| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 4x nop then jmp 0141F7A1h |
3_2_0141F502 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 4x nop then mov dword ptr [ebp-14h], 00000000h |
3_2_0141EA08 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 4x nop then jmp 05A9CC61h |
3_2_05A9C9B8 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 4x nop then jmp 05A91C31h |
3_2_05A91980 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 4x nop then jmp 05A9FC29h |
3_2_05A9F980 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 4x nop then jmp 05A92658h |
3_2_05A92586 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 4x nop then jmp 05A92091h |
3_2_05A91DE0 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 4x nop then jmp 05A9F7D1h |
3_2_05A9F528 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 4x nop then jmp 05A917D1h |
3_2_05A91520 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 4x nop then jmp 05A9C3B1h |
3_2_05A9C108 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 4x nop then jmp 05A9C809h |
3_2_05A9C560 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 4x nop then jmp 05A91371h |
3_2_05A910C0 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 4x nop then jmp 05A9F379h |
3_2_05A9F0D0 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 4x nop then jmp 05A9EAC9h |
3_2_05A9E820 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 4x nop then jmp 05A90F11h |
3_2_05A90C60 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 4x nop then jmp 05A9EF21h |
3_2_05A9EC78 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 4x nop then jmp 05A9021Dh |
3_2_05A90040 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 4x nop then jmp 05A90BA7h |
3_2_05A90040 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 4x nop then jmp 05A9E671h |
3_2_05A9E3C8 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 4x nop then jmp 05A9DDC1h |
3_2_05A9DB18 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 4x nop then jmp 05A9E219h |
3_2_05A9DF70 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 4x nop then jmp 05A9D969h |
3_2_05A9D6C0 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 4x nop then jmp 05A9D0B9h |
3_2_05A9CE10 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 4x nop then jmp 05A9D511h |
3_2_05A9D268 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 4x nop then jmp 05A92658h |
3_2_05A92240 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 4x nop then jmp 06BD8D95h |
3_2_06BD8A58 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 4x nop then jmp 06BD6169h |
3_2_06BD5EC0 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 4x nop then jmp 06BD88A9h |
3_2_06BD8600 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 4x nop then jmp 06BD5D11h |
3_2_06BD5A68 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 4x nop then jmp 06BD6E71h |
3_2_06BD6BC8 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 4x nop then jmp 06BD65C1h |
3_2_06BD6318 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 4x nop then jmp 06BD6A19h |
3_2_06BD6770 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 4x nop then jmp 06BD774Ah |
3_2_06BD74A0 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 4x nop then jmp 06BD0741h |
3_2_06BD0498 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 4x nop then jmp 06BD7BA1h |
3_2_06BD78F8 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 4x nop then jmp 06BD0B99h |
3_2_06BD08F0 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 4x nop then jmp 06BD72C9h |
3_2_06BD7020 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 4x nop then lea esp, dword ptr [ebp-04h] |
3_2_06BD3808 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 4x nop then lea esp, dword ptr [ebp-04h] |
3_2_06BD3803 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 4x nop then jmp 06BD02E9h |
3_2_06BD0040 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 4x nop then jmp 06BD8451h |
3_2_06BD81A8 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 4x nop then jmp 06BD1449h |
3_2_06BD11A0 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 4x nop then jmp 06BD5891h |
3_2_06BD55E8 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 4x nop then jmp 06BD7FF9h |
3_2_06BD7D50 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 4x nop then jmp 06BD0FF1h |
3_2_06BD0D48 |
| Source: global traffic |
HTTP traffic detected: GET /xml/102.129.152.231 HTTP/1.1Host: reallyfreegeoip.orgConnection: Keep-Alive |
| Source: global traffic |
HTTP traffic detected: GET /xml/102.129.152.231 HTTP/1.1Host: reallyfreegeoip.org |
| Source: global traffic |
HTTP traffic detected: GET /xml/102.129.152.231 HTTP/1.1Host: reallyfreegeoip.orgConnection: Keep-Alive |
| Source: global traffic |
HTTP traffic detected: GET /xml/102.129.152.231 HTTP/1.1Host: reallyfreegeoip.orgConnection: Keep-Alive |
| Source: global traffic |
HTTP traffic detected: GET /xml/102.129.152.231 HTTP/1.1Host: reallyfreegeoip.org |
| Source: global traffic |
HTTP traffic detected: GET /xml/102.129.152.231 HTTP/1.1Host: reallyfreegeoip.orgConnection: Keep-Alive |
| Source: global traffic |
HTTP traffic detected: GET /xml/102.129.152.231 HTTP/1.1Host: reallyfreegeoip.org |
| Source: global traffic |
HTTP traffic detected: GET /xml/102.129.152.231 HTTP/1.1Host: reallyfreegeoip.orgConnection: Keep-Alive |
| Source: global traffic |
HTTP traffic detected: GET /_send_.php?TS HTTP/1.1Host: scratchdreams.tkConnection: Keep-Alive |
| Source: global traffic |
HTTP traffic detected: GET / HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2; .NET CLR1.0.3705;)Host: checkip.dyndns.orgConnection: Keep-Alive |
| Source: global traffic |
HTTP traffic detected: GET / HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2; .NET CLR1.0.3705;)Host: checkip.dyndns.org |
| Source: global traffic |
HTTP traffic detected: GET / HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2; .NET CLR1.0.3705;)Host: checkip.dyndns.org |
| Source: global traffic |
HTTP traffic detected: GET / HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2; .NET CLR1.0.3705;)Host: checkip.dyndns.org |
| Source: global traffic |
HTTP traffic detected: GET / HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2; .NET CLR1.0.3705;)Host: checkip.dyndns.orgConnection: Keep-Alive |
| Source: global traffic |
HTTP traffic detected: GET / HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2; .NET CLR1.0.3705;)Host: checkip.dyndns.orgConnection: Keep-Alive |
| Source: global traffic |
HTTP traffic detected: GET / HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2; .NET CLR1.0.3705;)Host: checkip.dyndns.orgConnection: Keep-Alive |
| Source: global traffic |
HTTP traffic detected: GET / HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2; .NET CLR1.0.3705;)Host: checkip.dyndns.orgConnection: Keep-Alive |
| Source: global traffic |
HTTP traffic detected: GET / HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2; .NET CLR1.0.3705;)Host: checkip.dyndns.orgConnection: Keep-Alive |
| Source: 58208 Teklif.exe, 00000003.00000002.3769706051.0000000002FAA000.00000004.00000800.00020000.00000000.sdmp, 58208 Teklif.exe, 00000003.00000002.3769706051.00000000030A2000.00000004.00000800.00020000.00000000.sdmp, 58208 Teklif.exe, 00000003.00000002.3769706051.0000000003059000.00000004.00000800.00020000.00000000.sdmp, 58208 Teklif.exe, 00000003.00000002.3769706051.000000000303D000.00000004.00000800.00020000.00000000.sdmp, 58208 Teklif.exe, 00000003.00000002.3769706051.000000000304B000.00000004.00000800.00020000.00000000.sdmp, 58208 Teklif.exe, 00000003.00000002.3769706051.0000000003093000.00000004.00000800.00020000.00000000.sdmp, 58208 Teklif.exe, 00000003.00000002.3769706051.0000000003066000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://checkip.dyndns.com |
| Source: 58208 Teklif.exe, 00000003.00000002.3769706051.0000000002FAA000.00000004.00000800.00020000.00000000.sdmp, 58208 Teklif.exe, 00000003.00000002.3769706051.00000000030A2000.00000004.00000800.00020000.00000000.sdmp, 58208 Teklif.exe, 00000003.00000002.3769706051.0000000003059000.00000004.00000800.00020000.00000000.sdmp, 58208 Teklif.exe, 00000003.00000002.3769706051.0000000002FED000.00000004.00000800.00020000.00000000.sdmp, 58208 Teklif.exe, 00000003.00000002.3769706051.0000000002F98000.00000004.00000800.00020000.00000000.sdmp, 58208 Teklif.exe, 00000003.00000002.3769706051.000000000303D000.00000004.00000800.00020000.00000000.sdmp, 58208 Teklif.exe, 00000003.00000002.3769706051.000000000304B000.00000004.00000800.00020000.00000000.sdmp, 58208 Teklif.exe, 00000003.00000002.3769706051.0000000003074000.00000004.00000800.00020000.00000000.sdmp, 58208 Teklif.exe, 00000003.00000002.3769706051.0000000003093000.00000004.00000800.00020000.00000000.sdmp, 58208 Teklif.exe, 00000003.00000002.3769706051.0000000003066000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://checkip.dyndns.org |
| Source: 58208 Teklif.exe, 00000003.00000002.3769706051.0000000002EE1000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://checkip.dyndns.org/ |
| Source: 58208 Teklif.exe, 00000000.00000002.1320427811.000000000438E000.00000004.00000800.00020000.00000000.sdmp, 58208 Teklif.exe, 00000003.00000002.3764622818.0000000000402000.00000040.00000400.00020000.00000000.sdmp |
String found in binary or memory: http://checkip.dyndns.org/q |
| Source: 58208 Teklif.exe |
String found in binary or memory: http://crl.comodoca.com/COMODORSACertificationAuthority.crl0q |
| Source: 58208 Teklif.exe |
String found in binary or memory: http://crl.comodoca.com/COMODORSACodeSigningCA.crl0t |
| Source: 58208 Teklif.exe |
String found in binary or memory: http://ocsp.comodoca.com0 |
| Source: 58208 Teklif.exe, 00000003.00000002.3769706051.00000000030A2000.00000004.00000800.00020000.00000000.sdmp, 58208 Teklif.exe, 00000003.00000002.3769706051.0000000002FC3000.00000004.00000800.00020000.00000000.sdmp, 58208 Teklif.exe, 00000003.00000002.3769706051.0000000003059000.00000004.00000800.00020000.00000000.sdmp, 58208 Teklif.exe, 00000003.00000002.3769706051.000000000303D000.00000004.00000800.00020000.00000000.sdmp, 58208 Teklif.exe, 00000003.00000002.3769706051.000000000304B000.00000004.00000800.00020000.00000000.sdmp, 58208 Teklif.exe, 00000003.00000002.3769706051.0000000003093000.00000004.00000800.00020000.00000000.sdmp, 58208 Teklif.exe, 00000003.00000002.3769706051.0000000003066000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://reallyfreegeoip.org |
| Source: 58208 Teklif.exe, 00000003.00000002.3769706051.0000000002EE1000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name |
| Source: 58208 Teklif.exe, 00000003.00000002.3769706051.00000000030B0000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://scratchdreams.tk |
| Source: 58208 Teklif.exe |
String found in binary or memory: http://tempuri.org/DataSet1.xsdCEscolha |
| Source: 58208 Teklif.exe, 00000003.00000002.3769706051.0000000002FAA000.00000004.00000800.00020000.00000000.sdmp, 58208 Teklif.exe, 00000003.00000002.3769706051.00000000030A2000.00000004.00000800.00020000.00000000.sdmp, 58208 Teklif.exe, 00000003.00000002.3769706051.0000000003059000.00000004.00000800.00020000.00000000.sdmp, 58208 Teklif.exe, 00000003.00000002.3769706051.0000000002FED000.00000004.00000800.00020000.00000000.sdmp, 58208 Teklif.exe, 00000003.00000002.3769706051.000000000303D000.00000004.00000800.00020000.00000000.sdmp, 58208 Teklif.exe, 00000003.00000002.3769706051.000000000304B000.00000004.00000800.00020000.00000000.sdmp, 58208 Teklif.exe, 00000003.00000002.3769706051.0000000003093000.00000004.00000800.00020000.00000000.sdmp, 58208 Teklif.exe, 00000003.00000002.3769706051.0000000003066000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: https://reallyfreegeoip.org |
| Source: 58208 Teklif.exe, 00000000.00000002.1320427811.000000000438E000.00000004.00000800.00020000.00000000.sdmp, 58208 Teklif.exe, 00000003.00000002.3769706051.0000000002FAA000.00000004.00000800.00020000.00000000.sdmp, 58208 Teklif.exe, 00000003.00000002.3764622818.0000000000402000.00000040.00000400.00020000.00000000.sdmp |
String found in binary or memory: https://reallyfreegeoip.org/xml/ |
| Source: 58208 Teklif.exe, 00000003.00000002.3769706051.0000000003066000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: https://reallyfreegeoip.org/xml/102.129.152.231 |
| Source: 58208 Teklif.exe, 00000003.00000002.3769706051.00000000030A2000.00000004.00000800.00020000.00000000.sdmp, 58208 Teklif.exe, 00000003.00000002.3769706051.0000000003059000.00000004.00000800.00020000.00000000.sdmp, 58208 Teklif.exe, 00000003.00000002.3769706051.0000000002FED000.00000004.00000800.00020000.00000000.sdmp, 58208 Teklif.exe, 00000003.00000002.3769706051.000000000303D000.00000004.00000800.00020000.00000000.sdmp, 58208 Teklif.exe, 00000003.00000002.3769706051.000000000304B000.00000004.00000800.00020000.00000000.sdmp, 58208 Teklif.exe, 00000003.00000002.3769706051.0000000003093000.00000004.00000800.00020000.00000000.sdmp, 58208 Teklif.exe, 00000003.00000002.3769706051.0000000003066000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: https://reallyfreegeoip.org/xml/102.129.152.231$ |
| Source: 58208 Teklif.exe, 00000000.00000002.1320427811.000000000438E000.00000004.00000800.00020000.00000000.sdmp, 58208 Teklif.exe, 00000003.00000002.3769706051.00000000030B0000.00000004.00000800.00020000.00000000.sdmp, 58208 Teklif.exe, 00000003.00000002.3769706051.0000000002EE1000.00000004.00000800.00020000.00000000.sdmp, 58208 Teklif.exe, 00000003.00000002.3764622818.0000000000402000.00000040.00000400.00020000.00000000.sdmp |
String found in binary or memory: https://scratchdreams.tk |
| Source: 58208 Teklif.exe, 00000003.00000002.3769706051.00000000030B0000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: https://scratchdreams.tk/_send_.php?TS |
| Source: 58208 Teklif.exe |
String found in binary or memory: https://www.chiark.greenend.org.uk/~sgtatham/putty/0 |
| Source: 0.2.58208 Teklif.exe.445b6e0.7.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_SnakeKeylogger_af3faa65 Author: unknown |
| Source: 0.2.58208 Teklif.exe.445b6e0.7.unpack, type: UNPACKEDPE |
Matched rule: Detects Encrial credential stealer malware Author: Florian Roth |
| Source: 0.2.58208 Teklif.exe.445b6e0.7.unpack, type: UNPACKEDPE |
Matched rule: Detects executables with potential process hoocking Author: ditekSHen |
| Source: 0.2.58208 Teklif.exe.445b6e0.7.unpack, type: UNPACKEDPE |
Matched rule: Detects Snake Keylogger Author: ditekSHen |
| Source: 3.2.58208 Teklif.exe.400000.0.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_SnakeKeylogger_af3faa65 Author: unknown |
| Source: 3.2.58208 Teklif.exe.400000.0.unpack, type: UNPACKEDPE |
Matched rule: Detects Encrial credential stealer malware Author: Florian Roth |
| Source: 3.2.58208 Teklif.exe.400000.0.unpack, type: UNPACKEDPE |
Matched rule: Detects executables with potential process hoocking Author: ditekSHen |
| Source: 3.2.58208 Teklif.exe.400000.0.unpack, type: UNPACKEDPE |
Matched rule: Detects Snake Keylogger Author: ditekSHen |
| Source: 0.2.58208 Teklif.exe.447bf00.8.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_SnakeKeylogger_af3faa65 Author: unknown |
| Source: 0.2.58208 Teklif.exe.447bf00.8.unpack, type: UNPACKEDPE |
Matched rule: Detects Encrial credential stealer malware Author: Florian Roth |
| Source: 0.2.58208 Teklif.exe.447bf00.8.unpack, type: UNPACKEDPE |
Matched rule: Detects executables with potential process hoocking Author: ditekSHen |
| Source: 0.2.58208 Teklif.exe.447bf00.8.unpack, type: UNPACKEDPE |
Matched rule: Detects Snake Keylogger Author: ditekSHen |
| Source: 0.2.58208 Teklif.exe.447bf00.8.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_SnakeKeylogger_af3faa65 Author: unknown |
| Source: 0.2.58208 Teklif.exe.447bf00.8.raw.unpack, type: UNPACKEDPE |
Matched rule: Detects executables with potential process hoocking Author: ditekSHen |
| Source: 0.2.58208 Teklif.exe.447bf00.8.raw.unpack, type: UNPACKEDPE |
Matched rule: Detects Snake Keylogger Author: ditekSHen |
| Source: 0.2.58208 Teklif.exe.445b6e0.7.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_SnakeKeylogger_af3faa65 Author: unknown |
| Source: 0.2.58208 Teklif.exe.445b6e0.7.raw.unpack, type: UNPACKEDPE |
Matched rule: Detects executables with potential process hoocking Author: ditekSHen |
| Source: 0.2.58208 Teklif.exe.445b6e0.7.raw.unpack, type: UNPACKEDPE |
Matched rule: Detects Snake Keylogger Author: ditekSHen |
| Source: 00000003.00000002.3764622818.0000000000402000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY |
Matched rule: Windows_Trojan_SnakeKeylogger_af3faa65 Author: unknown |
| Source: 00000003.00000002.3764622818.0000000000402000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY |
Matched rule: Detects Snake Keylogger Author: ditekSHen |
| Source: 00000000.00000002.1320427811.000000000438E000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY |
Matched rule: Windows_Trojan_SnakeKeylogger_af3faa65 Author: unknown |
| Source: 00000000.00000002.1320427811.000000000438E000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY |
Matched rule: Detects Snake Keylogger Author: ditekSHen |
| Source: Process Memory Space: 58208 Teklif.exe PID: 7436, type: MEMORYSTR |
Matched rule: Windows_Trojan_SnakeKeylogger_af3faa65 Author: unknown |
| Source: Process Memory Space: 58208 Teklif.exe PID: 7436, type: MEMORYSTR |
Matched rule: Detects Snake Keylogger Author: ditekSHen |
| Source: Process Memory Space: 58208 Teklif.exe PID: 7580, type: MEMORYSTR |
Matched rule: Windows_Trojan_SnakeKeylogger_af3faa65 Author: unknown |
| Source: Process Memory Space: 58208 Teklif.exe PID: 7580, type: MEMORYSTR |
Matched rule: Detects Snake Keylogger Author: ditekSHen |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 0_2_0155DE0C |
0_2_0155DE0C |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 0_2_07790040 |
0_2_07790040 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 0_2_07799E58 |
0_2_07799E58 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 0_2_07795590 |
0_2_07795590 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 0_2_07795588 |
0_2_07795588 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 0_2_07792C48 |
0_2_07792C48 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 0_2_07792C38 |
0_2_07792C38 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 0_2_077934B8 |
0_2_077934B8 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 0_2_07794CB8 |
0_2_07794CB8 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 0_2_077934A8 |
0_2_077934A8 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 0_2_07790007 |
0_2_07790007 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 0_2_07793080 |
0_2_07793080 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_0141617D |
3_2_0141617D |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_0141C1F0 |
3_2_0141C1F0 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_0141B388 |
3_2_0141B388 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_0141C4D0 |
3_2_0141C4D0 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_0141C7B2 |
3_2_0141C7B2 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_014168E0 |
3_2_014168E0 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_01414B31 |
3_2_01414B31 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_0141CA92 |
3_2_0141CA92 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_0141BC32 |
3_2_0141BC32 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_0141BF10 |
3_2_0141BF10 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_014191D0 |
3_2_014191D0 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_0141305E |
3_2_0141305E |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_0141223D |
3_2_0141223D |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_0141B552 |
3_2_0141B552 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_0141F502 |
3_2_0141F502 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_014135CA |
3_2_014135CA |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_0141EA08 |
3_2_0141EA08 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_0141EA0D |
3_2_0141EA0D |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_05A989B0 |
3_2_05A989B0 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_05A94490 |
3_2_05A94490 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_05A990DD |
3_2_05A990DD |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_05A9C9B8 |
3_2_05A9C9B8 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_05A91980 |
3_2_05A91980 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_05A9F980 |
3_2_05A9F980 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_05A91DE0 |
3_2_05A91DE0 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_05A91DD0 |
3_2_05A91DD0 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_05A9F528 |
3_2_05A9F528 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_05A91520 |
3_2_05A91520 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_05A9C108 |
3_2_05A9C108 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_05A9C560 |
3_2_05A9C560 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_05A94480 |
3_2_05A94480 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_05A910C0 |
3_2_05A910C0 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_05A9F0D0 |
3_2_05A9F0D0 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_05A9E820 |
3_2_05A9E820 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_05A98008 |
3_2_05A98008 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_05A9800D |
3_2_05A9800D |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_05A90C60 |
3_2_05A90C60 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_05A9EC78 |
3_2_05A9EC78 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_05A90040 |
3_2_05A90040 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_05A90045 |
3_2_05A90045 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_05A90C50 |
3_2_05A90C50 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_05A98790 |
3_2_05A98790 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_05A9E3C8 |
3_2_05A9E3C8 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_05A9DB18 |
3_2_05A9DB18 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_05A9DF70 |
3_2_05A9DF70 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_05A9D6C0 |
3_2_05A9D6C0 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_05A9CE10 |
3_2_05A9CE10 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_05A9D268 |
3_2_05A9D268 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_06BDAEA8 |
3_2_06BDAEA8 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_06BDDAC0 |
3_2_06BDDAC0 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_06BDCE28 |
3_2_06BDCE28 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_06BD8A58 |
3_2_06BD8A58 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_06BDC7D8 |
3_2_06BDC7D8 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_06BDBB38 |
3_2_06BDBB38 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_06BD908D |
3_2_06BD908D |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_06BDB4F0 |
3_2_06BDB4F0 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_06BDD478 |
3_2_06BDD478 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_06BDA858 |
3_2_06BDA858 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_06BDC188 |
3_2_06BDC188 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_06BD15F8 |
3_2_06BD15F8 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_06BDAE98 |
3_2_06BDAE98 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_06BD5EC0 |
3_2_06BD5EC0 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_06BDCE18 |
3_2_06BDCE18 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_06BD8600 |
3_2_06BD8600 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_06BD5A68 |
3_2_06BD5A68 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_06BD8A5D |
3_2_06BD8A5D |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_06BD5A58 |
3_2_06BD5A58 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_06BD3B80 |
3_2_06BD3B80 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_06BD6BC8 |
3_2_06BD6BC8 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_06BDC7CA |
3_2_06BDC7CA |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_06BDBB27 |
3_2_06BDBB27 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_06BD6318 |
3_2_06BD6318 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_06BD6770 |
3_2_06BD6770 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_06BD74A0 |
3_2_06BD74A0 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_06BD0498 |
3_2_06BD0498 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_06BD4880 |
3_2_06BD4880 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_06BD78F8 |
3_2_06BD78F8 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_06BD08F0 |
3_2_06BD08F0 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_06BD78EF |
3_2_06BD78EF |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_06BD08E7 |
3_2_06BD08E7 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_06BD0037 |
3_2_06BD0037 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_06BD7020 |
3_2_06BD7020 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_06BD3808 |
3_2_06BD3808 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_06BD3803 |
3_2_06BD3803 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_06BDD468 |
3_2_06BDD468 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_06BD0040 |
3_2_06BD0040 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_06BD81A8 |
3_2_06BD81A8 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_06BD11A0 |
3_2_06BD11A0 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_06BD55E8 |
3_2_06BD55E8 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_06BD55D9 |
3_2_06BD55D9 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_06BD2D05 |
3_2_06BD2D05 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_06BDC178 |
3_2_06BDC178 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_06BD7D50 |
3_2_06BD7D50 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_06BD0D48 |
3_2_06BD0D48 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_06BF3570 |
3_2_06BF3570 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_06BFDEA0 |
3_2_06BFDEA0 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_06BFDE9B |
3_2_06BFDE9B |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_06BFBFEC |
3_2_06BFBFEC |
| Source: 58208 Teklif.exe, 00000000.00000002.1319232533.000000000320C000.00000004.00000800.00020000.00000000.sdmp |
Binary or memory string: OriginalFilenamelfwhUWZlmFnGhDYPudAJ.exeX vs 58208 Teklif.exe |
| Source: 58208 Teklif.exe, 00000000.00000002.1320427811.000000000438E000.00000004.00000800.00020000.00000000.sdmp |
Binary or memory string: OriginalFilenamelfwhUWZlmFnGhDYPudAJ.exeX vs 58208 Teklif.exe |
| Source: 58208 Teklif.exe, 00000000.00000002.1320427811.000000000438E000.00000004.00000800.00020000.00000000.sdmp |
Binary or memory string: OriginalFilenameTyrone.dll8 vs 58208 Teklif.exe |
| Source: 58208 Teklif.exe, 00000000.00000000.1304898513.0000000000DCA000.00000002.00000001.01000000.00000003.sdmp |
Binary or memory string: OriginalFilenameuVJY.exe, vs 58208 Teklif.exe |
| Source: 58208 Teklif.exe, 00000000.00000002.1322453048.0000000007D40000.00000004.08000000.00040000.00000000.sdmp |
Binary or memory string: OriginalFilenameTyrone.dll8 vs 58208 Teklif.exe |
| Source: 58208 Teklif.exe, 00000000.00000002.1317484204.00000000012DE000.00000004.00000020.00020000.00000000.sdmp |
Binary or memory string: OriginalFilenameclr.dllT vs 58208 Teklif.exe |
| Source: 58208 Teklif.exe, 00000003.00000002.3765108626.0000000000DA7000.00000004.00000010.00020000.00000000.sdmp |
Binary or memory string: OriginalFilenameUNKNOWN_FILET vs 58208 Teklif.exe |
| Source: 58208 Teklif.exe, 00000003.00000002.3764622818.0000000000402000.00000040.00000400.00020000.00000000.sdmp |
Binary or memory string: OriginalFilenamelfwhUWZlmFnGhDYPudAJ.exeX vs 58208 Teklif.exe |
| Source: 58208 Teklif.exe |
Binary or memory string: OriginalFilenameuVJY.exe, vs 58208 Teklif.exe |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Section loaded: mscoree.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Section loaded: apphelp.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Section loaded: kernel.appcore.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Section loaded: version.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Section loaded: vcruntime140_clr0400.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Section loaded: ucrtbase_clr0400.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Section loaded: uxtheme.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Section loaded: windows.storage.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Section loaded: wldp.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Section loaded: profapi.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Section loaded: cryptsp.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Section loaded: rsaenh.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Section loaded: cryptbase.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Section loaded: dwrite.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Section loaded: amsi.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Section loaded: userenv.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Section loaded: msasn1.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Section loaded: gpapi.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Section loaded: windowscodecs.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Section loaded: mscoree.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Section loaded: kernel.appcore.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Section loaded: version.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Section loaded: vcruntime140_clr0400.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Section loaded: ucrtbase_clr0400.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Section loaded: ucrtbase_clr0400.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Section loaded: uxtheme.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Section loaded: windows.storage.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Section loaded: wldp.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Section loaded: profapi.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Section loaded: cryptsp.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Section loaded: rsaenh.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Section loaded: cryptbase.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Section loaded: rasapi32.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Section loaded: rasman.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Section loaded: rtutils.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Section loaded: mswsock.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Section loaded: winhttp.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Section loaded: ondemandconnroutehelper.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Section loaded: iphlpapi.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Section loaded: dhcpcsvc6.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Section loaded: dhcpcsvc.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Section loaded: dnsapi.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Section loaded: winnsi.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Section loaded: rasadhlp.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Section loaded: fwpuclnt.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Section loaded: secur32.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Section loaded: sspicli.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Section loaded: schannel.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Section loaded: mskeyprotect.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Section loaded: ntasn1.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Section loaded: ncrypt.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Section loaded: ncryptsslp.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Section loaded: msasn1.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Section loaded: gpapi.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Section loaded: dpapi.dll |
Jump to behavior |
| Source: 0.2.58208 Teklif.exe.445b6e0.7.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_SnakeKeylogger_af3faa65 os = windows, severity = x86, creation_date = 2021-04-06, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.SnakeKeylogger, fingerprint = 15f4ef2a03c6f5c6284ea6a9013007e4ea7dc90a1ba9c81a53a1c7407d85890d, id = af3faa65-b19d-4267-ac02-1a3b50cdc700, last_modified = 2021-08-23 |
| Source: 0.2.58208 Teklif.exe.445b6e0.7.unpack, type: UNPACKEDPE |
Matched rule: MAL_Envrial_Jan18_1 date = 2018-01-21, hash2 = 9edd8f0e22340ecc45c5f09e449aa85d196f3f506ff3f44275367df924b95c5d, hash1 = 9ae3aa2c61f7895ba6b1a3f85fbe36c8697287dc7477c5a03d32cf994fdbce85, author = Florian Roth, description = Detects Encrial credential stealer malware, reference = https://twitter.com/malwrhunterteam/status/953313514629853184, license = https://creativecommons.org/licenses/by-nc/4.0/ |
| Source: 0.2.58208 Teklif.exe.445b6e0.7.unpack, type: UNPACKEDPE |
Matched rule: INDICATOR_SUSPICIOUS_EXE_DotNetProcHook author = ditekSHen, description = Detects executables with potential process hoocking |
| Source: 0.2.58208 Teklif.exe.445b6e0.7.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_SnakeKeylogger author = ditekSHen, description = Detects Snake Keylogger, clamav_sig = MALWARE.Win.Trojan.SnakeKeylogger |
| Source: 3.2.58208 Teklif.exe.400000.0.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_SnakeKeylogger_af3faa65 os = windows, severity = x86, creation_date = 2021-04-06, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.SnakeKeylogger, fingerprint = 15f4ef2a03c6f5c6284ea6a9013007e4ea7dc90a1ba9c81a53a1c7407d85890d, id = af3faa65-b19d-4267-ac02-1a3b50cdc700, last_modified = 2021-08-23 |
| Source: 3.2.58208 Teklif.exe.400000.0.unpack, type: UNPACKEDPE |
Matched rule: MAL_Envrial_Jan18_1 date = 2018-01-21, hash2 = 9edd8f0e22340ecc45c5f09e449aa85d196f3f506ff3f44275367df924b95c5d, hash1 = 9ae3aa2c61f7895ba6b1a3f85fbe36c8697287dc7477c5a03d32cf994fdbce85, author = Florian Roth, description = Detects Encrial credential stealer malware, reference = https://twitter.com/malwrhunterteam/status/953313514629853184, license = https://creativecommons.org/licenses/by-nc/4.0/ |
| Source: 3.2.58208 Teklif.exe.400000.0.unpack, type: UNPACKEDPE |
Matched rule: INDICATOR_SUSPICIOUS_EXE_DotNetProcHook author = ditekSHen, description = Detects executables with potential process hoocking |
| Source: 3.2.58208 Teklif.exe.400000.0.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_SnakeKeylogger author = ditekSHen, description = Detects Snake Keylogger, clamav_sig = MALWARE.Win.Trojan.SnakeKeylogger |
| Source: 0.2.58208 Teklif.exe.447bf00.8.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_SnakeKeylogger_af3faa65 os = windows, severity = x86, creation_date = 2021-04-06, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.SnakeKeylogger, fingerprint = 15f4ef2a03c6f5c6284ea6a9013007e4ea7dc90a1ba9c81a53a1c7407d85890d, id = af3faa65-b19d-4267-ac02-1a3b50cdc700, last_modified = 2021-08-23 |
| Source: 0.2.58208 Teklif.exe.447bf00.8.unpack, type: UNPACKEDPE |
Matched rule: MAL_Envrial_Jan18_1 date = 2018-01-21, hash2 = 9edd8f0e22340ecc45c5f09e449aa85d196f3f506ff3f44275367df924b95c5d, hash1 = 9ae3aa2c61f7895ba6b1a3f85fbe36c8697287dc7477c5a03d32cf994fdbce85, author = Florian Roth, description = Detects Encrial credential stealer malware, reference = https://twitter.com/malwrhunterteam/status/953313514629853184, license = https://creativecommons.org/licenses/by-nc/4.0/ |
| Source: 0.2.58208 Teklif.exe.447bf00.8.unpack, type: UNPACKEDPE |
Matched rule: INDICATOR_SUSPICIOUS_EXE_DotNetProcHook author = ditekSHen, description = Detects executables with potential process hoocking |
| Source: 0.2.58208 Teklif.exe.447bf00.8.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_SnakeKeylogger author = ditekSHen, description = Detects Snake Keylogger, clamav_sig = MALWARE.Win.Trojan.SnakeKeylogger |
| Source: 0.2.58208 Teklif.exe.447bf00.8.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_SnakeKeylogger_af3faa65 os = windows, severity = x86, creation_date = 2021-04-06, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.SnakeKeylogger, fingerprint = 15f4ef2a03c6f5c6284ea6a9013007e4ea7dc90a1ba9c81a53a1c7407d85890d, id = af3faa65-b19d-4267-ac02-1a3b50cdc700, last_modified = 2021-08-23 |
| Source: 0.2.58208 Teklif.exe.447bf00.8.raw.unpack, type: UNPACKEDPE |
Matched rule: INDICATOR_SUSPICIOUS_EXE_DotNetProcHook author = ditekSHen, description = Detects executables with potential process hoocking |
| Source: 0.2.58208 Teklif.exe.447bf00.8.raw.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_SnakeKeylogger author = ditekSHen, description = Detects Snake Keylogger, clamav_sig = MALWARE.Win.Trojan.SnakeKeylogger |
| Source: 0.2.58208 Teklif.exe.445b6e0.7.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_SnakeKeylogger_af3faa65 os = windows, severity = x86, creation_date = 2021-04-06, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.SnakeKeylogger, fingerprint = 15f4ef2a03c6f5c6284ea6a9013007e4ea7dc90a1ba9c81a53a1c7407d85890d, id = af3faa65-b19d-4267-ac02-1a3b50cdc700, last_modified = 2021-08-23 |
| Source: 0.2.58208 Teklif.exe.445b6e0.7.raw.unpack, type: UNPACKEDPE |
Matched rule: INDICATOR_SUSPICIOUS_EXE_DotNetProcHook author = ditekSHen, description = Detects executables with potential process hoocking |
| Source: 0.2.58208 Teklif.exe.445b6e0.7.raw.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_SnakeKeylogger author = ditekSHen, description = Detects Snake Keylogger, clamav_sig = MALWARE.Win.Trojan.SnakeKeylogger |
| Source: 00000003.00000002.3764622818.0000000000402000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY |
Matched rule: Windows_Trojan_SnakeKeylogger_af3faa65 os = windows, severity = x86, creation_date = 2021-04-06, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.SnakeKeylogger, fingerprint = 15f4ef2a03c6f5c6284ea6a9013007e4ea7dc90a1ba9c81a53a1c7407d85890d, id = af3faa65-b19d-4267-ac02-1a3b50cdc700, last_modified = 2021-08-23 |
| Source: 00000003.00000002.3764622818.0000000000402000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY |
Matched rule: MALWARE_Win_SnakeKeylogger author = ditekSHen, description = Detects Snake Keylogger, clamav_sig = MALWARE.Win.Trojan.SnakeKeylogger |
| Source: 00000000.00000002.1320427811.000000000438E000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY |
Matched rule: Windows_Trojan_SnakeKeylogger_af3faa65 os = windows, severity = x86, creation_date = 2021-04-06, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.SnakeKeylogger, fingerprint = 15f4ef2a03c6f5c6284ea6a9013007e4ea7dc90a1ba9c81a53a1c7407d85890d, id = af3faa65-b19d-4267-ac02-1a3b50cdc700, last_modified = 2021-08-23 |
| Source: 00000000.00000002.1320427811.000000000438E000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY |
Matched rule: MALWARE_Win_SnakeKeylogger author = ditekSHen, description = Detects Snake Keylogger, clamav_sig = MALWARE.Win.Trojan.SnakeKeylogger |
| Source: Process Memory Space: 58208 Teklif.exe PID: 7436, type: MEMORYSTR |
Matched rule: Windows_Trojan_SnakeKeylogger_af3faa65 os = windows, severity = x86, creation_date = 2021-04-06, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.SnakeKeylogger, fingerprint = 15f4ef2a03c6f5c6284ea6a9013007e4ea7dc90a1ba9c81a53a1c7407d85890d, id = af3faa65-b19d-4267-ac02-1a3b50cdc700, last_modified = 2021-08-23 |
| Source: Process Memory Space: 58208 Teklif.exe PID: 7436, type: MEMORYSTR |
Matched rule: MALWARE_Win_SnakeKeylogger author = ditekSHen, description = Detects Snake Keylogger, clamav_sig = MALWARE.Win.Trojan.SnakeKeylogger |
| Source: Process Memory Space: 58208 Teklif.exe PID: 7580, type: MEMORYSTR |
Matched rule: Windows_Trojan_SnakeKeylogger_af3faa65 os = windows, severity = x86, creation_date = 2021-04-06, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.SnakeKeylogger, fingerprint = 15f4ef2a03c6f5c6284ea6a9013007e4ea7dc90a1ba9c81a53a1c7407d85890d, id = af3faa65-b19d-4267-ac02-1a3b50cdc700, last_modified = 2021-08-23 |
| Source: Process Memory Space: 58208 Teklif.exe PID: 7580, type: MEMORYSTR |
Matched rule: MALWARE_Win_SnakeKeylogger author = ditekSHen, description = Detects Snake Keylogger, clamav_sig = MALWARE.Win.Trojan.SnakeKeylogger |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 0_2_0155F0E8 push esp; iretd |
0_2_0155F0E9 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 0_2_01555DCA pushad ; iretd |
0_2_01555DD9 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 0_2_07792533 pushad ; retf |
0_2_07792534 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_01419770 push esp; ret |
3_2_01419771 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_05A9CE01 push ds; retn 0006h |
3_2_05A9CE02 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_06BD3675 push es; iretd |
3_2_06BD367C |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_06BDF759 push es; ret |
3_2_06BDF888 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_06BD2471 pushad ; retn 0006h |
3_2_06BD2472 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_06BD9045 push es; ret |
3_2_06BD904C |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_06BD29AE push FFFFFF8Bh; ret |
3_2_06BD29B0 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_06BFC561 pushad ; ret |
3_2_06BFC562 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_06BF62FB push ss; ret |
3_2_06BF6302 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_06BFACBB push ebp; ret |
3_2_06BFAF12 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_06BFAAA9 push ecx; ret |
3_2_06BFAAAA |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_06BFAADB push ecx; ret |
3_2_06BFAAE2 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_06BFAAD9 push ecx; ret |
3_2_06BFAADA |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_06BFAB98 push ebx; ret |
3_2_06BFAB9A |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_06BFA918 push eax; ret |
3_2_06BFA91A |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_06BFA97F push ecx; ret |
3_2_06BFA992 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_06BF7081 push ds; ret |
3_2_06BF7082 |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_06BF70C8 push ds; ret |
3_2_06BF70CA |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Code function: 3_2_06BF7133 push ds; ret |
3_2_06BF713A |
| Source: 0.2.58208 Teklif.exe.7d40000.11.raw.unpack, ov3UajLBVQs6ILc8yA.cs |
High entropy of concatenated method names: 'EditValue', 'GetEditStyle', 'i0JnWyw5xe', 'MOxnJGogIN', 'xZFnz14FVB', 'oZQP4VsIre', 'SMaPbKk73w', 'bMlPnyjxBX', 'lxoPPcdbic', 'c6CLgUPAx8m36WCR7w8' |
| Source: 0.2.58208 Teklif.exe.7d40000.11.raw.unpack, YG1e6VBcKiUT8HVni8.cs |
High entropy of concatenated method names: 'j6iMnrrXo', 'p8ds4yImq', 'md4Tavpur', 'G20iSVZgT', 'aahFPi9UW', 'CiECtA727', 'tUybNKNfTqdYoZ0tr2', 'MajRD6hbDtFIGdx9f0', 'nmkR6t3Zo', 'Vt3Ko8yQC' |
| Source: 0.2.58208 Teklif.exe.7d40000.11.raw.unpack, nYsJLGMJdGqdNxcgdO.cs |
High entropy of concatenated method names: 'oZfPIEUDZm', 'AbEPpw7T7s', 'YquP6A5eoQ', 'FxdPdpMnpU', 'zR4Pw3nAjS', 'ly9PkUs6tT', 'fOUP1VFniU', 'IXdPgIxxc1', 'tLLPlLldYK', 'zESPQW0bKW' |
| Source: 0.2.58208 Teklif.exe.7d40000.11.raw.unpack, y8PW6obPExJQorPGBu.cs |
High entropy of concatenated method names: 'PUv1peWQM3', 'ub41douQnv', 'Ida1kaGgVt', 'SIokJxddqo', 'TE8kzuUthS', 'LAV149d5sa', 'zVR1bWanxW', 'YAa1nQJA0V', 'sMJ1PSH4B3', 'pTe1V24RKv' |
| Source: 0.2.58208 Teklif.exe.7d40000.11.raw.unpack, FA8yIwaG2xHBjFO0PN.cs |
High entropy of concatenated method names: 'Fc4RptwFhS', 'EVeR6UM9dl', 'lubRdrtiZe', 'wbCRwOgFgv', 'PRgRkHXP7O', 'L6hR1IQEB6', 'eB3Rgpd9P4', 'qhPRlHixdi', 'S4VRQK0INL', 'VgpRt0DtLp' |
| Source: 0.2.58208 Teklif.exe.7d40000.11.raw.unpack, SfKvfedl6YqdMaJJcO.cs |
High entropy of concatenated method names: 'nnk6ogfMHI', 'WZI6SYuk2O', 'Aay6LotdmM', 'Lwo6qKRoVU', 'fRI6rQrFyJ', 'ASX6YJvp0C', 'GQa6NDXtmw', 'JqQ691veVc', 'AbF6WkBRpW', 'jr06JsKhRu' |
| Source: 0.2.58208 Teklif.exe.7d40000.11.raw.unpack, Mbac2TE9ygslISwFbl.cs |
High entropy of concatenated method names: 'zTgRx5wWxo', 'xoiRuWHeOO', 'PC8Rm8EAhJ', 'B6DRabpI8L', 'niDRolSpvh', 'a35RAGoSbP', 'Next', 'Next', 'Next', 'NextBytes' |
| Source: 0.2.58208 Teklif.exe.7d40000.11.raw.unpack, Nkn6l0K9M4ISy88b1R.cs |
High entropy of concatenated method names: 're0dsqsuDH', 'XDIdTY5Jj5', 'hY8dekdd4V', 'QnBdFxerfv', 'agMd5cRdaU', 'nrxdhHsXBB', 'yI4dfZn2nB', 'JCDdRNs8mu', 'cvCdjBIYxS', 'pI0dKCocR3' |
| Source: 0.2.58208 Teklif.exe.7d40000.11.raw.unpack, mXyo9lc8mMDVspYqnf.cs |
High entropy of concatenated method names: 'IGIf90u4nf', 'ExBfJeX3uM', 'DNyR4dJT2X', 'mgURbnNDK3', 'CCRfHahUry', 'jcjf7DgH0d', 'bHBfDsixjo', 'TDYfov7js9', 'LxMfSha9HS', 'YxIfL0IDco' |
| Source: 0.2.58208 Teklif.exe.7d40000.11.raw.unpack, B7MMIpTyXcBbeAMFnb.cs |
High entropy of concatenated method names: 'Dispose', 'FQ4bWhVLQf', 'o8nnu9SeZV', 'RC388QtlOR', 'YPxbJoOXfX', 'WOmbzPxvcR', 'ProcessDialogKey', 'WSOn48lJPN', 'mNNnb0uFtA', 'YS2nnCABuy' |
| Source: 0.2.58208 Teklif.exe.7d40000.11.raw.unpack, oWVvW42EmpKy9BSgWw.cs |
High entropy of concatenated method names: 'NdLce7BXFC', 'e0ccFG8oVR', 'gFicx0QBGB', 'a51cuM9OqG', 'MOCcajCCFG', 'ppscACJM34', 'JqIc26OlCA', 'K53cBAuR6K', 'wCVcO9SIUg', 'XLfcH1AifM' |
| Source: 0.2.58208 Teklif.exe.7d40000.11.raw.unpack, HvXS97UUa7qseCLu3gf.cs |
High entropy of concatenated method names: 'ToString', 'EviKPn2vUo', 'NCmKVogdD4', 'aaOKIVTQ7p', 'yOsKpDSybS', 'aNsK6rbikR', 'SqqKdFojKR', 'ekOKwmwUGa', 'uXZ9jgAmpRMMPRXwgKT', 'DJtlJLAUmkqHGEHRhG7' |
| Source: 0.2.58208 Teklif.exe.7d40000.11.raw.unpack, f3RHjcWfG0nFOPiZ5P.cs |
High entropy of concatenated method names: 'COKkIT7oB8', 'Somk6cWpNR', 'N97kwiIM3D', 'JmVk1JeW9a', 'WXdkg9ycc0', 'ge9wrGwvOM', 'aLSwYOuNWe', 'DEDwN7rkdg', 'Euww9vBYiR', 'JB8wWf9G31' |
| Source: 0.2.58208 Teklif.exe.7d40000.11.raw.unpack, ymY9i55puh8sJQy4lC.cs |
High entropy of concatenated method names: 'ugJfQ0bPMi', 'EUjftHC6ip', 'ToString', 'IHJfpr47EV', 'iuMf67hnUK', 'TjufdN0xe3', 'uF9fw4EONe', 'vwxfkdoTyn', 'vXuf152u6Q', 'ngMfg8J3RA' |
| Source: 0.2.58208 Teklif.exe.7d40000.11.raw.unpack, HKBtH9zLyWSY3PprRP.cs |
High entropy of concatenated method names: 'CanConvertFrom', 'ConvertFrom', 'ConvertTo', 'bSdjcJXCiF', 'AO9j5EJ63N', 'IkojhWT6CJ', 'wq5jfnXkoA', 'Q8KjRe9Mdm', 'AQ7jjQhF9i', 'fDFjKN8UpI' |
| Source: 0.2.58208 Teklif.exe.7d40000.11.raw.unpack, ocgNYIURVbTtgbjxB1R.cs |
High entropy of concatenated method names: 'IgOjUNYiVq', 'yiVjvWC42y', 'DNRjMwUZOR', 'srCjsyafAM', 'Ct8jZkArYX', 'rbHjTmPcUq', 'VgJjiPtaIT', 'XbBjePbQib', 'PahjFcdvR0', 'xdIjCOQ9pm' |
| Source: 0.2.58208 Teklif.exe.7d40000.11.raw.unpack, wVhD8CnnV4UcccbIW4.cs |
High entropy of concatenated method names: 'aIg1USDgx9', 'jV91vi8o23', 'Qkm1MIg4hd', 'rXJ1sWCCTs', 'M8R1ZypAkO', 'DOC1TM8m8d', 'uZj1ihrlQY', 'Bk91elqMVa', 'AZG1FSQU8L', 'x2c1CC7Ogo' |
| Source: 0.2.58208 Teklif.exe.7d40000.11.raw.unpack, aKoppcmWP2f8yAjY4l.cs |
High entropy of concatenated method names: 'fvfb1l7DpV', 'M8ibg0htUB', 'rVkbQxCgMi', 'MuybtMDkhM', 'ibbb5bMPHc', 'JrJbhVuZyN', 'WW1EHm7UrPxacBnLNj', 'u9OcAsoqmsDcU6Wgyu', 'TKAbbgfhvH', 'GupbPnXaUB' |
| Source: 0.2.58208 Teklif.exe.7d40000.11.raw.unpack, WXPo1s6SZUfJWf3Ztw.cs |
High entropy of concatenated method names: 'fEswZqw6gn', 'KH4wi0cn65', 'fXJdmY30BN', 't3Bda0ERhb', 'RuodAb6oNk', 'deAd3Na0RH', 'iAed2Kwm3c', 'QRddBFGGbQ', 'qVcdE6IV2T', 'UTVdOCRbN1' |
| Source: 0.2.58208 Teklif.exe.7d40000.11.raw.unpack, MK85Z0STNaOnKwpaOT.cs |
High entropy of concatenated method names: 'Enu5OCG8LK', 'GbQ57jpTW1', 'ujZ5oXg8dR', 'fer5S5WeBm', 'G5r5ua7vgk', 'UXZ5mplZnW', 'RXN5aOlFWK', 'OHt5AQFC9N', 'yjI53V0jKY', 'Oiu52CAMKh' |
| Source: 0.2.58208 Teklif.exe.7d40000.11.raw.unpack, JgWfdKAVBhtTy2KMZT.cs |
High entropy of concatenated method names: 'hN4jby8yLc', 'RhfjPQutD5', 'YgBjVCXnxK', 'I9Zjpvm4DR', 'lY5j6C4Jgp', 'ylMjwkVS9A', 'hNTjkaeNYd', 'zFvRNU0TDr', 'K6bR9CpeoW', 'wUmRW6x0ud' |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 922337203685477 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 922337203685477 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 600000 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 599874 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 599765 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 599656 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 599546 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 599437 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 599328 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 599218 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 599109 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 599000 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 598890 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 598781 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 598671 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 598543 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 598422 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 598312 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 598194 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 598078 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 597965 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 597843 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 597734 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 597624 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 597515 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 597405 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 597296 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 597187 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 597078 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 596968 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 596843 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 596734 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 596625 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 596515 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 596406 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 596295 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 596172 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 596062 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 595952 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 595843 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 595734 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 595625 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 595515 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 595406 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 595296 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 595187 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 595078 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 594968 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 594859 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 594749 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 594640 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 594531 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe TID: 7440 |
Thread sleep time: -30000s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe TID: 7456 |
Thread sleep time: -922337203685477s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe TID: 7696 |
Thread sleep time: -24903104499507879s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe TID: 7696 |
Thread sleep time: -600000s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe TID: 7700 |
Thread sleep count: 1541 > 30 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe TID: 7696 |
Thread sleep time: -599874s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe TID: 7696 |
Thread sleep time: -599765s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe TID: 7700 |
Thread sleep count: 8311 > 30 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe TID: 7696 |
Thread sleep time: -599656s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe TID: 7696 |
Thread sleep time: -599546s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe TID: 7696 |
Thread sleep time: -599437s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe TID: 7696 |
Thread sleep time: -599328s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe TID: 7696 |
Thread sleep time: -599218s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe TID: 7696 |
Thread sleep time: -599109s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe TID: 7696 |
Thread sleep time: -599000s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe TID: 7696 |
Thread sleep time: -598890s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe TID: 7696 |
Thread sleep time: -598781s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe TID: 7696 |
Thread sleep time: -598671s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe TID: 7696 |
Thread sleep time: -598543s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe TID: 7696 |
Thread sleep time: -598422s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe TID: 7696 |
Thread sleep time: -598312s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe TID: 7696 |
Thread sleep time: -598194s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe TID: 7696 |
Thread sleep time: -598078s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe TID: 7696 |
Thread sleep time: -597965s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe TID: 7696 |
Thread sleep time: -597843s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe TID: 7696 |
Thread sleep time: -597734s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe TID: 7696 |
Thread sleep time: -597624s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe TID: 7696 |
Thread sleep time: -597515s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe TID: 7696 |
Thread sleep time: -597405s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe TID: 7696 |
Thread sleep time: -597296s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe TID: 7696 |
Thread sleep time: -597187s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe TID: 7696 |
Thread sleep time: -597078s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe TID: 7696 |
Thread sleep time: -596968s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe TID: 7696 |
Thread sleep time: -596843s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe TID: 7696 |
Thread sleep time: -596734s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe TID: 7696 |
Thread sleep time: -596625s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe TID: 7696 |
Thread sleep time: -596515s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe TID: 7696 |
Thread sleep time: -596406s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe TID: 7696 |
Thread sleep time: -596295s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe TID: 7696 |
Thread sleep time: -596172s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe TID: 7696 |
Thread sleep time: -596062s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe TID: 7696 |
Thread sleep time: -595952s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe TID: 7696 |
Thread sleep time: -595843s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe TID: 7696 |
Thread sleep time: -595734s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe TID: 7696 |
Thread sleep time: -595625s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe TID: 7696 |
Thread sleep time: -595515s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe TID: 7696 |
Thread sleep time: -595406s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe TID: 7696 |
Thread sleep time: -595296s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe TID: 7696 |
Thread sleep time: -595187s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe TID: 7696 |
Thread sleep time: -595078s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe TID: 7696 |
Thread sleep time: -594968s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe TID: 7696 |
Thread sleep time: -594859s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe TID: 7696 |
Thread sleep time: -594749s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe TID: 7696 |
Thread sleep time: -594640s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe TID: 7696 |
Thread sleep time: -594531s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 30000 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 922337203685477 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 922337203685477 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 600000 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 599874 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 599765 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 599656 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 599546 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 599437 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 599328 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 599218 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 599109 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 599000 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 598890 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 598781 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 598671 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 598543 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 598422 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 598312 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 598194 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 598078 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 597965 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 597843 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 597734 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 597624 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 597515 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 597405 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 597296 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 597187 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 597078 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 596968 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 596843 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 596734 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 596625 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 596515 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 596406 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 596295 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 596172 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 596062 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 595952 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 595843 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 595734 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 595625 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 595515 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 595406 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 595296 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 595187 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 595078 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 594968 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 594859 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 594749 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 594640 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Thread delayed: delay time: 594531 |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Queries volume information: C:\Users\user\Desktop\58208 Teklif.exe VolumeInformation |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformation |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll VolumeInformation |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll VolumeInformation |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Queries volume information: C:\Windows\Fonts\micross.ttf VolumeInformation |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll VolumeInformation |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Queries volume information: C:\Users\user\Desktop\58208 Teklif.exe VolumeInformation |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformation |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll VolumeInformation |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll VolumeInformation |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Extensions\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.Extensions.dll VolumeInformation |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll VolumeInformation |
Jump to behavior |
| Source: C:\Users\user\Desktop\58208 Teklif.exe |
Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll VolumeInformation |
Jump to behavior |
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet