Automated Malware Analysis IOC Report for

Files

File Path

Type

Category

Malicious

AssinadorSERPRO4.2.1.exe

PE32 executable (GUI) Intel 80386, for MS Windows

initial sample

C:\Users\user\AppData\Local\Temp\is-G5SH8.tmp\AssinadorSERPRO4.2.1.tmp

PE32 executable (GUI) Intel 80386, for MS Windows

dropped

C:\Windows\System32\drivers\etc\hosts

ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\Assinador Serpro\exec_assinador.vbs (copy)

ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\Assinador Serpro\is-H7AJR.tmp

PE32 executable (GUI) Intel 80386, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\is-HJ5PV.tmp

MS Windows icon resource - 5 icons, -128x-128, 32 bits/pixel, 64x64, 32 bits/pixel

dropped

C:\Program Files (x86)\Assinador Serpro\is-NRP4L.tmp

ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\Assinador Serpro\is-UG670.tmp

ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\Assinador Serpro\java\ASSEMBLY_EXCEPTION (copy)

ASCII text

dropped

C:\Program Files (x86)\Assinador Serpro\java\LICENSE (copy)

ASCII text

dropped

C:\Program Files (x86)\Assinador Serpro\java\NOTICE (copy)

ASCII text

dropped

C:\Program Files (x86)\Assinador Serpro\java\THIRD_PARTY_README (copy)

ASCII text

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\JAWTAccessBridge-64.dll (copy)

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\JavaAccessBridge-64.dll (copy)

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\WindowsAccessBridge-64.dll (copy)

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\api-ms-win-core-console-l1-1-0.dll (copy)

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\api-ms-win-core-datetime-l1-1-0.dll (copy)

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\api-ms-win-core-debug-l1-1-0.dll (copy)

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\api-ms-win-core-errorhandling-l1-1-0.dll (copy)

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\api-ms-win-core-file-l1-1-0.dll (copy)

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\api-ms-win-core-file-l1-2-0.dll (copy)

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\api-ms-win-core-file-l2-1-0.dll (copy)

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\api-ms-win-core-handle-l1-1-0.dll (copy)

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\api-ms-win-core-heap-l1-1-0.dll (copy)

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\api-ms-win-core-interlocked-l1-1-0.dll (copy)

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\api-ms-win-core-libraryloader-l1-1-0.dll (copy)

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\api-ms-win-core-louserzation-l1-2-0.dll (copy)

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\api-ms-win-core-memory-l1-1-0.dll (copy)

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\api-ms-win-core-namedpipe-l1-1-0.dll (copy)

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\api-ms-win-core-processenvironment-l1-1-0.dll (copy)

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\api-ms-win-core-processthreads-l1-1-0.dll (copy)

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\api-ms-win-core-processthreads-l1-1-1.dll (copy)

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\api-ms-win-core-profile-l1-1-0.dll (copy)

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\api-ms-win-core-rtlsupport-l1-1-0.dll (copy)

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\api-ms-win-core-string-l1-1-0.dll (copy)

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\api-ms-win-core-synch-l1-1-0.dll (copy)

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\api-ms-win-core-synch-l1-2-0.dll (copy)

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\api-ms-win-core-sysinfo-l1-1-0.dll (copy)

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\api-ms-win-core-timezone-l1-1-0.dll (copy)

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\api-ms-win-core-util-l1-1-0.dll (copy)

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\api-ms-win-crt-conio-l1-1-0.dll (copy)

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\api-ms-win-crt-convert-l1-1-0.dll (copy)

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\api-ms-win-crt-environment-l1-1-0.dll (copy)

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\api-ms-win-crt-filesystem-l1-1-0.dll (copy)

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\api-ms-win-crt-heap-l1-1-0.dll (copy)

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\api-ms-win-crt-locale-l1-1-0.dll (copy)

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\api-ms-win-crt-math-l1-1-0.dll (copy)

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\api-ms-win-crt-multibyte-l1-1-0.dll (copy)

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\api-ms-win-crt-private-l1-1-0.dll (copy)

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\api-ms-win-crt-process-l1-1-0.dll (copy)

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\api-ms-win-crt-runtime-l1-1-0.dll (copy)

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\api-ms-win-crt-stdio-l1-1-0.dll (copy)

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\api-ms-win-crt-string-l1-1-0.dll (copy)

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\api-ms-win-crt-time-l1-1-0.dll (copy)

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\api-ms-win-crt-utility-l1-1-0.dll (copy)

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\awt.dll (copy)

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\dt_shmem.dll (copy)

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\dt_socket.dll (copy)

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\fontmanager.dll (copy)

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\freetype.dll (copy)

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\hprof.dll (copy)

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\instrument.dll (copy)

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-01H0Q.tmp

PE32+ executable (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-01RFL.tmp

PE32+ executable (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-05H4F.tmp

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-09CJA.tmp

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-0AG0G.tmp

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-0FRDG.tmp

PE32+ executable (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-10OLF.tmp

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-1ALVR.tmp

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-1IJQ7.tmp

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-1JMGM.tmp

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-25BJG.tmp

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-2DK9J.tmp

PE32+ executable (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-2NCVF.tmp

PE32+ executable (GUI) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-3I9DQ.tmp

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-3J32U.tmp

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-3T80T.tmp

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-4JADI.tmp

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-4QBC6.tmp

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-56QU2.tmp

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-5H0MR.tmp

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-5N2EU.tmp

PE32+ executable (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-5U0UB.tmp

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-6B2QA.tmp

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-6DLEF.tmp

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-6FDNH.tmp

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-6LQVP.tmp

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-6NL6V.tmp

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-78UBE.tmp

PE32+ executable (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-7JMGO.tmp

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-887EF.tmp

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-8F6MN.tmp

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-8M4L2.tmp

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-8MMU9.tmp

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-8ODLA.tmp

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-99ACV.tmp

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-A46E8.tmp

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-AC0HS.tmp

PE32+ executable (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-AFCS8.tmp

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-BFO2D.tmp

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-BOVJV.tmp

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-BT0P2.tmp

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-BVU5T.tmp

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-C590F.tmp

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-CJ5UM.tmp

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-D539J.tmp

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-DBUN7.tmp

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-DD3A8.tmp

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-DNUF6.tmp

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-DO2AE.tmp

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-EF0BV.tmp

PE32+ executable (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-EJ953.tmp

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-ENIQA.tmp

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-EUKS1.tmp

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-F1GE4.tmp

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-F4VN5.tmp

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-FNLIE.tmp

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-GUPA5.tmp

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-H33V2.tmp

PE32+ executable (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-H8MPO.tmp

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-I8C2B.tmp

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-IEKPD.tmp

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-IFBPV.tmp

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-K0V24.tmp

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-K53A2.tmp

PE32+ executable (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-KAEOJ.tmp

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-KGEMT.tmp

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-L17U6.tmp

PE32+ executable (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-L5OQ2.tmp

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-L743D.tmp

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-LSTAI.tmp

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-M1KOG.tmp

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-MJ6DM.tmp

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-MU9AM.tmp

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-N4TT0.tmp

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-N84RS.tmp

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-NGC4I.tmp

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-OL5NS.tmp

PE32+ executable (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-P491O.tmp

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-P6SNU.tmp

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-PFDTF.tmp

PE32+ executable (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-PLPD7.tmp

PE32+ executable (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-PNU6A.tmp

PE32+ executable (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-QDLN8.tmp

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-RTLRN.tmp

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-SCE81.tmp

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-SCSGE.tmp

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-SLDRF.tmp

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-SM665.tmp

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-SMM8F.tmp

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-SS22L.tmp

PE32+ executable (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-TFA31.tmp

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-UC0I6.tmp

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-UKEO8.tmp

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-UODOD.tmp

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-UTBVU.tmp

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-UTT8O.tmp

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\is-VAQMU.tmp

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\j2gss.dll (copy)

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\j2pcsc.dll (copy)

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\j2pkcs11.dll (copy)

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\jaas_nt.dll (copy)

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\jabswitch.exe (copy)

PE32+ executable (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\java-rmi.exe (copy)

PE32+ executable (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\java.dll (copy)

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\java.exe (copy)

PE32+ executable (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\java_crw_demo.dll (copy)

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\javaw.exe (copy)

PE32+ executable (GUI) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\jawt.dll (copy)

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\jdwp.dll (copy)

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\jjs.exe (copy)

PE32+ executable (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\jli.dll (copy)

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\jpeg.dll (copy)

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\jsdt.dll (copy)

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\jsound.dll (copy)

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\jsoundds.dll (copy)

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\keytool.exe (copy)

PE32+ executable (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\kinit.exe (copy)

PE32+ executable (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\klist.exe (copy)

PE32+ executable (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\ktab.exe (copy)

PE32+ executable (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\lcms.dll (copy)

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\management.dll (copy)

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\mlib_image.dll (copy)

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\msvcp140.dll (copy)

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\net.dll (copy)

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\nio.dll (copy)

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\npt.dll (copy)

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\orbd.exe (copy)

PE32+ executable (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\pack200.exe (copy)

PE32+ executable (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\policytool.exe (copy)

PE32+ executable (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\rmid.exe (copy)

PE32+ executable (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\rmiregistry.exe (copy)

PE32+ executable (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\server\Xusage.txt (copy)

ASCII text

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\server\is-QR7BT.tmp

ASCII text

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\server\is-SSSB6.tmp

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\server\jvm.dll (copy)

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\servertool.exe (copy)

PE32+ executable (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\splashscreen.dll (copy)

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\sspi_bridge.dll (copy)

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\sunec.dll (copy)

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\sunmscapi.dll (copy)

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\tnameserv.exe (copy)

PE32+ executable (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\ucrtbase.dll (copy)

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\unpack.dll (copy)

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\unpack200.exe (copy)

PE32+ executable (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\vcruntime140.dll (copy)

PE32+ executable (DLL) (console) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\verify.dll (copy)

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\w2k_lsa_auth.dll (copy)

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\bin\zip.dll (copy)

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Program Files (x86)\Assinador Serpro\java\is-44MK3.tmp

ASCII text

dropped

C:\Program Files (x86)\Assinador Serpro\java\is-5IGLK.tmp

ASCII text

dropped

C:\Program Files (x86)\Assinador Serpro\java\is-91T0C.tmp

ASCII text

dropped

C:\Program Files (x86)\Assinador Serpro\java\is-ELKHC.tmp

ASCII text

dropped

C:\Program Files (x86)\Assinador Serpro\java\is-S8CCK.tmp

ASCII text

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\accessibility.properties (copy)

ASCII text

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\amd64\is-M1O3F.tmp

ASCII text

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\amd64\jvm.cfg (copy)

ASCII text

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\calendars.properties (copy)

ASCII text

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\charsets.jar (copy)

Java archive data (JAR)

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\classlist (copy)

ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\cmm\CIEXYZ.pf (copy)

Microsoft color profile 2.3, type lcms, XYZ/XYZ-abst device by lcms, 784 bytes, 28-12-2006 18:07:22, no copyright tag "lcms XYZ identity"

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\cmm\GRAY.pf (copy)

Microsoft color profile 2.3, type lcms, GRAY/XYZ-mntr device by lcms, 556 bytes, 28-12-2006 18:07:22, no copyright tag "lcms gray virtual profile"

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\cmm\LINEAR_RGB.pf (copy)

ColorSync color profile 2.3, type lcms, RGB/XYZ-mntr device by lcms, 488 bytes, 28-3-2008 14:24:37, transparent, relative colorimetric "linear sRGB"

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\cmm\PYCC.pf (copy)

ColorSync color profile 4.0, type lcms, 3CLR/XYZ-spac device by lcms, 234080 bytes, 10-4-2008 10:24:22, transparent, relative colorimetric, 0xf0e75c55d21e4d8c MD5 'PYCC from PCD 045'

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\cmm\is-76DOE.tmp

Microsoft color profile 2.3, type lcms, GRAY/XYZ-mntr device by lcms, 556 bytes, 28-12-2006 18:07:22, no copyright tag "lcms gray virtual profile"

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\cmm\is-D6TKE.tmp

Microsoft color profile 2.3, type lcms, RGB/XYZ-mntr device by lcms, 6876 bytes, 28-12-2006 18:07:22, no copyright tag "sRGB built-in"

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\cmm\is-LQFBB.tmp

ColorSync color profile 2.3, type lcms, RGB/XYZ-mntr device by lcms, 488 bytes, 28-3-2008 14:24:37, transparent, relative colorimetric "linear sRGB"

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\cmm\is-N1DN5.tmp

ColorSync color profile 4.0, type lcms, 3CLR/XYZ-spac device by lcms, 234080 bytes, 10-4-2008 10:24:22, transparent, relative colorimetric, 0xf0e75c55d21e4d8c MD5 'PYCC from PCD 045'

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\cmm\is-OA173.tmp

Microsoft color profile 2.3, type lcms, XYZ/XYZ-abst device by lcms, 784 bytes, 28-12-2006 18:07:22, no copyright tag "lcms XYZ identity"

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\cmm\sRGB.pf (copy)

Microsoft color profile 2.3, type lcms, RGB/XYZ-mntr device by lcms, 6876 bytes, 28-12-2006 18:07:22, no copyright tag "sRGB built-in"

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\content-types.properties (copy)

ASCII text

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\currency.data (copy)

data

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\ext\access-bridge-64.jar (copy)

Java archive data (JAR)

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\ext\cldrdata.jar (copy)

Java archive data (JAR)

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\ext\dnsns.jar (copy)

Java archive data (JAR)

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\ext\is-2QR1R.tmp

Java archive data (JAR)

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\ext\is-32KPE.tmp

Java archive data (JAR)

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\ext\is-39SFT.tmp

Java archive data (JAR)

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\ext\is-4OPEP.tmp

Java archive data (JAR)

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\ext\is-876UN.tmp

Java archive data (JAR)

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\ext\is-AQDI3.tmp

Java archive data (JAR)

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\ext\is-FVUN1.tmp

Java archive data (JAR)

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\ext\is-OCQSR.tmp

Java archive data (JAR)

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\ext\is-S5QAC.tmp

Java archive data (JAR)

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\ext\is-S7KNF.tmp

ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\ext\is-TDBPC.tmp

Java archive data (JAR)

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\ext\is-U7KLH.tmp

Java archive data (JAR)

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\ext\jaccess.jar (copy)

Java archive data (JAR)

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\ext\localedata.jar (copy)

Java archive data (JAR)

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\ext\meta-index (copy)

ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\ext\nashorn.jar (copy)

Java archive data (JAR)

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\ext\sunec.jar (copy)

Java archive data (JAR)

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\ext\sunjce_provider.jar (copy)

Java archive data (JAR)

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\ext\sunmscapi.jar (copy)

Java archive data (JAR)

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\ext\sunpkcs11.jar (copy)

Java archive data (JAR)

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\ext\zipfs.jar (copy)

Java archive data (JAR)

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\flavormap.properties (copy)

ASCII text

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\fontconfig.bfc (copy)

raw G3 (Group 3) FAX

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\fontconfig.properties.src (copy)

ASCII text

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\hijrah-config-umalqura.properties (copy)

ASCII text

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\images\cursors\cursors.properties (copy)

ASCII text

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\images\cursors\invalid32x32.gif (copy)

GIF image data, version 89a, 32 x 32

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\images\cursors\is-2JA3H.tmp

GIF image data, version 89a, 31 x 32

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\images\cursors\is-81OC6.tmp

GIF image data, version 89a, 32 x 32

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\images\cursors\is-G59F3.tmp

GIF image data, version 89a, 31 x 32

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\images\cursors\is-GQ41E.tmp

GIF image data, version 89a, 32 x 32

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\images\cursors\is-HSEPB.tmp

GIF image data, version 89a, 32 x 32

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\images\cursors\is-PFHNB.tmp

GIF image data, version 89a, 31 x 32

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\images\cursors\is-RFTRK.tmp

GIF image data, version 89a, 32 x 32

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\images\cursors\is-TKOSJ.tmp

ASCII text

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\images\cursors\win32_CopyDrop32x32.gif (copy)

GIF image data, version 89a, 31 x 32

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\images\cursors\win32_CopyNoDrop32x32.gif (copy)

GIF image data, version 89a, 32 x 32

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\images\cursors\win32_LinkDrop32x32.gif (copy)

GIF image data, version 89a, 31 x 32

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\images\cursors\win32_LinkNoDrop32x32.gif (copy)

GIF image data, version 89a, 32 x 32

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\images\cursors\win32_MoveDrop32x32.gif (copy)

GIF image data, version 89a, 31 x 32

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\images\cursors\win32_MoveNoDrop32x32.gif (copy)

GIF image data, version 89a, 32 x 32

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\is-1P3G3.tmp

ASCII text

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\is-26LTJ.tmp

ASCII text

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\is-35GUD.tmp

Java archive data (JAR)

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\is-3KKH1.tmp

ASCII text

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\is-4SQEA.tmp

ASCII text

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\is-6M1QD.tmp

ASCII text

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\is-8I97L.tmp

ASCII text

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\is-8N19O.tmp

ASCII text

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\is-BHF3R.tmp

ASCII text

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\is-BU7LV.tmp

raw G3 (Group 3) FAX

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\is-C2GBO.tmp

ASCII text

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\is-DDFPA.tmp

ASCII text

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\is-DVVPP.tmp

Java archive data (JAR)

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\is-E9MMC.tmp

Java archive data (JAR)

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\is-GC0A6.tmp

Algol 68 source, ASCII text

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\is-GUJST.tmp

Java archive data (JAR)

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\is-HGI0F.tmp

ASCII text

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\is-HKCJ1.tmp

ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\is-IAG7M.tmp

ASCII text

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\is-NKFKO.tmp

Java archive data (JAR)

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\is-NPPRU.tmp

data

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\is-NV99G.tmp

Java archive data (JAR)

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\is-RAH82.tmp

ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\is-THVH9.tmp

Java archive data (JAR)

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\is-VVL33.tmp

data

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\jce.jar (copy)

Java archive data (JAR)

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\jfr.jar (copy)

Java archive data (JAR)

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\jfr\default.jfc (copy)

XML 1.0 document, ASCII text

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\jfr\is-67KNE.tmp

XML 1.0 document, ASCII text

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\jfr\is-IPJDL.tmp

XML 1.0 document, ASCII text

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\jfr\profile.jfc (copy)

XML 1.0 document, ASCII text

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\jsse.jar (copy)

Java archive data (JAR)

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\jvm.hprof.txt (copy)

Algol 68 source, ASCII text

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\logging.properties (copy)

ASCII text

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\management-agent.jar (copy)

Java archive data (JAR)

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\management\is-398JD.tmp

ASCII text

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\management\is-47LTL.tmp

ASCII text

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\management\is-E6971.tmp

ASCII text

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\management\is-V9K91.tmp

ASCII text

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\management\jmxremote.access (copy)

ASCII text

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\management\jmxremote.password.template (copy)

ASCII text

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\management\management.properties (copy)

ASCII text

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\management\snmp.acl.template (copy)

ASCII text

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\meta-index (copy)

ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\net.properties (copy)

ASCII text

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\psfont.properties.ja (copy)

ASCII text

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\psfontj2d.properties (copy)

ASCII text

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\resources.jar (copy)

Java archive data (JAR)

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\rt.jar (copy)

Java archive data (JAR)

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\security\blacklisted.certs (copy)

ASCII text

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\security\cacerts (copy)

Java KeyStore

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\security\is-0Q78G.tmp

ASCII text

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\security\is-8AM79.tmp

ASCII text

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\security\is-IK061.tmp

ASCII text

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\security\is-IM5O7.tmp

Java KeyStore

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\security\java.policy (copy)

ASCII text

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\security\java.security (copy)

ASCII text

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\security\policy\limited\US_export_policy.jar (copy)

Java archive data (JAR)

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\security\policy\limited\is-L85QQ.tmp

Java archive data (JAR)

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\security\policy\limited\is-QD2UM.tmp

Java archive data (JAR)

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\security\policy\limited\local_policy.jar (copy)

Java archive data (JAR)

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\security\policy\unlimited\US_export_policy.jar (copy)

Java archive data (JAR)

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\security\policy\unlimited\is-077TA.tmp

Java archive data (JAR)

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\security\policy\unlimited\is-C59EP.tmp

Java archive data (JAR)

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\security\policy\unlimited\local_policy.jar (copy)

Java archive data (JAR)

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\sound.properties (copy)

ASCII text

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\tzdb.dat (copy)

data

dropped

C:\Program Files (x86)\Assinador Serpro\java\lib\tzmappings (copy)

ASCII text

dropped

C:\Program Files (x86)\Assinador Serpro\java\release (copy)

ASCII text

dropped

C:\Program Files (x86)\Assinador Serpro\lib\is-6OO1M.tmp

Java archive data (JAR)

dropped

C:\Program Files (x86)\Assinador Serpro\lib\serpro-signer-4.2.1.jar (copy)

Java archive data (JAR)

dropped

C:\Program Files (x86)\Assinador Serpro\serpro-signer.ico (copy)

MS Windows icon resource - 5 icons, -128x-128, 32 bits/pixel, 64x64, 32 bits/pixel

dropped

C:\Program Files (x86)\Assinador Serpro\signerDesktopAgent.bat (copy)

ASCII text, with CRLF line terminators

dropped

C:\Program Files (x86)\Assinador Serpro\unins000.dat

InnoSetup Log Assinador SERPRO {4A283050-2DB0-4E39-BBDC-4DD835B8AA44}, version 0x418, 38925 bytes, 927537\37\user\376\, C:\Program Files (x86)\Assinador Serpro\37

modified

C:\Program Files (x86)\Assinador Serpro\unins000.exe (copy)

PE32 executable (GUI) Intel 80386, for MS Windows

dropped

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assinador SERPRO\Assinador SERPRO.lnk

MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Icon number=0, Archive, ctime=Wed Feb 21 19:18:26 2024, mtime=Wed Feb 21 19:18:26 2024, atime=Fri Dec 1 08:36:02 2023, length=130, window=hide

dropped

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assinador SERPRO\Uninstall Assinador SERPRO.lnk

MS Windows shortcut, Has Working directory, Icon number=0, ctime=Sun Dec 31 23:06:32 1600, mtime=Sun Dec 31 23:06:32 1600, atime=Sun Dec 31 23:06:32 1600, length=0, window=hide

dropped

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\Assinador SERPRO.lnk

dropped

C:\Users\user\AppData\Local\Temp\is-ML15H.tmp\_isetup\_setup64.tmp

PE32+ executable (console) x86-64, for MS Windows

dropped

C:\Users\user\Desktop\Assinador SERPRO.lnk

dropped

There are 347 hidden files, click here to show them.

Processes

Path

Cmdline

Malicious

C:\Users\user\AppData\Local\Temp\is-G5SH8.tmp\AssinadorSERPRO4.2.1.tmp

"C:\Users\user\AppData\Local\Temp\is-G5SH8.tmp\AssinadorSERPRO4.2.1.tmp" /SL5="$50374,52794110,876032,C:\Users\user\Desktop\AssinadorSERPRO4.2.1.exe"

Details

Is windows:	false
Is dropped:	true
PID:	4508
Target ID:	2
Parent PID:	4796
Name:	AssinadorSERPRO4.2.1.tmp
Path:	C:\Users\user\AppData\Local\Temp\is-G5SH8.tmp\AssinadorSERPRO4.2.1.tmp
Commandline:	"C:\Users\user\AppData\Local\Temp\is-G5SH8.tmp\AssinadorSERPRO4.2.1.tmp" /SL5="$50374,52794110,876032,C:\Users\user\Desktop\AssinadorSERPRO4.2.1.exe"
Size:	3212288
MD5:	A769168BAF50492809461689FBB8F08D
Time:	21:17:58
Date:	21/02/2024
Reason:	newprocess
Reputation:	low
Is admin:	true
Is elevated:	true
Modulebase:	0x400000
Modulesize:	3272704
Wow64:	true

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Sigma detected: Startup Folder File Write	System Summary
Spawns processes	System Summary	Process Injection

C:\Users\user\Desktop\AssinadorSERPRO4.2.1.exe

Details

Is windows:	false
Is dropped:	false
PID:	4796
Target ID:	0
Parent PID:	4380
Name:	AssinadorSERPRO4.2.1.exe
Path:	C:\Users\user\Desktop\AssinadorSERPRO4.2.1.exe
Commandline:	C:\Users\user\Desktop\AssinadorSERPRO4.2.1.exe
Size:	53673032
MD5:	E23DBA0669F1825C4B8DD709984DE72D
Time:	21:17:57
Date:	21/02/2024
Reason:	newprocess
Reputation:	low
Is admin:	true
Is elevated:	true
Modulebase:	0x400000
Modulesize:	929792
Wow64:	true

Signature Hits	Behavior Group	Mitre Attack
PE file contains sections with non-standard names	Data Obfuscation
Sample file is different than original file name gathered from version info	System Summary
Uses 32bit PE files	Compliance, System Summary
Sample might require command line arguments	System Summary	Command and Scripting Interpreter
Sample reads its own file content	System Summary
Spawns processes	System Summary	Process Injection
URLs found in memory or binary data	Networking
Contains modern PE file flags such as dynamic base (ASLR) or NX	Compliance, System Summary
PE / OLE file has a valid certificate	Compliance, System Summary
Submission file is bigger than most known malware samples	System Summary

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

Details

Is windows:	true
Is dropped:	false
PID:	7056
Target ID:	16
Parent PID:	804
Name:	rundll32.exe
Class:	rundll32
Path:	C:\Windows\System32\rundll32.exe
Commandline:	C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
Size:	71680
MD5:	EF3179D498793BF4234F708D3BE28633
Time:	21:19:15
Date:	21/02/2024
Reason:	newprocess
Reputation:	high
Is admin:	false
Is elevated:	false
Modulebase:	0x7ff77bd90000
Modulesize:	94208
Wow64:	false

Signature Hits	Behavior Group	Mitre Attack
Runs a DLL by calling functions	System Summary	Rundll32
Spawns processes	System Summary	Process Injection

C:\Windows\System32\OpenWith.exe

C:\Windows\system32\OpenWith.exe -Embedding

Details

Is windows:	true
Is dropped:	false
PID:	4888
Target ID:	17
Parent PID:	804
Name:	OpenWith.exe
Path:	C:\Windows\System32\OpenWith.exe
Commandline:	C:\Windows\system32\OpenWith.exe -Embedding
Size:	123984
MD5:	E4A834784FA08C17D47A1E72429C5109
Time:	21:19:46
Date:	21/02/2024
Reason:	newprocess
Reputation:	moderate
Is admin:	false
Is elevated:	false
Modulebase:	0x7ff6ee240000
Modulesize:	139264
Wow64:	false

Signature Hits	Behavior Group	Mitre Attack
Spawns processes	System Summary	Process Injection

C:\Windows\System32\notepad.exe

"C:\Windows\system32\NOTEPAD.EXE" C:\Windows\System32\drivers\etc\hosts

Details

Is windows:	true
Is dropped:	false
PID:	5744
Target ID:	18
Parent PID:	4888
Name:	notepad.exe
Path:	C:\Windows\System32\notepad.exe
Commandline:	"C:\Windows\system32\NOTEPAD.EXE" C:\Windows\System32\drivers\etc\hosts
Size:	201216
MD5:	27F71B12CB585541885A31BE22F61C83
Time:	21:19:51
Date:	21/02/2024
Reason:	newprocess
Reputation:	moderate
Is admin:	false
Is elevated:	false
Modulebase:	0x7ff7cda80000
Modulesize:	229376
Wow64:	false

Signature Hits	Behavior Group	Mitre Attack
Creates a process in suspended mode (likely to inject code)	HIPS / PFW / Operating System Protection Evasion	Process Injection
Spawns processes	System Summary	Process Injection

URLs

Name

Malicious

http://apache.org/xml/features/validation/schema/augment-psvi

unknown

http://apache.org/xml/properties/input-buffer-size

unknown

http://www.sun.com/xml/sax-events

unknown

http://java.sun.com/xml/ns/jdbc

unknown

http://schemas.xmlsoap.org/ws/2004/09/policy/optimizedmimeserialization

unknown

http://apache.org/xml/properties/internal/entity-manager

unknown

http://apache.org/xml/features/internal/parser-settings

unknown

http://apache.org/xml/features/dom/include-ignorable-whitespace

unknown

http://java.sun.com/xml/ns/wsit/policy

unknown

https://www.apache.org/licenses/LICENSE-2.0

unknown

http://java.sun.com/xml/stream/properties/implementation-name

unknown

http://xmlns.oracle.com/webservices/jaxws-databinding

unknown

https://www.slf4j.org/license.html

unknown

http://java.sun.com/xml/dom/properties/

unknown

http://schemas.xmlsoap.org/wsdl/soap/http?mtom=true

unknown

http://apache.org/xml/properties/internal/stax-entity-resolver

unknown

http://www.kymoto.orgSobre

unknown

http://apache.org/xml/features/validation

unknown

https://tutorial.assinadorserpro.estaleir

unknown

http://schemas.xmlsoap.org/soap/http

unknown

http://xml.apache.org/xalan/psuedovar

unknown

http://xml.apache.org/xalan-j

unknown

http://apache.org/xml/features/xinclude/fixup-base-uris

unknown

https://www.remobjects.com/ps

unknown

http://apache.org/xml/properties/schema/external-noNamespaceSchemaLocation

unknown

http://apache.org/xml/properties/internal/error-reporter

unknown

https://www.innosetup.com/

unknown

http://java.sun.com/xml/ns/metro/management

unknown

http://xml.apache.org/xslt/java

unknown

http://apache.org/xml/features/include-comments

unknown

http://apache.org/xml/features/scanner/notify-char-refs

unknown

http://exslt.org/sets

unknown

http://serpro.gov.br/assinador-digital/legal

unknown

http://jvnet.org/fastinfoset/sax/properties/primitive-type-content-handler

unknown

http://wildsau.idv.uni-linz.ac.at/mfx/upx.html

unknown

http://xml.apache.org/xalan-j/faq.html

unknown

http://java.sun.com/xml/stream/properties/ignore-external-dtd

unknown

http://jaxb.dev.java.net/xjc/model

unknown

http://apache.org/xml/features/continue-after-fatal-error

unknown

http://apache.org/xml/features/standard-uri-conformant

unknown

http://apache.org/xml/properties/internal/document-scanner

unknown

http://java.sun.com/xml/ns/jaxws/client/selectOptimalEncoding

unknown

http://xml.apache.org/xalan/features/optimize

unknown

http://www.kymoto.orgAbout

unknown

http://exslt.org/common

unknown

http://java.sun.com/xml/ns/jaxws/fastinfoset

unknown

https://www.loja.serpro.gov.br/carimbodetempo.

unknown

http://exslt.org/dates-and-times

unknown

http://apache.org/xml/features/

unknown

http://apache.org/xml/features/generate-synthetic-annotations

unknown

http://www.kymoto.org

unknown

http://www.xfree86.org/)

unknown

http://xml.org/sax/features/allow-dtd-events-after-endDTD

unknown

http://java.sun.com/xml/ns/wsit/2006/09/policy/fastinfoset/service

unknown

http://www.unicode.org/cldr/data/.

unknown

http://apache.org/xml/features/internal/validation/schema/use-grammar-pool-only

unknown

http://jax-ws.java.net/features/serialization

unknown

http://www.kymoto.org&

unknown

http://xml.org/sax/features/string-interningfeature

unknown

http://xsl.lotus.com/java

unknown

http://schemas.xmlsoap.org/ws/2004/08/addressing

unknown

http://apache.org/xml/properties/internal/namespace-binder

unknown

http://www.oracle.com/xml/is-standalone

unknown

http://schemas.xmlsoap.org/wsdl/

unknown

http://javax.xml.transform.sax.SAXTransformerFactory/feature

unknown

http://javax.xml.XMLConstants/property/accessExternalStylesheet

unknown

http://xmlns.oracle.com/weblogic/weblogic-wsee-databinding

unknown

http://exslt.org/dynamic

unknown

http://xml.apache.org/xalan/java

unknown

http://apache.org/xml/properties/security-manager

unknown

http://java.sun.com/xml/dom/properties/ancestor-check

unknown

http://xml.apache.org/xslt

unknown

http://jaxb.dev.java.net/array

unknown

http://javax.xml.transform.stax.StAXResult/feature

unknown

http://jax-ws.dev.java.net/features/mime

unknown

http://exslt.org/strings

unknown

http://carimbodotempo.serpro.gov.br/act/)

unknown

http://www.freebxml.org/

unknown

http://apache.org/xml/features/namespaces

unknown

https://tutorial.assinadorserpro.estaleiro.serpro.gov.br

unknown

http://ocsp.sectigo.com0

unknown

http://jax-ws.dev.java.net/features/schema-validation

unknown

http://apache.org/xml/features/xinclude

unknown

http://apache.org/xml/features/validation/schema-full-checking

unknown

http://javax.xml.XMLConstants/property/

unknown

http://www.serpro.gov.br/assinador-digital/Vhttp://www.serpro.gov.br/assinador-digital/Vhttp://www.s

unknown

http://mozilla.org/MPL/2.0/.

unknown

http://apache.org/xml/properties/internal/grammar-pool

unknown

http://apache.org/xml/properties/locale

unknown

http://www.apache.org/).

unknown

http://java.sun.com/xml/stream/properties/reader-in-defined-state

unknown

http://jvnet.org/fastinfoset/serializer/feature/ignore/whiteSpaceTextContent

unknown

http://jax-ws.dev.java.net/addressing/input-action-not-set

unknown

http://www.oasis-open.org/committees/entity/release/1.0/catalog.xsd

unknown

http://relaxngcc.sf.net/).

unknown

http://apache.org/xml/features/allow-java-encodings

unknown

http://jax-ws.dev.java.net/features/binding

unknown

http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd

unknown

http://tartarus.org/~martin/PorterStemmer

unknown

http://www.oracle.com/feature/use-service-mechanism

unknown

There are 90 hidden URLs, click here to show them.

Registry

Path

Value

Malicious

HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000

Owner

HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000

SessionHash

HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000

Sequence

HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000

RegFiles0000

HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000

RegFilesHash

HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4A283050-2DB0-4E39-BBDC-4DD835B8AA44}_is1

Inno Setup: Setup Version

HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4A283050-2DB0-4E39-BBDC-4DD835B8AA44}_is1

Inno Setup: App Path

HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4A283050-2DB0-4E39-BBDC-4DD835B8AA44}_is1

InstallLocation

HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4A283050-2DB0-4E39-BBDC-4DD835B8AA44}_is1

Inno Setup: Icon Group

HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4A283050-2DB0-4E39-BBDC-4DD835B8AA44}_is1

Inno Setup: User

HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4A283050-2DB0-4E39-BBDC-4DD835B8AA44}_is1

Inno Setup: Selected Tasks

HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4A283050-2DB0-4E39-BBDC-4DD835B8AA44}_is1

Inno Setup: Deselected Tasks

HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4A283050-2DB0-4E39-BBDC-4DD835B8AA44}_is1

Inno Setup: Language

HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4A283050-2DB0-4E39-BBDC-4DD835B8AA44}_is1

DisplayName

HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4A283050-2DB0-4E39-BBDC-4DD835B8AA44}_is1

UninstallString

HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4A283050-2DB0-4E39-BBDC-4DD835B8AA44}_is1

QuietUninstallString

HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4A283050-2DB0-4E39-BBDC-4DD835B8AA44}_is1

DisplayVersion

HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4A283050-2DB0-4E39-BBDC-4DD835B8AA44}_is1

Publisher

HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4A283050-2DB0-4E39-BBDC-4DD835B8AA44}_is1

URLInfoAbout

HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4A283050-2DB0-4E39-BBDC-4DD835B8AA44}_is1

HelpLink

HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4A283050-2DB0-4E39-BBDC-4DD835B8AA44}_is1

URLUpdateInfo

HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4A283050-2DB0-4E39-BBDC-4DD835B8AA44}_is1

NoModify

HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4A283050-2DB0-4E39-BBDC-4DD835B8AA44}_is1

NoRepair

HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4A283050-2DB0-4E39-BBDC-4DD835B8AA44}_is1

InstallDate

HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4A283050-2DB0-4E39-BBDC-4DD835B8AA44}_is1

MajorVersion

HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4A283050-2DB0-4E39-BBDC-4DD835B8AA44}_is1

MinorVersion

HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4A283050-2DB0-4E39-BBDC-4DD835B8AA44}_is1

VersionMajor

HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4A283050-2DB0-4E39-BBDC-4DD835B8AA44}_is1

VersionMinor

HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4A283050-2DB0-4E39-BBDC-4DD835B8AA44}_is1

EstimatedSize

HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache

C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe.FriendlyAppName

HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache

C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe.ApplicationCompany

HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache

C:\Program Files\Mozilla Firefox\firefox.exe.FriendlyAppName

HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache

C:\Program Files\Mozilla Firefox\firefox.exe.ApplicationCompany

HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache

C:\Program Files\Internet Explorer\iexplore.exe.FriendlyAppName

HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache

C:\Program Files\Internet Explorer\iexplore.exe.ApplicationCompany

HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache

C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLED.EXE.FriendlyAppName

HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache

C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLED.EXE.ApplicationCompany

HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache

C:\Windows\system32\mspaint.exe.FriendlyAppName

HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache

C:\Windows\system32\mspaint.exe.ApplicationCompany

HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache

C:\Windows\system32\NOTEPAD.EXE.FriendlyAppName

HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache

C:\Windows\system32\NOTEPAD.EXE.ApplicationCompany

HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache

C:\Program Files (x86)\Microsoft Office\root\Office16\Winword.exe.FriendlyAppName

HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache

C:\Program Files (x86)\Microsoft Office\root\Office16\Winword.exe.ApplicationCompany

HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache

C:\Program Files (x86)\Windows Media Player\wmplayer.exe.FriendlyAppName

HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache

C:\Program Files (x86)\Windows Media Player\wmplayer.exe.ApplicationCompany

HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache

C:\Program Files\Windows NT\Accessories\WORDPAD.EXE.FriendlyAppName

HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache

C:\Program Files\Windows NT\Accessories\WORDPAD.EXE.ApplicationCompany

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count

{1NP14R77-02R7-4R5Q-O744-2RO1NR5198O7}\abgrcnq.rkr

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count

HRZR_PGYFRFFVBA

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Notepad

fWindowsOnlyEOL

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Notepad

fPasteOriginalEOL

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Notepad

fReverse

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Notepad

fWrapAround

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Notepad

fMatchCase

There are 44 hidden registries, click here to show them.

Memdumps

Base Address

Regiontype

Protect

Malicious

14179083000

heap

page read and write

7B4000

heap

page read and write

141770F4000

heap

page read and write

233DF580000

heap

page read and write

7B4000

heap

page read and write

1417708B000

heap

page read and write

14178F15000

heap

page read and write

7B4000

heap

page read and write

14178F15000

heap

page read and write

CD0000

heap

page read and write

7B4000

heap

page read and write

2574000

direct allocation

page read and write

38C8000

direct allocation

page read and write

1417904F000

heap

page read and write

14179037000

heap

page read and write

14178F10000

heap

page read and write

7B4000

heap

page read and write

39B0000

heap

page read and write

7B4000

heap

page read and write

141770AD000

heap

page read and write

98B000

heap

page read and write

14178EFE000

heap

page read and write

7B4000

heap

page read and write

14178F1D000

heap

page read and write

14178F0D000

heap

page read and write

14178F17000

heap

page read and write

14178F25000

heap

page read and write

14179064000

heap

page read and write

7B4000

heap

page read and write

251F000

direct allocation

page read and write

2336000

direct allocation

page read and write

7B4000

heap

page read and write

14178F0C000

heap

page read and write

14178EC1000

heap

page read and write

233DF680000

heap

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

14178F21000

heap

page read and write

19D000

stack

page read and write

38B9000

direct allocation

page read and write

7B4000

heap

page read and write

23D5A046000

heap

page read and write

14178EE5000

heap

page read and write

14176FB0000

heap

page read and write

14178FBB000

heap

page read and write

14178F15000

heap

page read and write

1417904D000

heap

page read and write

7B4000

heap

page read and write

14178FFF000

heap

page read and write

2550000

direct allocation

page read and write

6E0000

unkown

page readonly

14178EF1000

heap

page read and write

1417711A000

heap

page read and write

14178EDB000

heap

page read and write

25DC000

direct allocation

page read and write

141770D8000

heap

page read and write

14178FE6000

heap

page read and write

14178FD8000

heap

page read and write

23D5A045000

heap

page read and write

3A70000

heap

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

1417902C000

heap

page read and write

7B4000

heap

page read and write

141770B4000

heap

page read and write

23D5A029000

heap

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

235A000

direct allocation

page read and write

1417904F000

heap

page read and write

14178F2A000

heap

page read and write

7B4000

heap

page read and write

141790A5000

heap

page read and write

7DF4E4BD1000

trusted library allocation

page execute read

6F4000

unkown

page readonly

20CAAFE000

stack

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

14179068000

heap

page read and write

14178ED2000

heap

page read and write

3A70000

heap

page read and write

14178F02000

heap

page read and write

389B000

direct allocation

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

14178F04000

heap

page read and write

14178EE8000

heap

page read and write

14179041000

heap

page read and write

14178F0C000

heap

page read and write

14178F03000

heap

page read and write

14178EFE000

heap

page read and write

7B4000

heap

page read and write

14179084000

heap

page read and write

14179043000

heap

page read and write

14178EF1000

heap

page read and write

14177028000

heap

page read and write

141770D7000

heap

page read and write

23D5B9E0000

heap

page read and write

7B4000

heap

page read and write

14178EE8000

heap

page read and write

7B4000

heap

page read and write

14179093000

heap

page read and write

90B000

heap

page read and write

256D000

direct allocation

page read and write

23D5BF10000

heap

page read and write

14178F07000

heap

page read and write

14178F0C000

heap

page read and write

7B4000

heap

page read and write

93C000

heap

page read and write

14178EFE000

heap

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

661D77E000

stack

page read and write

14179042000

heap

page read and write

23D5A065000

heap

page read and write

3B80000

heap

page read and write

7B0000

heap

page read and write

7B4000

heap

page read and write

1417903D000

heap

page read and write

141770DD000

heap

page read and write

7B4000

heap

page read and write

1417905D000

heap

page read and write

141770DE000

heap

page read and write

14178EFA000

heap

page read and write

14178F02000

heap

page read and write

7B4000

heap

page read and write

259A000

direct allocation

page read and write

7FB30000

direct allocation

page read and write

7B4000

heap

page read and write

14177098000

heap

page read and write

7B4000

heap

page read and write

14178ED8000

heap

page read and write

3760000

direct allocation

page read and write

7B4000

heap

page read and write

14178EF6000

heap

page read and write

238E000

direct allocation

page read and write

20CAA7E000

stack

page read and write

14179081000

heap

page read and write

14178FC5000

heap

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

38EB000

direct allocation

page read and write

7B4000

heap

page read and write

141770F2000

heap

page read and write

2319000

direct allocation

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

20CAD7B000

stack

page read and write

23D59FF0000

heap

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

14178EDF000

heap

page read and write

2720000

heap

page read and write

7B4000

heap

page read and write

14178F02000

heap

page read and write

7B4000

heap

page read and write

14179052000

heap

page read and write

7B4000

heap

page read and write

8CEC87C000

stack

page read and write

14178FC5000

heap

page read and write

14178F11000

heap

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

5610000

direct allocation

page read and write

7B4000

heap

page read and write

1417B8DE000

heap

page read and write

141790AD000

heap

page read and write

141770B9000

heap

page read and write

2387000

direct allocation

page read and write

1417DAF0000

heap

page read and write

23D5B9E5000

heap

page read and write

14178FD4000

heap

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

24DF000

direct allocation

page read and write

141770F1000

heap

page read and write

14177020000

heap

page read and write

3614000

direct allocation

page read and write

23D5B9D0000

trusted library allocation

page read and write

7B4000

heap

page read and write

23E1000

direct allocation

page read and write

14178F2C000

heap

page read and write

14178F12000

heap

page read and write

14179037000

heap

page read and write

23D5BBC0000

heap

page read and write

243A000

direct allocation

page read and write

14178F1A000

heap

page read and write

1417902F000

heap

page read and write

1417901B000

heap

page read and write

2584000

direct allocation

page read and write

1417B8DA000

heap

page read and write

7B4000

heap

page read and write

14179037000

heap

page read and write

14178F26000

heap

page read and write

14178F25000

heap

page read and write

D15000

heap

page read and write

7B4000

heap

page read and write

14178F02000

heap

page read and write

233DF7F0000

heap

page read and write

7B4000

heap

page read and write

25BF000

direct allocation

page read and write

141770C8000

heap

page read and write

14178EEA000

heap

page read and write

14178F21000

heap

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

3AEE000

stack

page read and write

234C000

direct allocation

page read and write

2378000

direct allocation

page read and write

7B4000

heap

page read and write

233DF6D7000

heap

page read and write

7B4000

heap

page read and write

93000

stack

page read and write

14178ECB000

heap

page read and write

25CD000

direct allocation

page read and write

24E6000

direct allocation

page read and write

255F000

direct allocation

page read and write

1417907B000

heap

page read and write

14179031000

heap

page read and write

7B4000

heap

page read and write

8CEC97E000

stack

page read and write

14178F22000

heap

page read and write

20CAC7F000

stack

page read and write

400000

unkown

page readonly

14178F15000

heap

page read and write

8CEC8FE000

stack

page read and write

20CAF7B000

stack

page read and write

987000

heap

page read and write

7B4000

heap

page read and write

14178F26000

heap

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

14178F08000

heap

page read and write

8D0000

heap

page read and write

935000

heap

page read and write

14178F09000

heap

page read and write

7B4000

heap

page read and write

141770D2000

heap

page read and write

661D87F000

stack

page read and write

7B4000

heap

page read and write

38A4000

direct allocation

page read and write

7B4000

heap

page read and write

14178F02000

heap

page read and write

7B4000

heap

page read and write

14178EDF000

heap

page read and write

14178F21000

heap

page read and write

14178F2A000

heap

page read and write

7B4000

heap

page read and write

14178F11000

heap

page read and write

14178F1D000

heap

page read and write

7B4000

heap

page read and write

4C4000

unkown

page readonly

35C0000

direct allocation

page read and write

141770B3000

heap

page read and write

23D5A046000

heap

page read and write

7B4000

heap

page read and write

14179035000

heap

page read and write

141770F9000

heap

page read and write

1417905D000

heap

page read and write

7B4000

heap

page read and write

14178F25000

heap

page read and write

4C2000

unkown

page write copy

7B4000

heap

page read and write

401000

unkown

page execute read

7B4000

heap

page read and write

3894000

direct allocation

page read and write

1417B100000

trusted library allocation

page read and write

7B4000

heap

page read and write

14178FB1000

heap

page read and write

18C000

stack

page read and write

7B4000

heap

page read and write

141770CB000

heap

page read and write

14178F1D000

heap

page read and write

661D6FE000

stack

page read and write

14177118000

heap

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

14178F2A000

heap

page read and write

141790A5000

heap

page read and write

7B4000

heap

page read and write

1417B8B0000

heap

page read and write

913000

heap

page read and write

14178FFF000

heap

page read and write

1417903A000

heap

page read and write

141770E4000

heap

page read and write

7B4000

heap

page read and write

14178ED9000

heap

page read and write

3D81000

heap

page read and write

14178ED2000

heap

page read and write

14178FE4000

heap

page read and write

7B4000

heap

page read and write

14178EF1000

heap

page read and write

7B4000

heap

page read and write

14179044000

heap

page read and write

2549000

direct allocation

page read and write

7B4000

heap

page read and write

14178ED0000

heap

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

3875000

direct allocation

page read and write

400000

unkown

page readonly

7B4000

heap

page read and write

91C000

heap

page read and write

7B4000

heap

page read and write

1417B8D0000

heap

page read and write

14178F11000

heap

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

14178F07000

heap

page read and write

14179007000

heap

page read and write

141770ED000

heap

page read and write

7B4000

heap

page read and write

2361000

direct allocation

page read and write

14178EFA000

heap

page read and write

7B4000

heap

page read and write

1417B880000

heap

page read and write

14178EF5000

heap

page read and write

14178F07000

heap

page read and write

7B4000

heap

page read and write

14178EDF000

heap

page read and write

7B4000

heap

page read and write

25B8000

direct allocation

page read and write

1417900F000

heap

page read and write

141770B4000

heap

page read and write

14178F21000

heap

page read and write

14178FFF000

heap

page read and write

141790A6000

heap

page read and write

7B4000

heap

page read and write

233DF6E4000

heap

page read and write

14178ECF000

heap

page read and write

1417B8CD000

heap

page read and write

241D000

direct allocation

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

38F7000

direct allocation

page read and write

23D5A048000

heap

page read and write

3908000

direct allocation

page read and write

7B4000

heap

page read and write

1417903A000

heap

page read and write

1417DF60000

trusted library allocation

page read and write

7B4000

heap

page read and write

3896000

direct allocation

page read and write

2830000

direct allocation

page read and write

237F000

direct allocation

page read and write

14176E90000

heap

page read and write

14178F11000

heap

page read and write

35C0000

direct allocation

page read and write

23D5A029000

heap

page read and write

14178EF1000

heap

page read and write

4B7000

unkown

page write copy

7B4000

heap

page read and write

7B4000

heap

page read and write

14178EE4000

heap

page read and write

141770CD000

heap

page read and write

1417B8B6000

heap

page read and write

14178F02000

heap

page read and write

4B9000

unkown

page read and write

23EA000

direct allocation

page read and write

1417903C000

heap

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

14179088000

heap

page read and write

7B4000

heap

page read and write

14178F12000

heap

page read and write

974000

heap

page read and write

26F0000

direct allocation

page read and write

7B4000

heap

page read and write

233DF660000

heap

page read and write

8CEC9FE000

stack

page read and write

7B4000

heap

page read and write

141770C9000

heap

page read and write

7B4000

heap

page read and write

14178F26000

heap

page read and write

14178EFA000

heap

page read and write

7B4000

heap

page read and write

20CACFE000

stack

page read and write

14178F1D000

heap

page read and write

1417711E000

heap

page read and write

7B4000

heap

page read and write

14178EE4000

heap

page read and write

14178F21000

heap

page read and write

14178F02000

heap

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

141770E7000

heap

page read and write

23D5A04E000

heap

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

38AF000

direct allocation

page read and write

141770E9000

heap

page read and write

14178EDB000

heap

page read and write

14178ED6000

heap

page read and write

240F000

direct allocation

page read and write

661D3FE000

stack

page read and write

14178F18000

heap

page read and write

14178FF9000

heap

page read and write

141770B9000

heap

page read and write

14178F19000

heap

page read and write

2328000

direct allocation

page read and write

2910000

heap

page read and write

14178EFA000

heap

page read and write

14178F11000

heap

page read and write

23D59FF9000

heap

page read and write

7B4000

heap

page read and write

4C0000

unkown

page read and write

7B4000

heap

page read and write

1417E070000

heap

page read and write

141770ED000

heap

page read and write

14178FC7000

heap

page read and write

14178FE8000

heap

page read and write

14178F26000

heap

page read and write

20CAB7D000

stack

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

7B5000

heap

page read and write

14178F11000

heap

page read and write

24FC000

direct allocation

page read and write

3A73000

heap

page read and write

14178EF2000

heap

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

14178EF2000

heap

page read and write

3627000

direct allocation

page read and write

2538000

direct allocation

page read and write

14178EFA000

heap

page read and write

1417B8B0000

heap

page read and write

141770E8000

heap

page read and write

7B4000

heap

page read and write

14178F25000

heap

page read and write

7B4000

heap

page read and write

14178FDC000

heap

page read and write

7B4000

heap

page read and write

3A70000

heap

page read and write

14178EDF000

heap

page read and write

1417B897000

heap

page read and write

14178F02000

heap

page read and write

233D000

direct allocation

page read and write

7B4000

heap

page read and write

3D80000

heap

page read and write

141770E9000

heap

page read and write

2433000

direct allocation

page read and write

7B4000

heap

page read and write

14178ED9000

heap

page read and write

500000

heap

page read and write

14178EF1000

heap

page read and write

14178EDA000

heap

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

1417901F000

heap

page read and write

14179093000

heap

page read and write

37AE000

stack

page read and write

7B4000

heap

page read and write

24C0000

direct allocation

page read and write

7B4000

heap

page read and write

14179042000

heap

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

14178FD4000

heap

page read and write

14178F2B000

heap

page read and write

7B4000

heap

page read and write

14177118000

heap

page read and write

7B4000

heap

page read and write

14178EE9000

heap

page read and write

141789E5000

heap

page read and write

1417B8C5000

heap

page read and write

7B4000

heap

page read and write

14178ED7000

heap

page read and write

141789E0000

heap

page read and write

360A000

direct allocation

page read and write

7B4000

heap

page read and write

14178EE8000

heap

page read and write

1417909D000

heap

page read and write

14178FF2000

heap

page read and write

2770000

heap

page read and write

14178F1C000

heap

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

14179023000

heap

page read and write

919000

heap

page read and write

25D4000

direct allocation

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

14178F10000

heap

page read and write

14178EE4000

heap

page read and write

1417B8CB000

heap

page read and write

7B4000

heap

page read and write

14178F02000

heap

page read and write

141770FD000

heap

page read and write

7B4000

heap

page read and write

141770CF000

heap

page read and write

2310000

direct allocation

page read and write

7B4000

heap

page read and write

14178F15000

heap

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

14178FDC000

heap

page read and write

7B4000

heap

page read and write

232F000

direct allocation

page read and write

7B4000

heap

page read and write

14178F2B000

heap

page read and write

14178EFE000

heap

page read and write

14178EF1000

heap

page read and write

7B4000

heap

page read and write

2353000

direct allocation

page read and write

1417B8A5000

heap

page read and write

25F1000

direct allocation

page read and write

1417B8DC000

heap

page read and write

14178EC0000

heap

page read and write

14179094000

heap

page read and write

25EA000

direct allocation

page read and write

7B4000

heap

page read and write

23D59F30000

heap

page read and write

14178EEC000

heap

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

3BAB000

heap

page read and write

14178F15000

heap

page read and write

7B4000

heap

page read and write

2780000

heap

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

2424000

direct allocation

page read and write

14178F0C000

heap

page read and write

7B4000

heap

page read and write

14178EF1000

heap

page read and write

7B4000

heap

page read and write

3602000

direct allocation

page read and write

401000

unkown

page execute read

14178F19000

heap

page read and write

520000

heap

page read and write

23D5BBC3000

heap

page read and write

7B4000

heap

page read and write

1417904F000

heap

page read and write

14178EF1000

heap

page read and write

14178EF1000

heap

page read and write

25C6000

direct allocation

page read and write

141770E6000

heap

page read and write

1417900B000

heap

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

14178EFE000

heap

page read and write

14178F08000

heap

page read and write

14178F07000

heap

page read and write

14178F15000

heap

page read and write

2730000

direct allocation

page execute and read and write

7B4000

heap

page read and write

24D8000

direct allocation

page read and write

14178EF6000

heap

page read and write

23B8000

direct allocation

page read and write

1417907C000

heap

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

1417907C000

heap

page read and write

141770BE000

heap

page read and write

7B4000

heap

page read and write

23D59F80000

heap

page read and write

141789EE000

heap

page read and write

7B4000

heap

page read and write

25F8000

direct allocation

page read and write

1417903F000

heap

page read and write

14178F15000

heap

page read and write

141770B3000

heap

page read and write

281F000

direct allocation

page read and write

14178F0C000

heap

page read and write

1417900F000

heap

page read and write

7B4000

heap

page read and write

14178F20000

heap

page read and write

23D5B9EE000

heap

page read and write

14178FE0000

heap

page read and write

141789ED000

heap

page read and write

24D1000

direct allocation

page read and write

7B4000

heap

page read and write

141770AE000

heap

page read and write

720000

heap

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

14178EF2000

heap

page read and write

91E000

heap

page read and write

14178EF2000

heap

page read and write

B60000

heap

page read and write

7B4000

heap

page read and write

2408000

direct allocation

page read and write

7B4000

heap

page read and write

141770C5000

heap

page read and write

14178910000

heap

page read and write

14178EDF000

heap

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

14178F1E000

heap

page read and write

255C000

direct allocation

page read and write

141770E1000

heap

page read and write

24F4000

direct allocation

page read and write

7B4000

heap

page read and write

14178F0C000

heap

page read and write

1417909D000

heap

page read and write

14178F0C000

heap

page read and write

7B4000

heap

page read and write

14178FCF000

heap

page read and write

23D5A026000

heap

page read and write

14178FDC000

heap

page read and write

527000

heap

page read and write

7B4000

heap

page read and write

14178EFE000

heap

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

96A000

heap

page read and write

1417907B000

heap

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

14178F2A000

heap

page read and write

7B4000

heap

page read and write

1417B8DB000

heap

page read and write

291A000

direct allocation

page read and write

7B4000

heap

page read and write

8D8000

heap

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

35D0000

direct allocation

page read and write

14178F07000

heap

page read and write

7B4000

heap

page read and write

14178F15000

heap

page read and write

7B4000

heap

page read and write

2416000

direct allocation

page read and write

141770D7000

heap

page read and write

14178EF1000

heap

page read and write

14178F02000

heap

page read and write

14178FF9000

heap

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

23D59F40000

heap

page read and write

14178F20000

heap

page read and write

35D0000

direct allocation

page read and write

14178F32000

heap

page read and write

20CABFE000

stack

page read and write

2345000

direct allocation

page read and write

6CE000

unkown

page read and write

14179064000

heap

page read and write

14178ED6000

heap

page read and write

14178EF1000

heap

page read and write

25E3000

direct allocation

page read and write

141770C1000

heap

page read and write

141770BB000

heap

page read and write

14178F19000

heap

page read and write

14178F0C000

heap

page read and write

7B4000

heap

page read and write

141770C7000

heap

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

14177031000

heap

page read and write

9B000

stack

page read and write

661D379000

stack

page read and write

7B4000

heap

page read and write

141770E5000

heap

page read and write

D19000

heap

page read and write

7B4000

heap

page read and write

242C000

direct allocation

page read and write

D10000

heap

page read and write

1417B8CB000

heap

page read and write

7B4000

heap

page read and write

14178FCF000

heap

page read and write

14178EF6000

heap

page read and write

7B4000

heap

page read and write

1417B8DD000

heap

page read and write

1417904B000

heap

page read and write

14178FCF000

heap

page read and write

1417B8DB000

heap

page read and write

23F1000

direct allocation

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

3A70000

heap

page read and write

1417711E000

heap

page read and write

947000

heap

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

14178ED4000

heap

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

520F000

stack

page read and write

7B4000

heap

page read and write

14178EE8000

heap

page read and write

2371000

direct allocation

page read and write

97D000

heap

page read and write

14178EC5000

heap

page read and write

14179021000

heap

page read and write

14178EFE000

heap

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

14178EFA000

heap

page read and write

141770C7000

heap

page read and write

7B4000

heap

page read and write

233DF945000

heap

page read and write

7B4000

heap

page read and write

1417B8CD000

heap

page read and write

7B4000

heap

page read and write

23D5A02A000

heap

page read and write

14178EF2000

heap

page read and write

1417904D000

heap

page read and write

7B4000

heap

page read and write

14179083000

heap

page read and write

233DF6D0000

heap

page read and write

14178EF8000

heap

page read and write

141770D3000

heap

page read and write

14178EDF000

heap

page read and write

7B4000

heap

page read and write

141770CE000

heap

page read and write

14178ECD000

heap

page read and write

7B4000

heap

page read and write

2783000

heap

page read and write

14178EF1000

heap

page read and write

7B4000

heap

page read and write

661D67E000

stack

page read and write

7B4000

heap

page read and write

14178F1D000

heap

page read and write

2441000

direct allocation

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

14178F21000

heap

page read and write

7B4000

heap

page read and write

995000

heap

page read and write

7B4000

heap

page read and write

4F0000

heap

page read and write

14178F0C000

heap

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

14178F08000

heap

page read and write

14178F02000

heap

page read and write

7B4000

heap

page read and write

1417B8AB000

heap

page read and write

14178ED2000

heap

page read and write

7B4000

heap

page read and write

14178F1D000

heap

page read and write

14179095000

heap

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

14178EEC000

heap

page read and write

14179052000

heap

page read and write

7B4000

heap

page read and write

14178F21000

heap

page read and write

986000

heap

page read and write

14178F26000

heap

page read and write

3A70000

heap

page read and write

7B4000

heap

page read and write

14178F03000

heap

page read and write

23D5A021000

heap

page read and write

1417906A000

heap

page read and write

14176F70000

heap

page read and write

14177114000

heap

page read and write

1417B904000

heap

page read and write

14179093000

heap

page read and write

14179016000

heap

page read and write

1417D492000

trusted library allocation

page read and write

14178FF2000

heap

page read and write

24C9000

direct allocation

page read and write

14178F10000

heap

page read and write

2DC0000

trusted library allocation

page read and write

14178EFE000

heap

page read and write

7B4000

heap

page read and write

14178ED4000

heap

page read and write

1417B895000

heap

page read and write

14178EE8000

heap

page read and write

14178EF6000

heap

page read and write

7B4000

heap

page read and write

5310000

heap

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

2321000

direct allocation

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

20CA7B8000

stack

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

14178EC9000

heap

page read and write

14178FE2000

heap

page read and write

141770EA000

heap

page read and write

38ED000

direct allocation

page read and write

1417711E000

heap

page read and write

141770B9000

heap

page read and write

1417907B000

heap

page read and write

14178EE9000

heap

page read and write

4B7000

unkown

page read and write

2592000

direct allocation

page read and write

2544000

direct allocation

page read and write

14178F0C000

heap

page read and write

7B4000

heap

page read and write

14179088000

heap

page read and write

2448000

direct allocation

page read and write

1417900C000

heap

page read and write

14178EDF000

heap

page read and write

14179037000

heap

page read and write

6DD000

unkown

page read and write

7B4000

heap

page read and write

14178F11000

heap

page read and write

1417B899000

heap

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

2566000

direct allocation

page read and write

7B4000

heap

page read and write

14178F02000

heap

page read and write

14178FEA000

heap

page read and write

14178F26000

heap

page read and write

14178EF4000

heap

page read and write

7B4000

heap

page read and write

23A9000

direct allocation

page read and write

14178F12000

heap

page read and write

7B4000

heap

page read and write

14178ED7000

heap

page read and write

1417B8D8000

heap

page read and write

14179026000

heap

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

530F000

stack

page read and write

7B4000

heap

page read and write

1417B8DB000

heap

page read and write

6D6000

unkown

page read and write

7B4000

heap

page read and write

23F8000

direct allocation

page read and write

7B4000

heap

page read and write

14178F0C000

heap

page read and write

6D9000

unkown

page write copy

23D5DA20000

trusted library allocation

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

14178F26000

heap

page read and write

14178F02000

heap

page read and write

7B4000

heap

page read and write

14178F02000

heap

page read and write

7B4000

heap

page read and write

1417902D000

heap

page read and write

14178F0D000

heap

page read and write

6C7000

unkown

page write copy

14178F26000

heap

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

14178EF4000

heap

page read and write

7B4000

heap

page read and write

14178F07000

heap

page read and write

660000

heap

page read and write

141770D1000

heap

page read and write

7B4000

heap

page read and write

141770C1000

heap

page read and write

7B4000

heap

page read and write

14178F1A000

heap

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

14178F21000

heap

page read and write

14179099000

heap

page read and write

14178F03000

heap

page read and write

14178EB0000

heap

page read and write

14178F19000

heap

page read and write

14178F1E000

heap

page read and write

14177118000

heap

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

14178F1D000

heap

page read and write

14178FB8000

heap

page read and write

1417DF70000

heap

page readonly

7B4000

heap

page read and write

2368000

direct allocation

page read and write

7B4000

heap

page read and write

6C7000

unkown

page read and write

7B4000

heap

page read and write

14178EC8000

heap

page read and write

661D7FF000

stack

page read and write

6DE000

unkown

page readonly

23D1000

direct allocation

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

1417B890000

heap

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

14178F37000

heap

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

1417B8A7000

heap

page read and write

7B4000

heap

page read and write

14178EE4000

heap

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

7FE16000

direct allocation

page read and write

7B4000

heap

page read and write

141770B9000

heap

page read and write

1417909A000

heap

page read and write

24A0000

heap

page read and write

24ED000

direct allocation

page read and write

23D5BAF0000

heap

page read and write

7B4000

heap

page read and write

14178F32000

heap

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

14178F19000

heap

page read and write

7B4000

heap

page read and write

7B4000

heap

page read and write

14179005000

heap

page read and write

14178FB0000

heap

page read and write

7B4000

heap

page read and write

14178913000

heap

page read and write

92C000

heap

page read and write

14178FF2000

heap

page read and write

258B000

direct allocation

page read and write

7B4000

heap

page read and write

6D1000

unkown

page read and write

233DF940000

heap

page read and write

141770FB000

heap

page read and write

1417B911000

heap

page read and write

4C6000

unkown

page readonly

7B4000

heap

page read and write

7B4000

heap

page read and write

There are 929 hidden memdumps, click here to show them.

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC Report
AssinadorSERPRO4.2.1.exe

Files

Processes

URLs

Registry

Memdumps

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC ReportAssinadorSERPRO4.2.1.exe

Files

Processes

URLs

Registry

Memdumps

IOC Report
AssinadorSERPRO4.2.1.exe