C7 |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_00D55F17 |
0_2_00D55F17 |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Code function: 4_2_00FAF450 |
4_2_00FAF450 |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Code function: 4_2_0103FF30 |
4_2_0103FF30 |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Code function: 4_2_0125513D |
4_2_0125513D |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Code function: 4_2_00F501D0 |
4_2_00F501D0 |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Code function: 4_2_011D00A0 |
4_2_011D00A0 |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Code function: 4_2_0106B300 |
4_2_0106B300 |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Code function: 4_2_011CF300 |
4_2_011CF300 |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Code function: 4_2_010B3240 |
4_2_010B3240 |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Code function: 4_2_011DAAB0 |
4_2_011DAAB0 |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Code function: 4_2_0111EAC0 |
4_2_0111EAC0 |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Code function: 4_2_01123C10 |
4_2_01123C10 |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Code function: 4_2_01247C3B |
4_2_01247C3B |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Code function: 4_2_0103F710 |
4_2_0103F710 |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Code function: 4_2_011DA7E0 |
4_2_011DA7E0 |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Code function: 4_2_00F6B750 |
4_2_00F6B750 |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Code function: 4_2_0660EE29 |
4_2_0660EE29 |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Code function: 4_2_0660B607 |
4_2_0660B607 |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Code function: 4_2_0660BE1F |
4_2_0660BE1F |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Code function: 4_2_0660CF3F |
4_2_0660CF3F |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Code function: 4_2_0660C707 |
4_2_0660C707 |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Code function: 4_2_066137BB |
4_2_066137BB |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Code function: 4_2_06637422 |
4_2_06637422 |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Code function: 4_2_0660CCC5 |
4_2_0660CCC5 |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Code function: 4_2_0660D4DF |
4_2_0660D4DF |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Code function: 4_2_06613545 |
4_2_06613545 |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Code function: 4_2_0660DD01 |
4_2_0660DD01 |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Code function: 4_2_0660E5E6 |
4_2_0660E5E6 |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Code function: 4_2_0660A5C6 |
4_2_0660A5C6 |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Code function: 4_2_0660ADDF |
4_2_0660ADDF |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Code function: 4_2_0660D267 |
4_2_0660D267 |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Code function: 4_2_0660E2BC |
4_2_0660E2BC |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Code function: 4_2_0660DA82 |
4_2_0660DA82 |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Code function: 4_2_0660AB65 |
4_2_0660AB65 |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Code function: 4_2_0660C3C9 |
4_2_0660C3C9 |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Code function: 4_2_0660BBA2 |
4_2_0660BBA2 |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Code function: 4_2_0660EBA7 |
4_2_0660EBA7 |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Code function: 4_2_0660E866 |
4_2_0660E866 |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Code function: 4_2_0660B87F |
4_2_0660B87F |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Code function: 4_2_0660E044 |
4_2_0660E044 |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Code function: 4_2_0660A838 |
4_2_0660A838 |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Code function: 4_2_0660C147 |
4_2_0660C147 |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Code function: 4_2_0660C98D |
4_2_0660C98D |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Code function: 4_2_2F813E66 |
4_2_2F813E66 |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Code function: 4_2_2F8140DC |
4_2_2F8140DC |
Source: C:\Users\user\Desktop\file.exe |
Section loaded: apphelp.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\file.exe |
Section loaded: aclayers.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\file.exe |
Section loaded: mpr.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\file.exe |
Section loaded: sfc.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\file.exe |
Section loaded: sfc_os.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\file.exe |
Section loaded: cabinet.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\file.exe |
Section loaded: version.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\file.exe |
Section loaded: feclient.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\file.exe |
Section loaded: iertutil.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\file.exe |
Section loaded: advpack.dll |
Jump to behavior |
Source: C:\Windows\SysWOW64\cmd.exe |
Section loaded: apphelp.dll |
Jump to behavior |
Source: C:\Windows\SysWOW64\cmd.exe |
Section loaded: aclayers.dll |
Jump to behavior |
Source: C:\Windows\SysWOW64\cmd.exe |
Section loaded: mpr.dll |
Jump to behavior |
Source: C:\Windows\SysWOW64\cmd.exe |
Section loaded: sfc.dll |
Jump to behavior |
Source: C:\Windows\SysWOW64\cmd.exe |
Section loaded: sfc_os.dll |
Jump to behavior |
Source: C:\Windows\SysWOW64\cmd.exe |
Section loaded: cmdext.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Section loaded: apphelp.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Section loaded: aclayers.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Section loaded: mpr.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Section loaded: sfc.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Section loaded: sfc_os.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Section loaded: winmm.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Section loaded: iphlpapi.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Section loaded: mswsock.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Section loaded: cryptbase.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Section loaded: dhcpcsvc6.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Section loaded: dhcpcsvc.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Section loaded: dnsapi.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Section loaded: napinsp.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Section loaded: pnrpnsp.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Section loaded: wshbth.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Section loaded: nlaapi.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Section loaded: winrnr.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Section loaded: netapi32.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Section loaded: netutils.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Section loaded: wkscli.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Section loaded: srvcli.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Section loaded: cryptsp.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Section loaded: rsaenh.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Section loaded: perfos.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Code function: 4_2_0104A1B0 uv_pipe_bind,WaitNamedPipeW,WaitNamedPipeW,GetLastError,GetLastError,GetLastError,PostQueuedCompletionStatus,GetLastError,uv_pipe_connect,GetLastError,WaitNamedPipeW,MultiByteToWideChar, |
4_2_0104A1B0 |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Code function: 4_2_010509D0 uv_udp_set_ttl,uv_udp_bind,setsockopt,WSAGetLastError, |
4_2_010509D0 |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Code function: 4_2_0106A1F0 ?SetDebugEventListener2@Debug@v8@@SA_NP6AXABVEventDetails@12@@ZV?$Handle@VValue@v8@@@2@@Z, |
4_2_0106A1F0 |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Code function: 4_2_0106A040 ?SetDebugEventListener@Debug@v8@@SA_NP6AXW4DebugEvent@2@V?$Handle@VObject@v8@@@2@1V?$Handle@VValue@v8@@@2@@Z2@Z, |
4_2_0106A040 |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Code function: 4_2_01050890 uv_udp_set_broadcast,uv_udp_bind,setsockopt,WSAGetLastError, |
4_2_01050890 |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Code function: 4_2_01050300 uv_udp_bind6, |
4_2_01050300 |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Code function: 4_2_01050B30 uv_udp_set_multicast_loop,uv_udp_bind,setsockopt,WSAGetLastError, |
4_2_01050B30 |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Code function: 4_2_01068370 ?AddMessageListener@V8@v8@@SA_NP6AXV?$Handle@VMessage@v8@@@2@V?$Handle@VValue@v8@@@2@@Z1@Z, |
4_2_01068370 |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Code function: 4_2_0106A3A0 ?SetDebugEventListener@Debug@v8@@SA_NV?$Handle@VObject@v8@@@2@V?$Handle@VValue@v8@@@2@@Z, |
4_2_0106A3A0 |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Code function: 4_2_010493C0 uv_listen, |
4_2_010493C0 |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Code function: 4_2_0104FBE0 socket,closesocket,setsockopt,bind,WSAGetLastError, |
4_2_0104FBE0 |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Code function: 4_2_01050260 uv_udp_bind, |
4_2_01050260 |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Code function: 4_2_01050A80 uv_udp_set_multicast_ttl,uv_udp_bind,setsockopt,WSAGetLastError, |
4_2_01050A80 |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Code function: 4_2_0104E2C0 uv_tcp_bind,GetLastError,WSAGetLastError, |
4_2_0104E2C0 |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Code function: 4_2_0104E510 uv_tcp_bind6,GetLastError,WSAGetLastError, |
4_2_0104E510 |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Code function: 4_2_01068540 ?RemoveMessageListeners@V8@v8@@SAXP6AXV?$Handle@VMessage@v8@@@2@V?$Handle@VValue@v8@@@2@@Z@Z, |
4_2_01068540 |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Code function: 4_2_0103BDB0 uv_tcp_bind, |
4_2_0103BDB0 |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Code function: 4_2_0104FCD0 socket,WSAGetLastError,closesocket,setsockopt,bind, |
4_2_0104FCD0 |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Code function: 4_2_0103BF40 uv_udp_bind6, |
4_2_0103BF40 |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Code function: 4_2_0104FF40 uv_udp_bind, |
4_2_0104FF40 |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Code function: 4_2_01050790 uv_udp_set_membership,uv_udp_bind,inet_addr,inet_addr,htonl,inet_addr,setsockopt,WSAGetLastError, |
4_2_01050790 |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Code function: 4_2_0103BE30 uv_tcp_bind6, |
4_2_0103BE30 |
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\fopholde.exe |
Code function: 4_2_0103BEC0 uv_udp_bind, |
4_2_0103BEC0 |