Source: rundll32.exe, 00000004.00000002.3788253297.00007FFBA9464000.00000004.00000001.01000000.00000003.sdmp | String found in binary or memory: http://fontello.com |
Source: loaddll64.exe, 00000000.00000002.3788294623.00007FFBA9464000.00000004.00000001.01000000.00000003.sdmp, loaddll64.exe, 00000000.00000003.1347874541.000001C442900000.00000004.00001000.00020000.00000000.sdmp, rundll32.exe, 00000004.00000003.1348219113.000001B6B6570000.00000004.00001000.00020000.00000000.sdmp, rundll32.exe, 00000004.00000002.3788253297.00007FFBA9464000.00000004.00000001.01000000.00000003.sdmp | String found in binary or memory: http://fontello.comCopyright |
Source: loaddll64.exe, 00000000.00000002.3788294623.00007FFBA9464000.00000004.00000001.01000000.00000003.sdmp, loaddll64.exe, 00000000.00000003.1347874541.000001C442900000.00000004.00001000.00020000.00000000.sdmp, rundll32.exe, 00000004.00000003.1348219113.000001B6B6570000.00000004.00001000.00020000.00000000.sdmp, rundll32.exe, 00000004.00000002.3788253297.00007FFBA9464000.00000004.00000001.01000000.00000003.sdmp | String found in binary or memory: http://scripts.sil.org/OFLhttp://scripts.sil.org/OFLInterExtraLightOpen |
Source: loaddll64.exe, 00000000.00000002.3788294623.00007FFBA9464000.00000004.00000001.01000000.00000003.sdmp, loaddll64.exe, 00000000.00000003.1347874541.000001C442900000.00000004.00001000.00020000.00000000.sdmp, rundll32.exe, 00000004.00000003.1348219113.000001B6B6570000.00000004.00001000.00020000.00000000.sdmp, rundll32.exe, 00000004.00000002.3788253297.00007FFBA9464000.00000004.00000001.01000000.00000003.sdmp | String found in binary or memory: http://scripts.sil.org/OFLhttp://scripts.sil.org/OFLInterLightOpen |
Source: loaddll64.exe, 00000000.00000002.3788294623.00007FFBA9464000.00000004.00000001.01000000.00000003.sdmp, loaddll64.exe, 00000000.00000003.1347874541.000001C442900000.00000004.00001000.00020000.00000000.sdmp, rundll32.exe, 00000004.00000003.1348219113.000001B6B6570000.00000004.00001000.00020000.00000000.sdmp, rundll32.exe, 00000004.00000002.3788253297.00007FFBA9464000.00000004.00000001.01000000.00000003.sdmp | String found in binary or memory: http://scripts.sil.org/OFLhttp://scripts.sil.org/OFLInterMediumOpen |
Source: loaddll64.exe, 00000000.00000002.3788294623.00007FFBA9464000.00000004.00000001.01000000.00000003.sdmp, loaddll64.exe, 00000000.00000003.1347874541.000001C442900000.00000004.00001000.00020000.00000000.sdmp, rundll32.exe, 00000004.00000003.1348219113.000001B6B6570000.00000004.00001000.00020000.00000000.sdmp, rundll32.exe, 00000004.00000002.3788253297.00007FFBA9464000.00000004.00000001.01000000.00000003.sdmp | String found in binary or memory: http://scripts.sil.org/OFLhttp://scripts.sil.org/OFLInterSemiBoldOpen |
Source: loaddll64.exe, 00000000.00000002.3788294623.00007FFBA9464000.00000004.00000001.01000000.00000003.sdmp, loaddll64.exe, 00000000.00000003.1347874541.000001C442900000.00000004.00001000.00020000.00000000.sdmp, rundll32.exe, 00000004.00000003.1348219113.000001B6B6570000.00000004.00001000.00020000.00000000.sdmp, rundll32.exe, 00000004.00000002.3788253297.00007FFBA9464000.00000004.00000001.01000000.00000003.sdmp | String found in binary or memory: http://scripts.sil.org/OFLhttp://scripts.sil.org/OFLInterThinOpen |
Source: rundll32.exe, 00000004.00000002.3788253297.00007FFBA9464000.00000004.00000001.01000000.00000003.sdmp | String found in binary or memory: http://scripts.sil.org/OFLhttp://scripts.sil.org/OFLOpen |
Source: loaddll64.exe, 00000000.00000003.1347113703.000001C440D90000.00000004.00001000.00020000.00000000.sdmp, loaddll64.exe, 00000000.00000002.3788249388.00007FFBA93E4000.00000002.00000001.01000000.00000003.sdmp, rundll32.exe, 00000004.00000002.3788213687.00007FFBA93E4000.00000002.00000001.01000000.00000003.sdmp, rundll32.exe, 00000004.00000003.1347485334.000001B6B6570000.00000004.00001000.00020000.00000000.sdmp | String found in binary or memory: https://Mozilla/5.0Failed |
Source: rundll32.exe, 00000004.00000003.1347485334.000001B6B6570000.00000004.00001000.00020000.00000000.sdmp | String found in binary or memory: https://api.github.com/repos/Prax-Client/Releases/releases/latest |
Source: loaddll64.exe, 00000000.00000003.1347113703.000001C440D90000.00000004.00001000.00020000.00000000.sdmp, loaddll64.exe, 00000000.00000002.3788249388.00007FFBA93E4000.00000002.00000001.01000000.00000003.sdmp, rundll32.exe, 00000004.00000002.3788213687.00007FFBA93E4000.00000002.00000001.01000000.00000003.sdmp, rundll32.exe, 00000004.00000003.1347485334.000001B6B6570000.00000004.00001000.00020000.00000000.sdmp | String found in binary or memory: https://api.playhive.com/v0/game/all/ |
Source: loaddll64.exe, 00000000.00000003.1347113703.000001C440D90000.00000004.00001000.00020000.00000000.sdmp, loaddll64.exe, 00000000.00000002.3788249388.00007FFBA93E4000.00000002.00000001.01000000.00000003.sdmp, rundll32.exe, 00000004.00000002.3788213687.00007FFBA93E4000.00000002.00000001.01000000.00000003.sdmp, rundll32.exe, 00000004.00000003.1347485334.000001B6B6570000.00000004.00001000.00020000.00000000.sdmp | String found in binary or memory: https://api.playhive.com/v0/game/all/GetHiveStats: |
Source: rundll32.exe, 00000004.00000003.1347485334.000001B6B6570000.00000004.00001000.00020000.00000000.sdmp | String found in binary or memory: https://cdn.discordapp.com/attachments/1157861980611297410/1163279643168747570/F6_T6MXXoAAH6os.jpg?e |
Source: rundll32.exe, 00000004.00000003.1347485334.000001B6B6570000.00000004.00001000.00020000.00000000.sdmp | String found in binary or memory: https://curl.se/docs/alt-svc.html |
Source: loaddll64.exe, 00000000.00000003.1347113703.000001C440D90000.00000004.00001000.00020000.00000000.sdmp, loaddll64.exe, 00000000.00000002.3788249388.00007FFBA93E4000.00000002.00000001.01000000.00000003.sdmp, rundll32.exe, 00000004.00000002.3788213687.00007FFBA93E4000.00000002.00000001.01000000.00000003.sdmp, rundll32.exe, 00000004.00000003.1347485334.000001B6B6570000.00000004.00001000.00020000.00000000.sdmp | String found in binary or memory: https://curl.se/docs/hsts.html |
Source: loaddll64.exe, 00000000.00000003.1347113703.000001C440D90000.00000004.00001000.00020000.00000000.sdmp, loaddll64.exe, 00000000.00000002.3788249388.00007FFBA93E4000.00000002.00000001.01000000.00000003.sdmp, rundll32.exe, 00000004.00000002.3788213687.00007FFBA93E4000.00000002.00000001.01000000.00000003.sdmp, rundll32.exe, 00000004.00000003.1347485334.000001B6B6570000.00000004.00001000.00020000.00000000.sdmp | String found in binary or memory: https://curl.se/docs/http-cookies.html |
Source: loaddll64.exe, 00000000.00000002.3788294623.00007FFBA9464000.00000004.00000001.01000000.00000003.sdmp, loaddll64.exe, 00000000.00000003.1347874541.000001C442900000.00000004.00001000.00020000.00000000.sdmp, rundll32.exe, 00000004.00000003.1348219113.000001B6B6570000.00000004.00001000.00020000.00000000.sdmp, rundll32.exe, 00000004.00000002.3788253297.00007FFBA9464000.00000004.00000001.01000000.00000003.sdmp | String found in binary or memory: https://github.com/JetBrains/JetBrainsMono)JetBrains |
Source: loaddll64.exe, 00000000.00000003.1347113703.000001C440D90000.00000004.00001000.00020000.00000000.sdmp, loaddll64.exe, 00000000.00000002.3788249388.00007FFBA93E4000.00000002.00000001.01000000.00000003.sdmp, rundll32.exe, 00000004.00000002.3788213687.00007FFBA93E4000.00000002.00000001.01000000.00000003.sdmp, rundll32.exe, 00000004.00000003.1347485334.000001B6B6570000.00000004.00001000.00020000.00000000.sdmp | String found in binary or memory: https://github.com/Prax-Client/Releases/raw/main/banner |
Source: loaddll64.exe, 00000000.00000003.1347113703.000001C440D90000.00000004.00001000.00020000.00000000.sdmp, loaddll64.exe, 00000000.00000002.3788249388.00007FFBA93E4000.00000002.00000001.01000000.00000003.sdmp, rundll32.exe, 00000004.00000002.3788213687.00007FFBA93E4000.00000002.00000001.01000000.00000003.sdmp, rundll32.exe, 00000004.00000003.1347485334.000001B6B6570000.00000004.00001000.00020000.00000000.sdmp | String found in binary or memory: https://github.com/Prax-Client/Releases/raw/main/bannerstart_screenhud_screentextures/ui/titletextur |
Source: rundll32.exe, 00000004.00000003.1347485334.000001B6B6570000.00000004.00001000.00020000.00000000.sdmp | String found in binary or memory: https://github.com/Prax-Client/Releases/raw/main/fardreverb.wav |
Source: loaddll64.exe, 00000000.00000003.1347113703.000001C440D90000.00000004.00001000.00020000.00000000.sdmp, loaddll64.exe, 00000000.00000002.3788249388.00007FFBA93E4000.00000002.00000001.01000000.00000003.sdmp, rundll32.exe, 00000004.00000002.3788213687.00007FFBA93E4000.00000002.00000001.01000000.00000003.sdmp, rundll32.exe, 00000004.00000003.1347485334.000001B6B6570000.00000004.00001000.00020000.00000000.sdmp | String found in binary or memory: https://github.com/Prax-Client/Releases/raw/main/killsound.wav |
Source: loaddll64.exe, 00000000.00000003.1347113703.000001C440D90000.00000004.00001000.00020000.00000000.sdmp, loaddll64.exe, 00000000.00000002.3788249388.00007FFBA93E4000.00000002.00000001.01000000.00000003.sdmp, rundll32.exe, 00000004.00000002.3788213687.00007FFBA93E4000.00000002.00000001.01000000.00000003.sdmp, rundll32.exe, 00000004.00000003.1347485334.000001B6B6570000.00000004.00001000.00020000.00000000.sdmp | String found in binary or memory: https://github.com/Prax-Client/Releases/raw/main/killsound.wavCreated |
Source: rundll32.exe, 00000004.00000002.3788253297.00007FFBA9464000.00000004.00000001.01000000.00000003.sdmp | String found in binary or memory: https://github.com/rsms/inter)Inter |
Source: loaddll64.exe, 00000000.00000002.3788294623.00007FFBA9464000.00000004.00000001.01000000.00000003.sdmp, loaddll64.exe, 00000000.00000003.1347874541.000001C442900000.00000004.00001000.00020000.00000000.sdmp, rundll32.exe, 00000004.00000003.1348219113.000001B6B6570000.00000004.00001000.00020000.00000000.sdmp, rundll32.exe, 00000004.00000002.3788253297.00007FFBA9464000.00000004.00000001.01000000.00000003.sdmp | String found in binary or memory: https://github.com/rsms/inter)InterBold3.019;RSMS;Inter-BoldInter |
Source: loaddll64.exe, 00000000.00000002.3788294623.00007FFBA9464000.00000004.00000001.01000000.00000003.sdmp, loaddll64.exe, 00000000.00000003.1347874541.000001C442900000.00000004.00001000.00020000.00000000.sdmp, rundll32.exe, 00000004.00000003.1348219113.000001B6B6570000.00000004.00001000.00020000.00000000.sdmp, rundll32.exe, 00000004.00000002.3788253297.00007FFBA9464000.00000004.00000001.01000000.00000003.sdmp | String found in binary or memory: https://github.com/rsms/inter)InterRegular3.019;RSMS;Inter-RegularInter |
Source: loaddll64.exe, 00000000.00000003.1347113703.000001C440D90000.00000004.00001000.00020000.00000000.sdmp, loaddll64.exe, 00000000.00000002.3788249388.00007FFBA93E4000.00000002.00000001.01000000.00000003.sdmp, rundll32.exe, 00000004.00000002.3788213687.00007FFBA93E4000.00000002.00000001.01000000.00000003.sdmp, rundll32.exe, 00000004.00000003.1347485334.000001B6B6570000.00000004.00001000.00020000.00000000.sdmp | String found in binary or memory: https://peoplehub-public.xboxlive.com/people/gt( |
Source: loaddll64.exe, 00000000.00000003.1347113703.000001C440D90000.00000004.00001000.00020000.00000000.sdmp, loaddll64.exe, 00000000.00000002.3788249388.00007FFBA93E4000.00000002.00000001.01000000.00000003.sdmp, rundll32.exe, 00000004.00000002.3788213687.00007FFBA93E4000.00000002.00000001.01000000.00000003.sdmp, rundll32.exe, 00000004.00000003.1347485334.000001B6B6570000.00000004.00001000.00020000.00000000.sdmp | String found in binary or memory: https://peoplehub-public.xboxlive.com/people/gt(Rtn: |
Source: rundll32.exe, 00000004.00000002.3788253297.00007FFBA9464000.00000004.00000001.01000000.00000003.sdmp | String found in binary or memory: https://rsms.me/This |
Source: loaddll64.exe, 00000000.00000002.3788294623.00007FFBA9464000.00000004.00000001.01000000.00000003.sdmp, loaddll64.exe, 00000000.00000003.1347874541.000001C442900000.00000004.00001000.00020000.00000000.sdmp, rundll32.exe, 00000004.00000003.1348219113.000001B6B6570000.00000004.00001000.00020000.00000000.sdmp, rundll32.exe, 00000004.00000002.3788253297.00007FFBA9464000.00000004.00000001.01000000.00000003.sdmp | String found in binary or memory: https://scripts.sil.org/OFLhttps://scripts.sil.org/OFL |
Source: loaddll64.exe, 00000000.00000002.3788294623.00007FFBA9464000.00000004.00000001.01000000.00000003.sdmp, loaddll64.exe, 00000000.00000003.1347874541.000001C442900000.00000004.00001000.00020000.00000000.sdmp, rundll32.exe, 00000004.00000003.1348219113.000001B6B6570000.00000004.00001000.00020000.00000000.sdmp, rundll32.exe, 00000004.00000002.3788253297.00007FFBA9464000.00000004.00000001.01000000.00000003.sdmp | String found in binary or memory: https://www.jetbrains.comhttps://www.jetbrains.comThis |
Source: loaddll64.exe, 00000000.00000003.1347113703.000001C440D90000.00000004.00001000.00020000.00000000.sdmp, loaddll64.exe, 00000000.00000002.3788249388.00007FFBA93E4000.00000002.00000001.01000000.00000003.sdmp, rundll32.exe, 00000004.00000002.3788213687.00007FFBA93E4000.00000002.00000001.01000000.00000003.sdmp, rundll32.exe, 00000004.00000003.1347485334.000001B6B6570000.00000004.00001000.00020000.00000000.sdmp | String found in binary or memory: https://yiffing.zone/sounds/click.wav |
Source: loaddll64.exe, 00000000.00000003.1347113703.000001C440D90000.00000004.00001000.00020000.00000000.sdmp, loaddll64.exe, 00000000.00000002.3788249388.00007FFBA93E4000.00000002.00000001.01000000.00000003.sdmp, rundll32.exe, 00000004.00000002.3788213687.00007FFBA93E4000.00000002.00000001.01000000.00000003.sdmp, rundll32.exe, 00000004.00000003.1347485334.000001B6B6570000.00000004.00001000.00020000.00000000.sdmp | String found in binary or memory: https://yiffing.zone/sounds/click.wavhttps://yiffing.zone/sounds/notify_off.wavhttps://yiffing.zone/ |
Source: loaddll64.exe, 00000000.00000003.1347113703.000001C440D90000.00000004.00001000.00020000.00000000.sdmp, loaddll64.exe, 00000000.00000002.3788249388.00007FFBA93E4000.00000002.00000001.01000000.00000003.sdmp, rundll32.exe, 00000004.00000002.3788213687.00007FFBA93E4000.00000002.00000001.01000000.00000003.sdmp, rundll32.exe, 00000004.00000003.1347485334.000001B6B6570000.00000004.00001000.00020000.00000000.sdmp | String found in binary or memory: https://yiffing.zone/sounds/notify_off.wav |
Source: loaddll64.exe, 00000000.00000003.1347113703.000001C440D90000.00000004.00001000.00020000.00000000.sdmp, loaddll64.exe, 00000000.00000002.3788249388.00007FFBA93E4000.00000002.00000001.01000000.00000003.sdmp, rundll32.exe, 00000004.00000002.3788213687.00007FFBA93E4000.00000002.00000001.01000000.00000003.sdmp, rundll32.exe, 00000004.00000003.1347485334.000001B6B6570000.00000004.00001000.00020000.00000000.sdmp | String found in binary or memory: https://yiffing.zone/sounds/notify_on.wav |
Source: C:\Windows\System32\loaddll64.exe | Section loaded: apphelp.dll | Jump to behavior |
Source: C:\Windows\System32\loaddll64.exe | Section loaded: d3d11.dll | Jump to behavior |
Source: C:\Windows\System32\loaddll64.exe | Section loaded: d2d1.dll | Jump to behavior |
Source: C:\Windows\System32\loaddll64.exe | Section loaded: wininet.dll | Jump to behavior |
Source: C:\Windows\System32\loaddll64.exe | Section loaded: d3dcompiler_47.dll | Jump to behavior |
Source: C:\Windows\System32\loaddll64.exe | Section loaded: dxgi.dll | Jump to behavior |
Source: C:\Windows\System32\loaddll64.exe | Section loaded: cryptsp.dll | Jump to behavior |
Source: C:\Windows\System32\loaddll64.exe | Section loaded: secur32.dll | Jump to behavior |
Source: C:\Windows\System32\loaddll64.exe | Section loaded: sspicli.dll | Jump to behavior |
Source: C:\Windows\System32\loaddll64.exe | Section loaded: iphlpapi.dll | Jump to behavior |
Source: C:\Windows\System32\loaddll64.exe | Section loaded: kernel.appcore.dll | Jump to behavior |
Source: C:\Windows\System32\loaddll64.exe | Section loaded: xaudio2_9.dll | Jump to behavior |
Source: C:\Windows\System32\loaddll64.exe | Section loaded: mmdevapi.dll | Jump to behavior |
Source: C:\Windows\System32\loaddll64.exe | Section loaded: avrt.dll | Jump to behavior |
Source: C:\Windows\System32\loaddll64.exe | Section loaded: devobj.dll | Jump to behavior |
Source: C:\Windows\System32\loaddll64.exe | Section loaded: audioses.dll | Jump to behavior |
Source: C:\Windows\System32\loaddll64.exe | Section loaded: powrprof.dll | Jump to behavior |
Source: C:\Windows\System32\loaddll64.exe | Section loaded: umpdc.dll | Jump to behavior |
Source: C:\Windows\System32\loaddll64.exe | Section loaded: resourcepolicyclient.dll | Jump to behavior |