| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Directory created: C:\Program Files\LimagitoX File Mover |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Directory created: C:\Program Files\LimagitoX File Mover\unins000.dat |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Directory created: C:\Program Files\LimagitoX File Mover\is-T3LL6.tmp |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Directory created: C:\Program Files\LimagitoX File Mover\is-N1RJR.tmp |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Directory created: C:\Program Files\LimagitoX File Mover\is-90QTD.tmp |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Directory created: C:\Program Files\LimagitoX File Mover\is-9S6UH.tmp |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Directory created: C:\Program Files\LimagitoX File Mover\is-60OQA.tmp |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Directory created: C:\Program Files\LimagitoX File Mover\is-Q06KG.tmp |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Directory created: C:\Program Files\LimagitoX File Mover\is-4UBD0.tmp |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Directory created: C:\Program Files\LimagitoX File Mover\is-JUPDN.tmp |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Directory created: C:\Program Files\LimagitoX File Mover\is-61TCG.tmp |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Directory created: C:\Program Files\LimagitoX File Mover\is-GPEEL.tmp |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Directory created: C:\Program Files\LimagitoX File Mover\is-16U2M.tmp |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Directory created: C:\Program Files\LimagitoX File Mover\is-GINL4.tmp |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Directory created: C:\Program Files\LimagitoX File Mover\is-DDOOI.tmp |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Directory created: C:\Program Files\LimagitoX File Mover\is-A4CDV.tmp |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Directory created: C:\Program Files\LimagitoX File Mover\is-EETEA.tmp |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Directory created: C:\Program Files\LimagitoX File Mover\is-403QA.tmp |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Directory created: C:\Program Files\LimagitoX File Mover\is-EN29E.tmp |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Directory created: C:\Program Files\LimagitoX File Mover\is-59RLE.tmp |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Directory created: C:\Program Files\LimagitoX File Mover\is-0G7IL.tmp |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Directory created: C:\Program Files\LimagitoX File Mover\is-HHQ3U.tmp |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Directory created: C:\Program Files\LimagitoX File Mover\is-MUG6F.tmp |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Directory created: C:\Program Files\LimagitoX File Mover\is-JDBOV.tmp |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Directory created: C:\Program Files\LimagitoX File Mover\is-4RT0N.tmp |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Directory created: C:\Program Files\LimagitoX File Mover\is-ICVVQ.tmp |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Directory created: C:\Program Files\LimagitoX File Mover\is-ECMKE.tmp |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Directory created: C:\Program Files\LimagitoX File Mover\is-8VMPU.tmp |
Jump to behavior |
| Source: is-EN29E.tmp.2.dr |
String found in binary or memory: http://cknotes.com/chilkat-charsets-character-encodings-supported/. |
| Source: is-GINL4.tmp.2.dr |
String found in binary or memory: http://crl.comodoca.com/AAACertificateServices.crl04 |
| Source: is-GINL4.tmp.2.dr |
String found in binary or memory: http://crl.sectigo.com/SectigoRSACodeSigningCA.crl0s |
| Source: is-GINL4.tmp.2.dr |
String found in binary or memory: http://crl.sectigo.com/SectigoRSATimeStampingCA.crl0t |
| Source: is-GINL4.tmp.2.dr |
String found in binary or memory: http://crt.sectigo.com/SectigoRSACodeSigningCA.crt0# |
| Source: is-GINL4.tmp.2.dr |
String found in binary or memory: http://crt.sectigo.com/SectigoRSATimeStampingCA.crt0# |
| Source: is-HHQ3U.tmp.2.dr |
String found in binary or memory: http://limagito.com/file-mover-downloads/) |
| Source: is-GINL4.tmp.2.dr |
String found in binary or memory: http://ocsp.comodoca.com0 |
| Source: is-GINL4.tmp.2.dr |
String found in binary or memory: http://ocsp.sectigo.com0 |
| Source: FMSoft_uniGUI_runtime.exe, 00000007.00000003.2482792717.00000000023D0000.00000004.00001000.00020000.00000000.sdmp, FMSoft_uniGUI_runtime.exe, 00000007.00000002.3246726029.000000000221F000.00000004.00001000.00020000.00000000.sdmp, FMSoft_uniGUI_runtime.tmp, 00000008.00000002.3249280063.00000000023D8000.00000004.00001000.00020000.00000000.sdmp, FMSoft_uniGUI_runtime.tmp, 00000008.00000002.3246836581.00000000006AE000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: http://pngdelphi.sourceforge.net |
| Source: FMSoft_uniGUI_runtime.exe, 00000007.00000003.2482792717.00000000023D0000.00000004.00001000.00020000.00000000.sdmp, FMSoft_uniGUI_runtime.exe, 00000007.00000002.3246726029.000000000221F000.00000004.00001000.00020000.00000000.sdmp, FMSoft_uniGUI_runtime.tmp, 00000008.00000002.3249280063.00000000023D8000.00000004.00001000.00020000.00000000.sdmp, FMSoft_uniGUI_runtime.tmp, 00000008.00000002.3246836581.00000000006AE000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: http://synedit.sourceforge.net |
| Source: is-GINL4.tmp.2.dr |
String found in binary or memory: http://www.ImageEn.com0 |
| Source: FMSoft_uniGUI_runtime.exe, 00000007.00000003.2482792717.00000000023D0000.00000004.00001000.00020000.00000000.sdmp, FMSoft_uniGUI_runtime.exe, 00000007.00000002.3246726029.000000000221F000.00000004.00001000.00020000.00000000.sdmp, FMSoft_uniGUI_runtime.tmp, 00000008.00000002.3246836581.00000000006C4000.00000004.00000020.00020000.00000000.sdmp, FMSoft_uniGUI_runtime.tmp, 00000008.00000002.3249280063.00000000023D8000.00000004.00001000.00020000.00000000.sdmp, FMSoft_uniGUI_runtime.tmp, 00000008.00000002.3246836581.00000000006AE000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: http://www.IndyProject.org/ |
| Source: FMSoft_uniGUI_runtime.tmp, 00000008.00000002.3264763449.0000000007EF7000.00000004.00001000.00020000.00000000.sdmp |
String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0 |
| Source: FMSoft_uniGUI_runtime.tmp, 00000008.00000002.3264763449.0000000007EF7000.00000004.00001000.00020000.00000000.sdmp |
String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0Digitized |
| Source: FMSoft_uniGUI_runtime.tmp, 00000008.00000002.3264763449.0000000007EF7000.00000004.00001000.00020000.00000000.sdmp |
String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0RobotoLight |
| Source: FMSoft_uniGUI_runtime.tmp, 00000008.00000002.3264763449.0000000007EF7000.00000004.00001000.00020000.00000000.sdmp |
String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0RobotoMedium |
| Source: FMSoft_uniGUI_runtime.tmp, 00000008.00000002.3264763449.0000000007EF7000.00000004.00001000.00020000.00000000.sdmp |
String found in binary or memory: http://www.ascendercorp.com/http://www.ascendercorp.com/typedesigners.htmlLicensed |
| Source: is-EN29E.tmp.2.dr |
String found in binary or memory: http://www.delphibasics.co.uk |
| Source: FMSoft_uniGUI_runtime.exe, 00000007.00000003.2482792717.00000000023D0000.00000004.00001000.00020000.00000000.sdmp, FMSoft_uniGUI_runtime.exe, 00000007.00000002.3246726029.000000000221F000.00000004.00001000.00020000.00000000.sdmp, FMSoft_uniGUI_runtime.tmp, 00000008.00000002.3249280063.00000000023D8000.00000004.00001000.00020000.00000000.sdmp, FMSoft_uniGUI_runtime.tmp, 00000008.00000002.3246836581.00000000006AE000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: http://www.indyproject.org/License/BSD.EN.aspx |
| Source: FMSoft_uniGUI_runtime.exe, 00000007.00000003.2484043196.000000007FCE0000.00000004.00001000.00020000.00000000.sdmp, FMSoft_uniGUI_runtime.exe, 00000007.00000003.2483425940.00000000023D0000.00000004.00001000.00020000.00000000.sdmp, FMSoft_uniGUI_runtime.tmp, 00000008.00000000.2485172609.0000000000401000.00000020.00000001.01000000.0000000A.sdmp, FMSoft_uniGUI_runtime.tmp.7.dr |
String found in binary or memory: http://www.innosetup.com/ |
| Source: FMSoft_uniGUI_runtime.exe, 00000007.00000000.2482118134.0000000000401000.00000020.00000001.01000000.00000009.sdmp, is-PVQ3N.tmp.2.dr |
String found in binary or memory: http://www.jrsoftware.org/ishelp/index.php?topic=setupcmdlineSetupU |
| Source: FMSoft_uniGUI_runtime.tmp, 00000008.00000002.3264763449.0000000006E40000.00000004.00001000.00020000.00000000.sdmp |
String found in binary or memory: http://www.mindworkshop.com |
| Source: FMSoft_uniGUI_runtime.exe, 00000007.00000003.2484043196.000000007FCE0000.00000004.00001000.00020000.00000000.sdmp, FMSoft_uniGUI_runtime.exe, 00000007.00000003.2483425940.00000000023D0000.00000004.00001000.00020000.00000000.sdmp, FMSoft_uniGUI_runtime.tmp, 00000008.00000000.2485172609.0000000000401000.00000020.00000001.01000000.0000000A.sdmp, FMSoft_uniGUI_runtime.tmp.7.dr |
String found in binary or memory: http://www.remobjects.com/ps |
| Source: FMSoft_uniGUI_runtime.tmp, 00000008.00000002.3264763449.0000000006710000.00000004.00001000.00020000.00000000.sdmp |
String found in binary or memory: http://www.sencha.com/ |
| Source: FMSoft_uniGUI_runtime.tmp, 00000008.00000002.3264763449.0000000006710000.00000004.00001000.00020000.00000000.sdmp |
String found in binary or memory: http://www.sencha.com/contact |
| Source: FMSoft_uniGUI_runtime.tmp, 00000008.00000002.3264763449.0000000006710000.00000004.00001000.00020000.00000000.sdmp |
String found in binary or memory: http://www.sencha.com/contact. |
| Source: FMSoft_uniGUI_runtime.tmp, 00000008.00000002.3264763449.0000000006710000.00000004.00001000.00020000.00000000.sdmp |
String found in binary or memory: http://www.sencha.com/legal/sencha-software-license-agreement |
| Source: FMSoft_uniGUI_runtime.exe, 00000007.00000003.2482792717.00000000023D0000.00000004.00001000.00020000.00000000.sdmp, FMSoft_uniGUI_runtime.exe, 00000007.00000002.3246726029.000000000221F000.00000004.00001000.00020000.00000000.sdmp, FMSoft_uniGUI_runtime.tmp, 00000008.00000002.3249280063.00000000023D8000.00000004.00001000.00020000.00000000.sdmp, FMSoft_uniGUI_runtime.tmp, 00000008.00000002.3246836581.00000000006AE000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: http://www.tmedia.de |
| Source: FMSoft_uniGUI_runtime.exe, 00000007.00000003.2482792717.00000000023D0000.00000004.00001000.00020000.00000000.sdmp, FMSoft_uniGUI_runtime.tmp, 00000008.00000002.3249280063.000000000246A000.00000004.00001000.00020000.00000000.sdmp |
String found in binary or memory: http://www.unigui.com/ |
| Source: FMSoft_uniGUI_runtime.exe, 00000007.00000003.2482792717.00000000023D0000.00000004.00001000.00020000.00000000.sdmp |
String found in binary or memory: http://www.unigui.com/( |
| Source: FMSoft_uniGUI_runtime.tmp, 00000008.00000002.3264763449.00000000079C4000.00000004.00001000.00020000.00000000.sdmp |
String found in binary or memory: https://fontawesome.com |
| Source: FMSoft_uniGUI_runtime.tmp, 00000008.00000002.3264763449.0000000007EF7000.00000004.00001000.00020000.00000000.sdmp, FMSoft_uniGUI_runtime.tmp, 00000008.00000002.3264763449.00000000079C4000.00000004.00001000.00020000.00000000.sdmp |
String found in binary or memory: https://fontawesome.com/license/free |
| Source: FMSoft_uniGUI_runtime.tmp, 00000008.00000002.3264763449.00000000079C4000.00000004.00001000.00020000.00000000.sdmp |
String found in binary or memory: https://fontawesome.comhttps://fontawesome.comFont |
| Source: FMSoft_uniGUI_runtime.exe, 00000007.00000003.2482792717.00000000023D0000.00000004.00001000.00020000.00000000.sdmp, FMSoft_uniGUI_runtime.exe, 00000007.00000002.3246726029.000000000221F000.00000004.00001000.00020000.00000000.sdmp, FMSoft_uniGUI_runtime.tmp, 00000008.00000002.3249280063.00000000023D8000.00000004.00001000.00020000.00000000.sdmp, FMSoft_uniGUI_runtime.tmp, 00000008.00000002.3246836581.00000000006AE000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://github.com/MahdiSafsafi/delphi-detours-library |
| Source: FMSoft_uniGUI_runtime.tmp, 00000008.00000002.3264763449.0000000007EF7000.00000004.00001000.00020000.00000000.sdmp, FMSoft_uniGUI_runtime.tmp, 00000008.00000002.3264763449.00000000079C4000.00000004.00001000.00020000.00000000.sdmp, FMSoft_uniGUI_runtime.tmp, 00000008.00000002.3264763449.00000000073F4000.00000004.00001000.00020000.00000000.sdmp, FMSoft_uniGUI_runtime.tmp, 00000008.00000002.3264763449.0000000006710000.00000004.00001000.00020000.00000000.sdmp, FMSoft_uniGUI_runtime.tmp, 00000008.00000002.3264763449.0000000006E40000.00000004.00001000.00020000.00000000.sdmp |
String found in binary or memory: https://icomoon.io/app |
| Source: setup.limagitox.x64.snap (1).exe |
String found in binary or memory: https://jrsoftware.org/ishelp/index.php?topic=setupcmdlineSetupU |
| Source: is-HHQ3U.tmp.2.dr |
String found in binary or memory: https://limagito.com/file-mover-downloads/) |
| Source: is-GINL4.tmp.2.dr |
String found in binary or memory: https://sectigo.com/CPS0 |
| Source: is-9S6UH.tmp.2.dr |
String found in binary or memory: https://www.eurekalog.com/support.php?department= |
| Source: setup.limagitox.x64.snap (1).exe, 00000000.00000003.1990860244.0000000002700000.00000004.00001000.00020000.00000000.sdmp, setup.limagitox.x64.snap (1).exe, 00000000.00000003.1991253077.000000007FB40000.00000004.00001000.00020000.00000000.sdmp, setup.limagitox.x64.snap (1).tmp, 00000002.00000000.1992936640.0000000000401000.00000020.00000001.01000000.00000004.sdmp |
String found in binary or memory: https://www.innosetup.com/ |
| Source: setup.limagitox.x64.snap (1).exe, 00000000.00000003.1990860244.0000000002700000.00000004.00001000.00020000.00000000.sdmp, setup.limagitox.x64.snap (1).exe, 00000000.00000003.1991253077.000000007FB40000.00000004.00001000.00020000.00000000.sdmp, setup.limagitox.x64.snap (1).tmp, 00000002.00000000.1992936640.0000000000401000.00000020.00000001.01000000.00000004.sdmp |
String found in binary or memory: https://www.remobjects.com/ps |
| Source: setup.limagitox.x64.snap (1).exe, 00000000.00000003.1990860244.00000000027F8000.00000004.00001000.00020000.00000000.sdmp |
Binary or memory string: OriginalFileName vs setup.limagitox.x64.snap (1).exe |
| Source: setup.limagitox.x64.snap (1).exe, 00000000.00000002.3246871457.0000000000BD8000.00000004.00001000.00020000.00000000.sdmp |
Binary or memory string: OriginalFilenamekernel32j% vs setup.limagitox.x64.snap (1).exe |
| Source: setup.limagitox.x64.snap (1).exe, 00000000.00000000.1989358182.00000000004C6000.00000002.00000001.01000000.00000003.sdmp |
Binary or memory string: OriginalFileName vs setup.limagitox.x64.snap (1).exe |
| Source: setup.limagitox.x64.snap (1).exe, 00000000.00000003.1991253077.000000007FE35000.00000004.00001000.00020000.00000000.sdmp |
Binary or memory string: OriginalFileName vs setup.limagitox.x64.snap (1).exe |
| Source: setup.limagitox.x64.snap (1).exe |
Binary or memory string: OriginalFileName vs setup.limagitox.x64.snap (1).exe |
| Source: setup.limagitox.x64.snap (1).tmp.0.dr |
Static PE information: Resource name: RT_RCDATA type: PE32+ executable (console) x86-64, for MS Windows |
| Source: is-T3LL6.tmp.2.dr |
Static PE information: Resource name: RT_RCDATA type: PE32+ executable (console) x86-64, for MS Windows |
| Source: is-N1RJR.tmp.2.dr |
Static PE information: Resource name: RT_RCDATA type: Zip archive data, at least v2.0 to extract, compression method=deflate |
| Source: is-N1RJR.tmp.2.dr |
Static PE information: Resource name: RT_RCDATA type: Zip archive data, at least v2.0 to extract, compression method=deflate |
| Source: is-90QTD.tmp.2.dr |
Static PE information: Resource name: RT_RCDATA type: Zip archive data, at least v2.0 to extract, compression method=deflate |
| Source: is-90QTD.tmp.2.dr |
Static PE information: Resource name: RT_RCDATA type: Zip archive data, at least v2.0 to extract, compression method=deflate |
| Source: FMSoft_uniGUI_runtime.tmp.7.dr |
Static PE information: Resource name: RT_RCDATA type: PE32+ executable (console) x86-64, for MS Windows |
| Source: FMSoft_uniGUI_runtime.tmp.7.dr |
Static PE information: Resource name: RT_RCDATA type: PE32 executable (DLL) (GUI) Intel 80386 (stripped to external PDB), for MS Windows |
| Source: unknown |
Process created: C:\Users\user\Desktop\setup.limagitox.x64.snap (1).exe C:\Users\user\Desktop\setup.limagitox.x64.snap (1).exe |
|
| Source: C:\Users\user\Desktop\setup.limagitox.x64.snap (1).exe |
Process created: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp "C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp" /SL5="$10486,95606558,832512,C:\Users\user\Desktop\setup.limagitox.x64.snap (1).exe" |
|
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Process created: C:\Users\user\AppData\Local\Temp\is-0CRSG.tmp\_isetup\_setup64.tmp helper 105 0x460 |
|
| Source: C:\Users\user\AppData\Local\Temp\is-0CRSG.tmp\_isetup\_setup64.tmp |
Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 |
|
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Process created: C:\ProgramData\LimagitoX\ExtJS\FMSoft_uniGUI_runtime.exe C:\ProgramData\LimagitoX\ExtJS\FMSoft_uniGUI_runtime.exe |
|
| Source: C:\ProgramData\LimagitoX\ExtJS\FMSoft_uniGUI_runtime.exe |
Process created: C:\Users\user\AppData\Local\Temp\is-EC44H.tmp\FMSoft_uniGUI_runtime.tmp "C:\Users\user\AppData\Local\Temp\is-EC44H.tmp\FMSoft_uniGUI_runtime.tmp" /SL5="$60086,8323918,421376,C:\ProgramData\LimagitoX\ExtJS\FMSoft_uniGUI_runtime.exe" |
|
| Source: C:\Users\user\Desktop\setup.limagitox.x64.snap (1).exe |
Process created: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp "C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp" /SL5="$10486,95606558,832512,C:\Users\user\Desktop\setup.limagitox.x64.snap (1).exe" |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Process created: C:\Users\user\AppData\Local\Temp\is-0CRSG.tmp\_isetup\_setup64.tmp helper 105 0x460 |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Process created: C:\ProgramData\LimagitoX\ExtJS\FMSoft_uniGUI_runtime.exe C:\ProgramData\LimagitoX\ExtJS\FMSoft_uniGUI_runtime.exe |
Jump to behavior |
| Source: C:\ProgramData\LimagitoX\ExtJS\FMSoft_uniGUI_runtime.exe |
Process created: C:\Users\user\AppData\Local\Temp\is-EC44H.tmp\FMSoft_uniGUI_runtime.tmp "C:\Users\user\AppData\Local\Temp\is-EC44H.tmp\FMSoft_uniGUI_runtime.tmp" /SL5="$60086,8323918,421376,C:\ProgramData\LimagitoX\ExtJS\FMSoft_uniGUI_runtime.exe" |
Jump to behavior |
| Source: LimagitoX File Mover Remote.lnk.2.dr |
LNK file: ..\..\..\..\..\..\Program Files\LimagitoX File Mover\LimagitoXR.exe |
| Source: LimagitoX File Mover Config.lnk.2.dr |
LNK file: ..\..\..\..\..\..\Program Files\LimagitoX File Mover\LimagitoXC.exe |
| Source: Intro pdf.lnk.2.dr |
LNK file: ..\..\..\..\..\..\Program Files\LimagitoX File Mover\IntroXFM.pdf |
| Source: Installation pdf.lnk.2.dr |
LNK file: ..\..\..\..\..\..\Program Files\LimagitoX File Mover\InstallationXFM.pdf |
| Source: Help pdf.lnk.2.dr |
LNK file: ..\..\..\..\..\..\Program Files\LimagitoX File Mover\Help.pdf |
| Source: Uninstall LimagitoX File Mover (x64).lnk.2.dr |
LNK file: ..\..\..\..\..\..\Program Files\LimagitoX File Mover\unins000.exe |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Automated click: Next |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Automated click: I accept the agreement |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Automated click: Next |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Automated click: Next |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Automated click: I accept the agreement |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Automated click: Next |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Automated click: Next |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Automated click: I accept the agreement |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Automated click: Next |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Automated click: I accept the agreement |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Automated click: Install |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Automated click: I accept the agreement |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Automated click: Next |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Automated click: I accept the agreement |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Automated click: Next |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Automated click: I accept the agreement |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Automated click: Next |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Automated click: I accept the agreement |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Automated click: Next |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Automated click: I accept the agreement |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Automated click: Next |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Automated click: I accept the agreement |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Automated click: Next |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Automated click: I accept the agreement |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Automated click: Next |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Automated click: I accept the agreement |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Automated click: Next |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Automated click: I accept the agreement |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Automated click: Next |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Automated click: I accept the agreement |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Automated click: Next |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Automated click: I accept the agreement |
| Source: C:\Users\user\AppData\Local\Temp\is-EC44H.tmp\FMSoft_uniGUI_runtime.tmp |
Automated click: Next > |
| Source: C:\Users\user\AppData\Local\Temp\is-EC44H.tmp\FMSoft_uniGUI_runtime.tmp |
Automated click: I accept the agreement |
| Source: C:\Users\user\AppData\Local\Temp\is-EC44H.tmp\FMSoft_uniGUI_runtime.tmp |
Automated click: Next > |
| Source: C:\Users\user\AppData\Local\Temp\is-EC44H.tmp\FMSoft_uniGUI_runtime.tmp |
Automated click: Next > |
| Source: C:\Users\user\AppData\Local\Temp\is-EC44H.tmp\FMSoft_uniGUI_runtime.tmp |
Automated click: I accept the agreement |
| Source: C:\Users\user\AppData\Local\Temp\is-EC44H.tmp\FMSoft_uniGUI_runtime.tmp |
Automated click: Install |
| Source: C:\Users\user\AppData\Local\Temp\is-EC44H.tmp\FMSoft_uniGUI_runtime.tmp |
Automated click: I accept the agreement |
| Source: C:\Users\user\AppData\Local\Temp\is-EC44H.tmp\FMSoft_uniGUI_runtime.tmp |
Automated click: Next > |
| Source: C:\Users\user\AppData\Local\Temp\is-EC44H.tmp\FMSoft_uniGUI_runtime.tmp |
Automated click: I accept the agreement |
| Source: C:\Users\user\AppData\Local\Temp\is-EC44H.tmp\FMSoft_uniGUI_runtime.tmp |
Automated click: Next > |
| Source: C:\Users\user\AppData\Local\Temp\is-EC44H.tmp\FMSoft_uniGUI_runtime.tmp |
Automated click: I accept the agreement |
| Source: C:\Users\user\AppData\Local\Temp\is-EC44H.tmp\FMSoft_uniGUI_runtime.tmp |
Automated click: Next > |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Directory created: C:\Program Files\LimagitoX File Mover |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Directory created: C:\Program Files\LimagitoX File Mover\unins000.dat |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Directory created: C:\Program Files\LimagitoX File Mover\is-T3LL6.tmp |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Directory created: C:\Program Files\LimagitoX File Mover\is-N1RJR.tmp |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Directory created: C:\Program Files\LimagitoX File Mover\is-90QTD.tmp |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Directory created: C:\Program Files\LimagitoX File Mover\is-9S6UH.tmp |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Directory created: C:\Program Files\LimagitoX File Mover\is-60OQA.tmp |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Directory created: C:\Program Files\LimagitoX File Mover\is-Q06KG.tmp |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Directory created: C:\Program Files\LimagitoX File Mover\is-4UBD0.tmp |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Directory created: C:\Program Files\LimagitoX File Mover\is-JUPDN.tmp |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Directory created: C:\Program Files\LimagitoX File Mover\is-61TCG.tmp |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Directory created: C:\Program Files\LimagitoX File Mover\is-GPEEL.tmp |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Directory created: C:\Program Files\LimagitoX File Mover\is-16U2M.tmp |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Directory created: C:\Program Files\LimagitoX File Mover\is-GINL4.tmp |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Directory created: C:\Program Files\LimagitoX File Mover\is-DDOOI.tmp |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Directory created: C:\Program Files\LimagitoX File Mover\is-A4CDV.tmp |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Directory created: C:\Program Files\LimagitoX File Mover\is-EETEA.tmp |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Directory created: C:\Program Files\LimagitoX File Mover\is-403QA.tmp |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Directory created: C:\Program Files\LimagitoX File Mover\is-EN29E.tmp |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Directory created: C:\Program Files\LimagitoX File Mover\is-59RLE.tmp |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Directory created: C:\Program Files\LimagitoX File Mover\is-0G7IL.tmp |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Directory created: C:\Program Files\LimagitoX File Mover\is-HHQ3U.tmp |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Directory created: C:\Program Files\LimagitoX File Mover\is-MUG6F.tmp |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Directory created: C:\Program Files\LimagitoX File Mover\is-JDBOV.tmp |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Directory created: C:\Program Files\LimagitoX File Mover\is-4RT0N.tmp |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Directory created: C:\Program Files\LimagitoX File Mover\is-ICVVQ.tmp |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Directory created: C:\Program Files\LimagitoX File Mover\is-ECMKE.tmp |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Directory created: C:\Program Files\LimagitoX File Mover\is-8VMPU.tmp |
Jump to behavior |
| Source: setup.limagitox.x64.snap (1).exe |
Static PE information: section name: .didata |
| Source: setup.limagitox.x64.snap (1).tmp.0.dr |
Static PE information: section name: .didata |
| Source: is-T3LL6.tmp.2.dr |
Static PE information: section name: .didata |
| Source: is-N1RJR.tmp.2.dr |
Static PE information: section name: .didata |
| Source: is-90QTD.tmp.2.dr |
Static PE information: section name: .didata |
| Source: is-9S6UH.tmp.2.dr |
Static PE information: section name: .didata |
| Source: is-60OQA.tmp.2.dr |
Static PE information: section name: .didata |
| Source: is-Q06KG.tmp.2.dr |
Static PE information: section name: .didata |
| Source: is-4UBD0.tmp.2.dr |
Static PE information: section name: .rodata |
| Source: is-4UBD0.tmp.2.dr |
Static PE information: section name: .xdata |
| Source: is-16U2M.tmp.2.dr |
Static PE information: section name: .00cfg |
| Source: is-16U2M.tmp.2.dr |
Static PE information: section name: .gxfg |
| Source: is-16U2M.tmp.2.dr |
Static PE information: section name: .retplne |
| Source: is-16U2M.tmp.2.dr |
Static PE information: section name: _RDATA |
| Source: is-16U2M.tmp.2.dr |
Static PE information: section name: malloc_h |
| Source: is-GINL4.tmp.2.dr |
Static PE information: section name: _RDATA |
| Source: is-4RT0N.tmp.2.dr |
Static PE information: section name: .didata |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
File created: C:\Program Files\LimagitoX File Mover\is-4UBD0.tmp |
Jump to dropped file |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
File created: C:\ProgramData\LimagitoX\ExtJS\is-PVQ3N.tmp |
Jump to dropped file |
| Source: C:\ProgramData\LimagitoX\ExtJS\FMSoft_uniGUI_runtime.exe |
File created: C:\Users\user\AppData\Local\Temp\is-EC44H.tmp\FMSoft_uniGUI_runtime.tmp |
Jump to dropped file |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
File created: C:\Program Files\LimagitoX File Mover\is-JUPDN.tmp |
Jump to dropped file |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
File created: C:\Program Files\LimagitoX File Mover\is-16U2M.tmp |
Jump to dropped file |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
File created: C:\Program Files\LimagitoX File Mover\is-Q06KG.tmp |
Jump to dropped file |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
File created: C:\Program Files\LimagitoX File Mover\is-T3LL6.tmp |
Jump to dropped file |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
File created: C:\Program Files\LimagitoX File Mover\is-60OQA.tmp |
Jump to dropped file |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
File created: C:\Program Files\LimagitoX File Mover\is-90QTD.tmp |
Jump to dropped file |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
File created: C:\Users\user\AppData\Local\Temp\is-0CRSG.tmp\_isetup\_setup64.tmp |
Jump to dropped file |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
File created: C:\Program Files\LimagitoX File Mover\is-61TCG.tmp |
Jump to dropped file |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
File created: C:\Program Files\LimagitoX File Mover\is-9S6UH.tmp |
Jump to dropped file |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
File created: C:\Program Files\LimagitoX File Mover\is-4RT0N.tmp |
Jump to dropped file |
| Source: C:\Users\user\Desktop\setup.limagitox.x64.snap (1).exe |
File created: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Jump to dropped file |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
File created: C:\Program Files\LimagitoX File Mover\is-N1RJR.tmp |
Jump to dropped file |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
File created: (copy) |
Jump to dropped file |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
File created: C:\Program Files\LimagitoX File Mover\is-GPEEL.tmp |
Jump to dropped file |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
File created: C:\Program Files\LimagitoX File Mover\is-GINL4.tmp |
Jump to dropped file |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
File created: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LimagitoX File Mover (x64) |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
File created: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LimagitoX File Mover (x64)\LimagitoX File Mover Remote.lnk |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
File created: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LimagitoX File Mover (x64)\LimagitoX File Mover Config.lnk |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
File created: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LimagitoX File Mover (x64)\Intro pdf.lnk |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
File created: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LimagitoX File Mover (x64)\Installation pdf.lnk |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
File created: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LimagitoX File Mover (x64)\Help pdf.lnk |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
File created: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LimagitoX File Mover (x64)\Uninstall LimagitoX File Mover (x64).lnk |
Jump to behavior |
| Source: C:\Users\user\Desktop\setup.limagitox.x64.snap (1).exe |
Process information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Process information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Process information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Process information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Process information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Process information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Process information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Process information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Process information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Process information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Process information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Process information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\ProgramData\LimagitoX\ExtJS\FMSoft_uniGUI_runtime.exe |
Process information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-EC44H.tmp\FMSoft_uniGUI_runtime.tmp |
Process information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-EC44H.tmp\FMSoft_uniGUI_runtime.tmp |
Process information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-EC44H.tmp\FMSoft_uniGUI_runtime.tmp |
Process information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-EC44H.tmp\FMSoft_uniGUI_runtime.tmp |
Process information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-EC44H.tmp\FMSoft_uniGUI_runtime.tmp |
Process information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-EC44H.tmp\FMSoft_uniGUI_runtime.tmp |
Process information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-EC44H.tmp\FMSoft_uniGUI_runtime.tmp |
Process information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-EC44H.tmp\FMSoft_uniGUI_runtime.tmp |
Process information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Dropped PE file which has not been started: C:\Program Files\LimagitoX File Mover\is-4UBD0.tmp |
Jump to dropped file |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Dropped PE file which has not been started: C:\Program Files\LimagitoX File Mover\is-JUPDN.tmp |
Jump to dropped file |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Dropped PE file which has not been started: C:\Program Files\LimagitoX File Mover\is-16U2M.tmp |
Jump to dropped file |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Dropped PE file which has not been started: C:\Program Files\LimagitoX File Mover\is-Q06KG.tmp |
Jump to dropped file |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Dropped PE file which has not been started: C:\Program Files\LimagitoX File Mover\is-60OQA.tmp |
Jump to dropped file |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Dropped PE file which has not been started: C:\Program Files\LimagitoX File Mover\is-T3LL6.tmp |
Jump to dropped file |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Dropped PE file which has not been started: C:\Program Files\LimagitoX File Mover\is-90QTD.tmp |
Jump to dropped file |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Dropped PE file which has not been started: C:\Program Files\LimagitoX File Mover\is-61TCG.tmp |
Jump to dropped file |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Dropped PE file which has not been started: C:\Program Files\LimagitoX File Mover\is-9S6UH.tmp |
Jump to dropped file |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Dropped PE file which has not been started: C:\Program Files\LimagitoX File Mover\is-4RT0N.tmp |
Jump to dropped file |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Dropped PE file which has not been started: C:\Program Files\LimagitoX File Mover\is-N1RJR.tmp |
Jump to dropped file |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Dropped PE file which has not been started: (copy) |
Jump to dropped file |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Dropped PE file which has not been started: C:\Program Files\LimagitoX File Mover\is-GPEEL.tmp |
Jump to dropped file |
| Source: C:\Users\user\AppData\Local\Temp\is-SQ53H.tmp\setup.limagitox.x64.snap (1).tmp |
Dropped PE file which has not been started: C:\Program Files\LimagitoX File Mover\is-GINL4.tmp |
Jump to dropped file |
