Source: z34PDnVzyEItkXaInw.exe, 00000003.00000002.4448567496.00000000030C7000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://api.telegram.org |
Source: z34PDnVzyEItkXaInw.exe, 00000003.00000002.4448567496.0000000003051000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name |
Source: z34PDnVzyEItkXaInw.exe, 00000000.00000002.2024453541.0000000003776000.00000004.00000800.00020000.00000000.sdmp, z34PDnVzyEItkXaInw.exe, 00000003.00000002.4445884257.0000000000402000.00000040.00000400.00020000.00000000.sdmp | String found in binary or memory: https://account.dyn.com/ |
Source: z34PDnVzyEItkXaInw.exe, 00000000.00000002.2024453541.0000000003776000.00000004.00000800.00020000.00000000.sdmp, z34PDnVzyEItkXaInw.exe, 00000003.00000002.4448567496.0000000003051000.00000004.00000800.00020000.00000000.sdmp, z34PDnVzyEItkXaInw.exe, 00000003.00000002.4445884257.0000000000402000.00000040.00000400.00020000.00000000.sdmp | String found in binary or memory: https://api.ipify.org |
Source: z34PDnVzyEItkXaInw.exe, 00000003.00000002.4448567496.0000000003051000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://api.ipify.org/ |
Source: z34PDnVzyEItkXaInw.exe, 00000003.00000002.4448567496.0000000003051000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://api.ipify.org/t |
Source: z34PDnVzyEItkXaInw.exe, 00000003.00000002.4448567496.00000000030C7000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://api.telegram.org |
Source: z34PDnVzyEItkXaInw.exe, 00000000.00000002.2024453541.0000000003776000.00000004.00000800.00020000.00000000.sdmp, z34PDnVzyEItkXaInw.exe, 00000003.00000002.4448567496.0000000003051000.00000004.00000800.00020000.00000000.sdmp, z34PDnVzyEItkXaInw.exe, 00000003.00000002.4445884257.0000000000402000.00000040.00000400.00020000.00000000.sdmp | String found in binary or memory: https://api.telegram.org/bot6802803611:AAGpkOXh1yiUdrFGbg2d_rgtxPR9P8L5C4g/ |
Source: z34PDnVzyEItkXaInw.exe, 00000003.00000002.4448567496.00000000030C7000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://api.telegram.org/bot6802803611:AAGpkOXh1yiUdrFGbg2d_rgtxPR9P8L5C4g/sendDocument |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Code function: 0_2_0086462C | 0_2_0086462C |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Code function: 0_2_04981E1C | 0_2_04981E1C |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Code function: 0_2_04980040 | 0_2_04980040 |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Code function: 0_2_04981E10 | 0_2_04981E10 |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Code function: 0_2_049829B1 | 0_2_049829B1 |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Code function: 0_2_049809F0 | 0_2_049809F0 |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Code function: 0_2_04980A00 | 0_2_04980A00 |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Code function: 0_2_073EAC00 | 0_2_073EAC00 |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Code function: 0_2_073E4F10 | 0_2_073E4F10 |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Code function: 0_2_073E5771 | 0_2_073E5771 |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Code function: 0_2_073E9748 | 0_2_073E9748 |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Code function: 0_2_073E6E28 | 0_2_073E6E28 |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Code function: 0_2_073E6E22 | 0_2_073E6E22 |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Code function: 0_2_073EC5D0 | 0_2_073EC5D0 |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Code function: 0_2_073E5348 | 0_2_073E5348 |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Code function: 0_2_073EABF1 | 0_2_073EABF1 |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Code function: 0_2_073E7260 | 0_2_073E7260 |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Code function: 0_2_073E7250 | 0_2_073E7250 |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Code function: 3_2_0148C062 | 3_2_0148C062 |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Code function: 3_2_0148E659 | 3_2_0148E659 |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Code function: 3_2_01484A48 | 3_2_01484A48 |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Code function: 3_2_01483E30 | 3_2_01483E30 |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Code function: 3_2_01484178 | 3_2_01484178 |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Code function: 3_2_06C0A448 | 3_2_06C0A448 |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Code function: 3_2_06C0BD00 | 3_2_06C0BD00 |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Code function: 3_2_06C26640 | 3_2_06C26640 |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Code function: 3_2_06C255F8 | 3_2_06C255F8 |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Code function: 3_2_06C2B288 | 3_2_06C2B288 |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Code function: 3_2_06C230A8 | 3_2_06C230A8 |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Code function: 3_2_06C2C1E8 | 3_2_06C2C1E8 |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Code function: 3_2_06C27DD8 | 3_2_06C27DD8 |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Code function: 3_2_06C276F8 | 3_2_06C276F8 |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Code function: 3_2_06C2E410 | 3_2_06C2E410 |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Code function: 3_2_06C22378 | 3_2_06C22378 |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Code function: 3_2_06C20335 | 3_2_06C20335 |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Code function: 3_2_06C20021 | 3_2_06C20021 |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Code function: 3_2_06C25D37 | 3_2_06C25D37 |
Source: z34PDnVzyEItkXaInw.exe, 00000000.00000000.1983682561.00000000000F4000.00000002.00000001.01000000.00000003.sdmp | Binary or memory string: OriginalFilenameDwHX.exe: vs z34PDnVzyEItkXaInw.exe |
Source: z34PDnVzyEItkXaInw.exe, 00000000.00000002.2022935900.0000000002584000.00000004.00000800.00020000.00000000.sdmp | Binary or memory string: OriginalFilename12c080e2-c78d-49dc-ace2-ba2fdae2ada7.exe4 vs z34PDnVzyEItkXaInw.exe |
Source: z34PDnVzyEItkXaInw.exe, 00000000.00000002.2027530519.0000000006F80000.00000004.08000000.00040000.00000000.sdmp | Binary or memory string: OriginalFilenameSimpleLogin.dll8 vs z34PDnVzyEItkXaInw.exe |
Source: z34PDnVzyEItkXaInw.exe, 00000000.00000002.2021791989.00000000006EE000.00000004.00000020.00020000.00000000.sdmp | Binary or memory string: OriginalFilenameclr.dllT vs z34PDnVzyEItkXaInw.exe |
Source: z34PDnVzyEItkXaInw.exe, 00000000.00000002.2022935900.00000000024B1000.00000004.00000800.00020000.00000000.sdmp | Binary or memory string: OriginalFilenameSimpleLogin.dll8 vs z34PDnVzyEItkXaInw.exe |
Source: z34PDnVzyEItkXaInw.exe, 00000000.00000002.2029749836.0000000008B20000.00000004.08000000.00040000.00000000.sdmp | Binary or memory string: OriginalFilenameTyrone.dll8 vs z34PDnVzyEItkXaInw.exe |
Source: z34PDnVzyEItkXaInw.exe, 00000000.00000002.2024453541.0000000003776000.00000004.00000800.00020000.00000000.sdmp | Binary or memory string: OriginalFilename12c080e2-c78d-49dc-ace2-ba2fdae2ada7.exe4 vs z34PDnVzyEItkXaInw.exe |
Source: z34PDnVzyEItkXaInw.exe, 00000000.00000002.2024453541.0000000003776000.00000004.00000800.00020000.00000000.sdmp | Binary or memory string: OriginalFilenameTyrone.dll8 vs z34PDnVzyEItkXaInw.exe |
Source: z34PDnVzyEItkXaInw.exe, 00000003.00000002.4445884257.0000000000402000.00000040.00000400.00020000.00000000.sdmp | Binary or memory string: OriginalFilename12c080e2-c78d-49dc-ace2-ba2fdae2ada7.exe4 vs z34PDnVzyEItkXaInw.exe |
Source: z34PDnVzyEItkXaInw.exe, 00000003.00000002.4446148333.0000000000DE9000.00000004.00000010.00020000.00000000.sdmp | Binary or memory string: OriginalFilenameUNKNOWN_FILET vs z34PDnVzyEItkXaInw.exe |
Source: z34PDnVzyEItkXaInw.exe | Binary or memory string: OriginalFilenameDwHX.exe: vs z34PDnVzyEItkXaInw.exe |
Source: 0.2.z34PDnVzyEItkXaInw.exe.37768d8.11.raw.unpack, ekKu0.cs | Cryptographic APIs: 'TransformFinalBlock' |
Source: 0.2.z34PDnVzyEItkXaInw.exe.37768d8.11.raw.unpack, vKf1z6NvS.cs | Cryptographic APIs: 'TransformFinalBlock' |
Source: 0.2.z34PDnVzyEItkXaInw.exe.37768d8.11.raw.unpack, ZNAvlD7qmXc.cs | Cryptographic APIs: 'CreateDecryptor', 'TransformBlock' |
Source: 0.2.z34PDnVzyEItkXaInw.exe.37768d8.11.raw.unpack, U2doU2.cs | Cryptographic APIs: 'TransformFinalBlock' |
Source: 0.2.z34PDnVzyEItkXaInw.exe.37768d8.11.raw.unpack, BgffYko.cs | Cryptographic APIs: 'TransformFinalBlock' |
Source: 0.2.z34PDnVzyEItkXaInw.exe.37768d8.11.raw.unpack, HrTdA63.cs | Cryptographic APIs: 'CreateDecryptor' |
Source: 0.2.z34PDnVzyEItkXaInw.exe.37768d8.11.raw.unpack, Vvp22TrBv9g.cs | Cryptographic APIs: 'TransformFinalBlock' |
Source: 0.2.z34PDnVzyEItkXaInw.exe.37768d8.11.raw.unpack, Vvp22TrBv9g.cs | Cryptographic APIs: 'TransformFinalBlock' |
Source: 0.2.z34PDnVzyEItkXaInw.exe.37768d8.11.raw.unpack, Vvp22TrBv9g.cs | Cryptographic APIs: 'TransformFinalBlock' |
Source: 0.2.z34PDnVzyEItkXaInw.exe.37768d8.11.raw.unpack, Vvp22TrBv9g.cs | Cryptographic APIs: 'TransformFinalBlock' |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Section loaded: mscoree.dll | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Section loaded: apphelp.dll | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Section loaded: kernel.appcore.dll | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Section loaded: version.dll | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Section loaded: vcruntime140_clr0400.dll | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Section loaded: ucrtbase_clr0400.dll | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Section loaded: ucrtbase_clr0400.dll | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Section loaded: uxtheme.dll | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Section loaded: windows.storage.dll | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Section loaded: wldp.dll | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Section loaded: profapi.dll | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Section loaded: cryptsp.dll | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Section loaded: rsaenh.dll | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Section loaded: cryptbase.dll | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Section loaded: dwrite.dll | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Section loaded: textshaping.dll | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Section loaded: windowscodecs.dll | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Section loaded: amsi.dll | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Section loaded: userenv.dll | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Section loaded: msasn1.dll | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Section loaded: gpapi.dll | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Section loaded: urlmon.dll | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Section loaded: iertutil.dll | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Section loaded: srvcli.dll | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Section loaded: netutils.dll | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Section loaded: sspicli.dll | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Section loaded: propsys.dll | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Section loaded: mscoree.dll | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Section loaded: kernel.appcore.dll | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Section loaded: version.dll | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Section loaded: vcruntime140_clr0400.dll | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Section loaded: ucrtbase_clr0400.dll | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Section loaded: ucrtbase_clr0400.dll | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Section loaded: uxtheme.dll | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Section loaded: windows.storage.dll | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Section loaded: wldp.dll | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Section loaded: profapi.dll | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Section loaded: cryptsp.dll | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Section loaded: rsaenh.dll | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Section loaded: cryptbase.dll | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Section loaded: wbemcomn.dll | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Section loaded: amsi.dll | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Section loaded: userenv.dll | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Section loaded: sspicli.dll | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Section loaded: rasapi32.dll | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Section loaded: rasman.dll | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Section loaded: rtutils.dll | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Section loaded: mswsock.dll | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Section loaded: winhttp.dll | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Section loaded: ondemandconnroutehelper.dll | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Section loaded: iphlpapi.dll | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Section loaded: dhcpcsvc6.dll | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Section loaded: dhcpcsvc.dll | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Section loaded: dnsapi.dll | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Section loaded: winnsi.dll | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Section loaded: rasadhlp.dll | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Section loaded: fwpuclnt.dll | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Section loaded: secur32.dll | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Section loaded: schannel.dll | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Section loaded: mskeyprotect.dll | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Section loaded: ntasn1.dll | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Section loaded: ncrypt.dll | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Section loaded: ncryptsslp.dll | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Section loaded: msasn1.dll | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Section loaded: gpapi.dll | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Section loaded: vaultcli.dll | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Section loaded: wintypes.dll | Jump to behavior |
Source: 0.2.z34PDnVzyEItkXaInw.exe.3895d00.9.raw.unpack, cYtiZBJgXLkO35auuN.cs | High entropy of concatenated method names: 'C3LeqrfV9k', 'bVaeg9qEr1', 'vC7epui8XJ', 'ge7eGpbty0', 'Wbve1jgYHU', 'LNfe78IZMf', 'EhqeZAKo5t', 'Y9FexfkmtY', 'Rg1eugTZm9', 'mhPetEMaFv' |
Source: 0.2.z34PDnVzyEItkXaInw.exe.3895d00.9.raw.unpack, wlAAtxM9fb63NXI7lL.cs | High entropy of concatenated method names: 'QHMMLJtlax', 'dqiMXUJlXK', 'FybM9w0RCI', 'uZtMCvus0o', 'PrfMJmOYPB', 'tPSMeZDk6h', 'irEM5qPwxF', 'NZdMW3ZQjl', 'WXMMmvZex3', 'iBGMT0vcuD' |
Source: 0.2.z34PDnVzyEItkXaInw.exe.3895d00.9.raw.unpack, u9Oe8ezqRJwdijhWn0.cs | High entropy of concatenated method names: 'CanConvertFrom', 'ConvertFrom', 'ConvertTo', 'REQj2yMtlp', 'GpajKpLaa1', 'CbYjUA9Q5W', 'siLjYv9u74', 'nWDjMSg70n', 'GXTjj1CEFv', 'DFOjAxEH9d' |
Source: 0.2.z34PDnVzyEItkXaInw.exe.3895d00.9.raw.unpack, Yexvbtrr2xPO7n9lT7.cs | High entropy of concatenated method names: 'vpXp0MpAn', 'gCUGhySXs', 'SR2701UOh', 'GLwZpilxA', 'GDjuSEfkB', 'ghqtUhl6Z', 'FeIWPY5HqeImqugmDg', 'hBr0SBvKC5yeDedTjg', 'Mf0MgZAcq', 'Iq2ATEI4U' |
Source: 0.2.z34PDnVzyEItkXaInw.exe.3895d00.9.raw.unpack, cL4MUQFjmLYsJlYopV.cs | High entropy of concatenated method names: 'y0fJEO8Sed', 'fB7JSIRfMU', 'AVZJbenjVN', 'ToString', 'wUGJhUKou7', 'X29JOMbYsF', 'gWJ2GH65oQOey25NjvX', 'fQpZkK6vQPsUT412brC' |
Source: 0.2.z34PDnVzyEItkXaInw.exe.3895d00.9.raw.unpack, Vu7ncTtCFD0sjXamvP.cs | High entropy of concatenated method names: 'k0QjQ4hP3o', 'LHSjcIeYYW', 'F2AjkPsCWA', 'paxjLdaydp', 'VHKjXOVHlb', 'XAkjCpQkHd', 'nmJjJGeIRy', 'EaCMOMKpBG', 'QReM44nKtD', 'aSDM07mY79' |
Source: 0.2.z34PDnVzyEItkXaInw.exe.3895d00.9.raw.unpack, CEXb4LWeDPdrDeSEcG.cs | High entropy of concatenated method names: 'cxcQePssDI', 'JbSQ5rJVOC', 'eq2QmnHifA', 'AIaQTmohvJ', 'DV0QKxjl0H', 'fi2QUdGxGQ', 'qaMR7FORKeMZdvyCPR', 'yIxCRLBebAseA1uKgq', 'G5NQQnQP4g', 'OAvQcPx0tY' |
Source: 0.2.z34PDnVzyEItkXaInw.exe.3895d00.9.raw.unpack, g0O6mAVKXhCqDfmWqt.cs | High entropy of concatenated method names: 'oY4cyHuHNu', 'PC5cLID1Ia', 'SUucXvSpNn', 'TDjc9ti55P', 'rPncCQjGpx', 'bXecJXDgdm', 'XEnce5cjIZ', 'cbfc59M6cC', 'tUdcWX78Jj', 'peOcmvm8s1' |
Source: 0.2.z34PDnVzyEItkXaInw.exe.3895d00.9.raw.unpack, orK5l3eTD4M4iRaAuN.cs | High entropy of concatenated method names: 'uM9Y4KGU3u', 'uFoYDDQjdJ', 'bJSMVdtHH0', 'BSqMQpyvnx', 'g7LYdQF9dr', 'bGdYPtnbVE', 'wWGYRWdLUk', 'FYuYlkByFv', 'XSbYB5dXDL', 'BqkYE8x07U' |
Source: 0.2.z34PDnVzyEItkXaInw.exe.3895d00.9.raw.unpack, iqObE2fwstZoIGKRfd.cs | High entropy of concatenated method names: 'ECKeL1bgSo', 'bMOe9yjwIl', 'jxZeJhxT8O', 'KS0JDQ5wvQ', 'jCiJzKK6u2', 'o1IeV2JS8c', 'L06eQHVRa0', 'E7KeF39ISL', 'sTLecVkVy5', 'o74ekDwdZN' |
Source: 0.2.z34PDnVzyEItkXaInw.exe.3895d00.9.raw.unpack, I8aDohIKoftP7xwepJ.cs | High entropy of concatenated method names: 'wQ4Xlrq0vE', 'QukXB03mgN', 'vT9XE9eSoJ', 'd4mXSlLO37', 'IBdXbJ2CWb', 'TocXhrDZMb', 'yAIXOJKPTW', 'ibnX4jPr6D', 'OeAX0mGIZc', 'ktpXDJjaLl' |
Source: 0.2.z34PDnVzyEItkXaInw.exe.3895d00.9.raw.unpack, rlrY9Lq6lLelgmowto.cs | High entropy of concatenated method names: 'QvNMsy69Z3', 'LGJMoGOsYh', 'MvSMHUDLCN', 'MlLMNvp17X', 'JhWMl6D4ks', 'HjMManSTiR', 'Next', 'Next', 'Next', 'NextBytes' |
Source: 0.2.z34PDnVzyEItkXaInw.exe.3895d00.9.raw.unpack, dE8QSW7TdyqJP7qqk69.cs | High entropy of concatenated method names: 'CanConvertFrom', 'ConvertFrom', 'ConvertTo', 'hqOAlh9okM', 'liLABOZyur', 'XCMAEx1fo0', 'S4PASCgrmn', 'v9AAbWhKKo', 'xA2Ahb5XxC', 'LxmAOhw6n6' |
Source: 0.2.z34PDnVzyEItkXaInw.exe.3895d00.9.raw.unpack, J0DkVLbPDXLfEEDC9O.cs | High entropy of concatenated method names: 'Dispose', 'rilQ0iTsVF', 'RsrFo3anJ7', 'neq66J62m2', 'qmTQDK5BJy', 'UC0Qzgf4D0', 'ProcessDialogKey', 'YMFFVwqGmI', 'JvNFQDyBMI', 'wyTFFEGps0' |
Source: 0.2.z34PDnVzyEItkXaInw.exe.3895d00.9.raw.unpack, moXCNNOY2BYrEanHOi.cs | High entropy of concatenated method names: 'zfUJyIWtUG', 'yqAJXCDO5G', 'EZ1JCvn5Y8', 'xG4Je0g8FB', 'DgDJ5IAEj3', 'kKHCbhsxtl', 'SgHChipDQy', 'HO3COq419P', 'mTdC4vnTw1', 'pZnC0taKJf' |
Source: 0.2.z34PDnVzyEItkXaInw.exe.3895d00.9.raw.unpack, Twb64T79wCiVG8k9hDU.cs | High entropy of concatenated method names: 'CS8jqSuX9q', 'k4hjgdxL6o', 'THOjp6Lnnw', 'XAajGQFT5g', 'HxIj1QYLb9', 'RJHj74AVB9', 'AFOjZTb1ig', 'RVXjxnPpSN', 'JqZju0qFT1', 'jsmjthgafK' |
Source: 0.2.z34PDnVzyEItkXaInw.exe.3895d00.9.raw.unpack, pGG49EBnx9JEmOKRxZ.cs | High entropy of concatenated method names: 'TZO2xZgh8o', 'b5t2uJ4CEe', 'qN42sBoSLN', 'Qrn2oaffxm', 'b8L2NxF3qE', 'RXD2aoPQUj', 'JN92fx4aUP', 'Lhs2iShGHP', 'IaF2wpUMGa', 'nZX2dkZPOm' |
Source: 0.2.z34PDnVzyEItkXaInw.exe.3895d00.9.raw.unpack, pwBXFPmX3uaAj0XiEQ.cs | High entropy of concatenated method names: 'AsCC1gHfNd', 'vEhCZKIShu', 'Uf59HO3xdX', 'sHa9NZl4k4', 'POh9a4C8G1', 'aaw9nCBwIn', 'O8B9fb8C1d', 'wcl9itYihR', 'cqN9Im8hfZ', 'NLt9w8O0CQ' |
Source: 0.2.z34PDnVzyEItkXaInw.exe.3895d00.9.raw.unpack, JpIWHBNgRRoySP6j81.cs | High entropy of concatenated method names: 'Him9Gb4hJs', 'oPo97sP50J', 'x7D9xo5Bnm', 'RvM9uW9Y8t', 'ScQ9KYjZyQ', 'SOi9UcCFDO', 'rFM9YeHaC8', 'blg9MVfZdf', 'Aqk9jiT4Rv', 'iUZ9AARM6Q' |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 922337203685477 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 922337203685477 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 600000 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 599875 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 599765 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 599656 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 599546 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 599426 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 599312 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 599202 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 599093 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 598984 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 598875 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 598765 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 598651 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 598543 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 598404 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 598296 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 598187 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 598077 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 597968 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 597857 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 597748 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 597640 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 597531 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 597421 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 597310 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 597202 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 597093 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 596984 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 596874 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 596765 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 596656 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 596546 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 596437 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 596328 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 596218 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 596109 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 595999 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 595889 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 595780 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 595671 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 595562 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 595452 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 595343 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 595234 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 595125 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 595015 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 594906 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 594796 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 594687 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 594578 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe TID: 5008 | Thread sleep time: -922337203685477s >= -30000s | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe TID: 5564 | Thread sleep count: 32 > 30 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe TID: 5564 | Thread sleep time: -29514790517935264s >= -30000s | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe TID: 5564 | Thread sleep time: -600000s >= -30000s | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe TID: 5480 | Thread sleep count: 2126 > 30 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe TID: 5564 | Thread sleep time: -599875s >= -30000s | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe TID: 5480 | Thread sleep count: 7733 > 30 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe TID: 5564 | Thread sleep time: -599765s >= -30000s | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe TID: 5564 | Thread sleep time: -599656s >= -30000s | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe TID: 5564 | Thread sleep time: -599546s >= -30000s | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe TID: 5564 | Thread sleep time: -599426s >= -30000s | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe TID: 5564 | Thread sleep time: -599312s >= -30000s | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe TID: 5564 | Thread sleep time: -599202s >= -30000s | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe TID: 5564 | Thread sleep time: -599093s >= -30000s | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe TID: 5564 | Thread sleep time: -598984s >= -30000s | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe TID: 5564 | Thread sleep time: -598875s >= -30000s | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe TID: 5564 | Thread sleep time: -598765s >= -30000s | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe TID: 5564 | Thread sleep time: -598651s >= -30000s | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe TID: 5564 | Thread sleep time: -598543s >= -30000s | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe TID: 5564 | Thread sleep time: -598404s >= -30000s | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe TID: 5564 | Thread sleep time: -598296s >= -30000s | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe TID: 5564 | Thread sleep time: -598187s >= -30000s | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe TID: 5564 | Thread sleep time: -598077s >= -30000s | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe TID: 5564 | Thread sleep time: -597968s >= -30000s | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe TID: 5564 | Thread sleep time: -597857s >= -30000s | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe TID: 5564 | Thread sleep time: -597748s >= -30000s | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe TID: 5564 | Thread sleep time: -597640s >= -30000s | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe TID: 5564 | Thread sleep time: -597531s >= -30000s | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe TID: 5564 | Thread sleep time: -597421s >= -30000s | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe TID: 5564 | Thread sleep time: -597310s >= -30000s | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe TID: 5564 | Thread sleep time: -597202s >= -30000s | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe TID: 5564 | Thread sleep time: -597093s >= -30000s | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe TID: 5564 | Thread sleep time: -596984s >= -30000s | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe TID: 5564 | Thread sleep time: -596874s >= -30000s | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe TID: 5564 | Thread sleep time: -596765s >= -30000s | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe TID: 5564 | Thread sleep time: -596656s >= -30000s | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe TID: 5564 | Thread sleep time: -596546s >= -30000s | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe TID: 5564 | Thread sleep time: -596437s >= -30000s | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe TID: 5564 | Thread sleep time: -596328s >= -30000s | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe TID: 5564 | Thread sleep time: -596218s >= -30000s | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe TID: 5564 | Thread sleep time: -596109s >= -30000s | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe TID: 5564 | Thread sleep time: -595999s >= -30000s | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe TID: 5564 | Thread sleep time: -595889s >= -30000s | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe TID: 5564 | Thread sleep time: -595780s >= -30000s | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe TID: 5564 | Thread sleep time: -595671s >= -30000s | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe TID: 5564 | Thread sleep time: -595562s >= -30000s | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe TID: 5564 | Thread sleep time: -595452s >= -30000s | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe TID: 5564 | Thread sleep time: -595343s >= -30000s | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe TID: 5564 | Thread sleep time: -595234s >= -30000s | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe TID: 5564 | Thread sleep time: -595125s >= -30000s | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe TID: 5564 | Thread sleep time: -595015s >= -30000s | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe TID: 5564 | Thread sleep time: -594906s >= -30000s | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe TID: 5564 | Thread sleep time: -594796s >= -30000s | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe TID: 5564 | Thread sleep time: -594687s >= -30000s | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe TID: 5564 | Thread sleep time: -594578s >= -30000s | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 922337203685477 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 922337203685477 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 600000 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 599875 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 599765 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 599656 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 599546 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 599426 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 599312 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 599202 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 599093 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 598984 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 598875 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 598765 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 598651 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 598543 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 598404 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 598296 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 598187 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 598077 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 597968 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 597857 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 597748 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 597640 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 597531 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 597421 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 597310 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 597202 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 597093 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 596984 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 596874 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 596765 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 596656 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 596546 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 596437 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 596328 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 596218 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 596109 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 595999 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 595889 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 595780 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 595671 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 595562 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 595452 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 595343 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 595234 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 595125 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 595015 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 594906 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 594796 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 594687 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Thread delayed: delay time: 594578 | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Queries volume information: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe VolumeInformation | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformation | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll VolumeInformation | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll VolumeInformation | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Queries volume information: C:\Windows\Fonts\micross.ttf VolumeInformation | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll VolumeInformation | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Queries volume information: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe VolumeInformation | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformation | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll VolumeInformation | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll VolumeInformation | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll VolumeInformation | Jump to behavior |
Source: C:\Users\user\Desktop\z34PDnVzyEItkXaInw.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll VolumeInformation | Jump to behavior |