Source: mkcert.exe, 00000000.00000002.45465693897.0000000006542000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: http://crl.comodoca.com/AAACertificateServices.crl06 |
Source: mkcert.exe, 00000000.00000002.45465693897.0000000006542000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: http://crl.globalsign.net/root-r2.crl0 |
Source: mkcert.exe, 00000000.00000002.45470383068.00000000091C0000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: http://ctldl.windowsupdate.com/ |
Source: mkcert.exe, 00000000.00000002.45470383068.00000000091C0000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en |
Source: mkcert.exe, 00000000.00000002.45465693897.0000000006542000.00000004.00000020.00020000.00000000.sdmp, 77EC63BDA74BD0D0E0426DC8F80085060.0.dr |
String found in binary or memory: http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab |
Source: mkcert.exe, 00000000.00000002.45458850665.0000000001451000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab?d8b920fd93066 |
Source: mkcert.exe, 00000000.00000002.45470383068.00000000091C0000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: http://ctldl.windowsupdate.com:80/msdownload/update/v3/static/trustedr/en/authrootstl.cab?d8b920fd93 |
Source: mkcert.exe, 00000000.00000002.45462514529.0000000004177000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://nuget.org/NuGet.exe |
Source: mkcert.exe, 00000000.00000002.45459917591.000000000325B000.00000004.00000800.00020000.00000000.sdmp, mkcert.exe, 00000000.00000002.45458850665.0000000001451000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: http://pesterbdd.com/images/Pester.png |
Source: mkcert.exe, 00000000.00000002.45459917591.000000000325B000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://schemas.xmlsoap.org/soap/encoding/ |
Source: mkcert.exe, 00000000.00000002.45459917591.0000000003101000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name |
Source: mkcert.exe, 00000000.00000002.45459917591.000000000325B000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://schemas.xmlsoap.org/wsdl/ |
Source: mkcert.exe, 00000000.00000002.45459917591.000000000325B000.00000004.00000800.00020000.00000000.sdmp, mkcert.exe, 00000000.00000002.45458850665.0000000001451000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0.html |
Source: mkcert.exe, 00000000.00000002.45471004196.0000000009281000.00000004.00000020.00020000.00000000.sdmp, mkcert.exe, 00000000.00000002.45465693897.0000000006542000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: http://www.quovadis.bm0 |
Source: mkcert.exe, 00000000.00000002.45462514529.0000000004177000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: https://contoso.com/ |
Source: mkcert.exe, 00000000.00000002.45462514529.0000000004177000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: https://contoso.com/Icon |
Source: mkcert.exe, 00000000.00000002.45462514529.0000000004177000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: https://contoso.com/License |
Source: mkcert.exe, 00000000.00000002.45459917591.000000000325B000.00000004.00000800.00020000.00000000.sdmp, mkcert.exe, 00000000.00000002.45458850665.0000000001451000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://github.com/Pester/Pester |
Source: mkcert.exe, 00000000.00000002.45462514529.0000000004177000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: https://nuget.org/nuget.exe |
Source: mkcert.exe, 00000000.00000002.45471004196.0000000009281000.00000004.00000020.00020000.00000000.sdmp, mkcert.exe, 00000000.00000002.45465693897.0000000006542000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://ocsp.quovadisoffshore.com0 |
Source: C:\Users\user\Desktop\mkcert.exe |
Code function: 0_2_016B8580 |
0_2_016B8580 |
Source: C:\Users\user\Desktop\mkcert.exe |
Code function: 0_2_016BECB8 |
0_2_016BECB8 |
Source: C:\Users\user\Desktop\mkcert.exe |
Code function: 0_2_016B5B60 |
0_2_016B5B60 |
Source: C:\Users\user\Desktop\mkcert.exe |
Code function: 0_2_016B8580 |
0_2_016B8580 |
Source: C:\Users\user\Desktop\mkcert.exe |
Code function: 0_2_07AC3C00 |
0_2_07AC3C00 |
Source: C:\Users\user\Desktop\mkcert.exe |
Code function: 0_2_07AC3C10 |
0_2_07AC3C10 |
Source: C:\Users\user\Desktop\mkcert.exe |
Code function: 0_2_07AEEE72 |
0_2_07AEEE72 |
Source: C:\Users\user\Desktop\mkcert.exe |
Code function: 0_2_07AED868 |
0_2_07AED868 |
Source: C:\Users\user\Desktop\mkcert.exe |
Code function: 0_2_07AE15A9 |
0_2_07AE15A9 |
Source: C:\Users\user\Desktop\mkcert.exe |
Code function: 0_2_07AE15B8 |
0_2_07AE15B8 |
Source: C:\Users\user\Desktop\mkcert.exe |
Code function: 0_2_07AF4098 |
0_2_07AF4098 |
Source: C:\Users\user\Desktop\mkcert.exe |
Code function: 0_2_07AF6FA8 |
0_2_07AF6FA8 |
Source: C:\Users\user\Desktop\mkcert.exe |
Code function: 0_2_07AF07C8 |
0_2_07AF07C8 |
Source: C:\Users\user\Desktop\mkcert.exe |
Code function: 0_2_07AF4E38 |
0_2_07AF4E38 |
Source: C:\Users\user\Desktop\mkcert.exe |
Code function: 0_2_07AF84A8 |
0_2_07AF84A8 |
Source: C:\Users\user\Desktop\mkcert.exe |
Code function: 0_2_07AF5CC0 |
0_2_07AF5CC0 |
Source: C:\Users\user\Desktop\mkcert.exe |
Code function: 0_2_07AF5388 |
0_2_07AF5388 |
Source: C:\Users\user\Desktop\mkcert.exe |
Code function: 0_2_07AF7AA8 |
0_2_07AF7AA8 |
Source: C:\Users\user\Desktop\mkcert.exe |
Code function: 0_2_07AF9A68 |
0_2_07AF9A68 |
Source: C:\Users\user\Desktop\mkcert.exe |
Code function: 0_2_07AF9240 |
0_2_07AF9240 |
Source: C:\Users\user\Desktop\mkcert.exe |
Code function: 0_2_07AF1000 |
0_2_07AF1000 |
Source: C:\Users\user\Desktop\mkcert.exe |
Code function: 0_2_07B877D8 |
0_2_07B877D8 |
Source: C:\Users\user\Desktop\mkcert.exe |
Code function: 0_2_07B8E738 |
0_2_07B8E738 |
Source: C:\Users\user\Desktop\mkcert.exe |
Code function: 0_2_07B8DF48 |
0_2_07B8DF48 |
Source: C:\Users\user\Desktop\mkcert.exe |
Code function: 0_2_07B8A612 |
0_2_07B8A612 |
Source: C:\Users\user\Desktop\mkcert.exe |
Code function: 0_2_07B89335 |
0_2_07B89335 |
Source: C:\Users\user\Desktop\mkcert.exe |
Code function: 0_2_07B87B70 |
0_2_07B87B70 |
Source: C:\Users\user\Desktop\mkcert.exe |
Code function: 0_2_07B88900 |
0_2_07B88900 |
Source: C:\Users\user\Desktop\mkcert.exe |
Code function: 0_2_07B88D04 |
0_2_07B88D04 |
Source: C:\Users\user\Desktop\mkcert.exe |
Code function: 0_2_07B88CFB |
0_2_07B88CFB |
Source: C:\Users\user\Desktop\mkcert.exe |
Code function: 0_2_07B8F1F0 |
0_2_07B8F1F0 |
Source: C:\Users\user\Desktop\mkcert.exe |
Code function: 0_2_07B888F1 |
0_2_07B888F1 |
Source: C:\Users\user\Desktop\mkcert.exe |
Code function: 0_2_07B90040 |
0_2_07B90040 |
Source: C:\Users\user\Desktop\mkcert.exe |
Code function: 0_2_07ACD580 |
0_2_07ACD580 |
Source: C:\Users\user\Desktop\mkcert.exe |
Code function: 0_2_07ACCE21 |
0_2_07ACCE21 |
Source: C:\Users\user\Desktop\mkcert.exe |
Section loaded: mscoree.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Section loaded: apphelp.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Section loaded: kernel.appcore.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Section loaded: version.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Section loaded: vcruntime140_clr0400.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Section loaded: ucrtbase_clr0400.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Section loaded: edgegdi.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Section loaded: cryptsp.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Section loaded: rsaenh.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Section loaded: cryptbase.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Section loaded: wldp.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Section loaded: msasn1.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Section loaded: msisip.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Section loaded: wshext.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Section loaded: appxsip.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Section loaded: opcservices.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Section loaded: urlmon.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Section loaded: xmllite.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Section loaded: iertutil.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Section loaded: srvcli.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Section loaded: netutils.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Section loaded: windows.storage.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Section loaded: profapi.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Section loaded: secur32.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Section loaded: sspicli.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Section loaded: amsi.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Section loaded: userenv.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Section loaded: gpapi.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Section loaded: propsys.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Section loaded: wininet.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Section loaded: kdscli.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Section loaded: certca.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Section loaded: certpkicmdlet.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Section loaded: ncrypt.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Section loaded: certenroll.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Section loaded: dsparse.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Section loaded: dpapi.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Section loaded: ntasn1.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Section loaded: ncryptprov.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Section loaded: ngcksp.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Section loaded: pcpksp.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Section loaded: ntmarta.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Section loaded: tbs.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Section loaded: scksp.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Section loaded: credui.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Section loaded: winscard.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Section loaded: devobj.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Section loaded: dssenh.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Section loaded: basecsp.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Section loaded: winsta.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Section loaded: cryptnet.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Section loaded: iphlpapi.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Section loaded: winnsi.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Section loaded: winhttp.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Section loaded: ondemandconnroutehelper.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Section loaded: mswsock.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Section loaded: dhcpcsvc6.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Section loaded: dhcpcsvc.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Section loaded: webio.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Section loaded: dnsapi.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Section loaded: rasadhlp.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Section loaded: fwpuclnt.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Section loaded: cabinet.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: mkcert.exe, 00000000.00000002.45459917591.000000000325B000.00000004.00000800.00020000.00000000.sdmp |
Binary or memory string: Remove-NetEventVmNetworkAdapter |
Source: mkcert.exe, 00000000.00000002.45458850665.0000000001451000.00000004.00000020.00020000.00000000.sdmp |
Binary or memory string: FMSFT_NetEventVmNetworkAdatper.cdxml |
Source: mkcert.exe, 00000000.00000002.45459917591.000000000325B000.00000004.00000800.00020000.00000000.sdmp |
Binary or memory string: Add-NetEventVmNetworkAdapter |
Source: mkcert.exe, 00000000.00000002.45470831762.0000000009259000.00000004.00000020.00020000.00000000.sdmp, mkcert.exe, 00000000.00000002.45471004196.00000000092AE000.00000004.00000020.00020000.00000000.sdmp |
Binary or memory string: Hyper-V RAW |
Source: mkcert.exe, 00000000.00000002.45470831762.0000000009267000.00000004.00000020.00020000.00000000.sdmp |
Binary or memory string: Hyper-V RAWen-USn |
Source: mkcert.exe, 00000000.00000002.45458850665.0000000001451000.00000004.00000020.00020000.00000000.sdmp |
Binary or memory string: VMSFT_NetEventVmNetworkAdatper.format.ps1xml |
Source: mkcert.exe, 00000000.00000002.45459917591.000000000325B000.00000004.00000800.00020000.00000000.sdmp |
Binary or memory string: Get-NetEventVmNetworkAdapter |
Source: C:\Users\user\Desktop\mkcert.exe |
Queries volume information: C:\Users\user\Desktop\mkcert.exe VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Automation\v4.0_3.0.0.0__31bf3856ad364e35\System.Management.Automation.dll VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.PowerShell.ConsoleHost\v4.0_3.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.ConsoleHost.dll VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Utility\v4.0_3.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Commands.Utility.dll VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.PowerShell.Security\v4.0_3.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Security.dll VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.WSMan.Management\v4.0_3.0.0.0__31bf3856ad364e35\Microsoft.WSMan.Management.dll VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Queries volume information: C:\ VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0213~31bf3856ad364e35~amd64~~10.0.19041.1151.cat VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0213~31bf3856ad364e35~amd64~~10.0.19041.1151.cat VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-GroupPolicy-ClientTools-WOW64-Package~31bf3856ad364e35~amd64~~10.0.19041.746.cat VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-AppManagement-AppV-WOW64-Package~31bf3856ad364e35~amd64~~10.0.19041.1151.cat VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Core\v4.0_4.0.0.0__b77a5c561934e089\System.Core.dll VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Queries volume information: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\AppvClient\Microsoft.AppV.AppVClientPowerShell.dll VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SecureStartup-Subsystem-WOW64-Package~31bf3856ad364e35~amd64~en-US~10.0.19041.1.cat VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Queries volume information: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\BitLocker\Microsoft.BitLocker.Structures.dll VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package02~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package02~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package02~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package02~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0013~31bf3856ad364e35~amd64~~10.0.19041.1151.cat VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0214~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\Microsoft.KeyDistributionService.Cmdlets\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.KeyDistributionService.Cmdlets.dll VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\Microsoft.KeyDistributionService.Cmdlets\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.KeyDistributionService.Cmdlets.dll VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\Microsoft.KeyDistributionService.Cmdlets\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.KeyDistributionService.Cmdlets.dll VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package02~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package02~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package02~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package02~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package02~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package02~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package02~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package02~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package02~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package02~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package02~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0214~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0214~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0214~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\Microsoft.CertificateServices.PKIClient.Cmdlets\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.CertificateServices.PKIClient.Cmdlets.dll VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\Microsoft.CertificateServices.PKIClient.Cmdlets\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.CertificateServices.PKIClient.Cmdlets.dll VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\mkcert.exe |
Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\Microsoft.CertificateServices.PKIClient.Cmdlets\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.CertificateServices.PKIClient.Cmdlets.dll VolumeInformation |
Jump to behavior |