Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
String found in binary or memory: http://.css |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
String found in binary or memory: http://.jpg |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
String found in binary or memory: http://html4/loose.dtd |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
String found in binary or memory: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
String found in binary or memory: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
String found in binary or memory: https://aka.ms/GlobalizationInvariantMode |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
String found in binary or memory: https://aka.ms/binaryformatter |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
String found in binary or memory: https://aka.ms/dotnet-core-applaunch? |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
String found in binary or memory: https://aka.ms/dotnet-illink/com |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
String found in binary or memory: https://aka.ms/dotnet-illink/com) |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
String found in binary or memory: https://aka.ms/dotnet-illink/nativehost |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
String found in binary or memory: https://aka.ms/dotnet-warnings/ |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
String found in binary or memory: https://aka.ms/dotnet/app-launch-failed |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
String found in binary or memory: https://aka.ms/dotnet/app-launch-failedRequired: |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
String found in binary or memory: https://aka.ms/dotnet/download |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
String found in binary or memory: https://aka.ms/dotnet/download%s%sInstall |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
String found in binary or memory: https://aka.ms/dotnet/info |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
String found in binary or memory: https://aka.ms/dotnet/sdk-not-found |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
String found in binary or memory: https://aka.ms/nativeaot-compatibility |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
String found in binary or memory: https://bitbucket.org/iBotPeaches/apktool/downloads/apktool_2.9.3.jar |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
String found in binary or memory: https://dl.google.com/android/repository/platform-tools-latest-windows.zip |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
String found in binary or memory: https://github.com/blake502/balatro-apk-maker/releases/download/Additional-Tools-1.0/7za.exe9Extract |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
String found in binary or memory: https://github.com/blake502/balatro-apk-maker/releases/download/Additional-Tools-1.0/Balatro-APK-Pat |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
String found in binary or memory: https://github.com/blake502/balatro-apk-maker/releases/download/Additional-Tools-1.0/balatro-base.ip |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
String found in binary or memory: https://github.com/dotnet/runtime |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
String found in binary or memory: https://github.com/love2d/love-android/releases/download/11.5a/love-11.5-android-embed.apk7love-11.5 |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
String found in binary or memory: https://github.com/patrickfav/uber-apk-signer/releases/download/v1.3.0/uber-apk-signer-1.3.0.jar |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe, 00000000.00000002.3292163811.000002E7C1D10000.00000004.00001000.00020000.00000000.sdmp |
String found in binary or memory: https://javadl.oracle.com/webapps/download/AutoDL?BundleId=249553_4d245f941845490c91360409ecffb3b4 |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
String found in binary or memory: https://javadl.oracle.com/webapps/download/AutoDL?BundleId=249553_4d245f941845490c91360409ecffb3b4%j |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe, 00000000.00000002.3292163811.000002E7C1D10000.00000004.00001000.00020000.00000000.sdmp |
String found in binary or memory: https://www.python.org/ftp/python/3.12.3/python-3.12.3-amd64.exe |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
String found in binary or memory: https://www.python.org/ftp/python/3.12.3/python-3.12.3-amd64.exe)python-installer.exe)Installing |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Binary or memory string: OriginalFilename vs SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe, 00000000.00000002.3296042280.00007FF735425000.00000002.00000001.01000000.00000003.sdmp |
Binary or memory string: OriginalFilenamemscordaccore.dll@ vs SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe, 00000000.00000002.3296042280.00007FF735425000.00000002.00000001.01000000.00000003.sdmp |
Binary or memory string: OriginalFilenamebalatro-mobile-maker.dllJ vs SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe, 00000000.00000002.3291561128.000002A72CE20000.00000002.00000001.00040000.00000003.sdmp |
Binary or memory string: OriginalFilenameSystem.ComponentModel.Primitives.dll@ vs SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe, 00000000.00000002.3291561128.000002A72CE20000.00000002.00000001.00040000.00000003.sdmp |
Binary or memory string: OriginalFilenameSystem.ComponentModel.TypeConverter.dll@ vs SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe, 00000000.00000002.3291561128.000002A72CE20000.00000002.00000001.00040000.00000003.sdmp |
Binary or memory string: OriginalFilenameSystem.Console.dll@ vs SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe, 00000000.00000002.3291805414.000002A72CF40000.00000002.00000001.00040000.00000003.sdmp |
Binary or memory string: OriginalFilenameSystem.Collections.Immutable.dll@ vs SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe, 00000000.00000002.3291805414.000002A72CF40000.00000002.00000001.00040000.00000003.sdmp |
Binary or memory string: OriginalFilenameSystem.Collections.NonGeneric.dll@ vs SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe, 00000000.00000002.3291805414.000002A72CF40000.00000002.00000001.00040000.00000003.sdmp |
Binary or memory string: OriginalFilenameSystem.Collections.Specialized.dll@ vs SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe, 00000000.00000002.3291805414.000002A72CF40000.00000002.00000001.00040000.00000003.sdmp |
Binary or memory string: OriginalFilenameSystem.Collections.dll@ vs SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe, 00000000.00000002.3291805414.000002A72CF40000.00000002.00000001.00040000.00000003.sdmp |
Binary or memory string: OriginalFilenameSystem.ComponentModel.Primitives.dll@ vs SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe, 00000000.00000002.3291491514.000002A72CDF0000.00000002.00000001.00040000.00000003.sdmp |
Binary or memory string: OriginalFilenameSystem.Diagnostics.DiagnosticSource.dll@ vs SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe, 00000000.00000002.3291491514.000002A72CDF0000.00000002.00000001.00040000.00000003.sdmp |
Binary or memory string: OriginalFilenameSystem.Diagnostics.Process.dll@ vs SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe, 00000000.00000002.3291986537.000002E7C1AC0000.00000002.00000001.00040000.00000003.sdmp |
Binary or memory string: OriginalFilenameSystem.Private.CoreLib.dll@ vs SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe, 00000000.00000002.3291468145.000002A72CDD0000.00000002.00000001.00040000.00000003.sdmp |
Binary or memory string: OriginalFilenamebalatro-mobile-maker.dllJ vs SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Binary or memory string: OriginalFilenamemscordaccore.dll@ vs SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Binary or memory string: OriginalFilenamebalatro-mobile-maker.dllJ vs SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Binary or memory string: OriginalFilenameMicrosoft.Win32.Registry.dll@ vs SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Binary or memory string: OriginalFilenameSystem.Collections.Concurrent.dll@ vs SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Binary or memory string: OriginalFilenameSystem.Collections.Immutable.dll@ vs SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Binary or memory string: OriginalFilenameSystem.Collections.NonGeneric.dll@ vs SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Binary or memory string: OriginalFilenameSystem.Collections.Specialized.dll@ vs SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Binary or memory string: OriginalFilenameSystem.Collections.dll@ vs SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Binary or memory string: OriginalFilenameSystem.ComponentModel.Primitives.dll@ vs SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Binary or memory string: OriginalFilenameSystem.ComponentModel.TypeConverter.dll@ vs SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Binary or memory string: OriginalFilenameSystem.Console.dll@ vs SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Binary or memory string: OriginalFilenameSystem.Diagnostics.DiagnosticSource.dll@ vs SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Binary or memory string: OriginalFilenameSystem.Diagnostics.Process.dll@ vs SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Binary or memory string: OriginalFilenameSystem.Diagnostics.StackTrace.dll@ vs SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Binary or memory string: OriginalFilenameSystem.Formats.Asn1.dll@ vs SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Binary or memory string: OriginalFilenameSystem.IO.Compression.Brotli.dll@ vs SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Binary or memory string: OriginalFilenameSystem.IO.Compression.dll@ vs SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Binary or memory string: OriginalFilenameSystem.IO.MemoryMappedFiles.dll@ vs SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Binary or memory string: OriginalFilenameSystem.Net.Http.dll@ vs SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Binary or memory string: OriginalFilenameSystem.Net.NameResolution.dll@ vs SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Binary or memory string: OriginalFilenameSystem.Net.NetworkInformation.dll@ vs SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Binary or memory string: OriginalFilenameSystem.Net.Primitives.dll@ vs SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Binary or memory string: OriginalFilenameSystem.Net.Quic.dll@ vs SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Binary or memory string: OriginalFilenameSystem.Net.Requests.dll@ vs SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Binary or memory string: OriginalFilenameSystem.Net.Security.dll@ vs SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Binary or memory string: OriginalFilenameSystem.Net.ServicePoint.dll@ vs SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Binary or memory string: OriginalFilenameSystem.Net.Sockets.dll@ vs SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Binary or memory string: OriginalFilenameSystem.Net.WebClient.dll@ vs SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Binary or memory string: OriginalFilenameSystem.Net.WebHeaderCollection.dll@ vs SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Binary or memory string: OriginalFilenameSystem.ObjectModel.dll@ vs SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Binary or memory string: OriginalFilenameSystem.Private.CoreLib.dll@ vs SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Binary or memory string: OriginalFilenameSystem.Private.Uri.dll@ vs SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Binary or memory string: OriginalFilenameSystem.Reflection.Metadata.dll@ vs SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Binary or memory string: OriginalFilenameSystem.Runtime.Numerics.dll@ vs SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Binary or memory string: OriginalFilenameSystem.Security.Claims.dll@ vs SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Binary or memory string: OriginalFilenameSystem.Security.Cryptography.dll@ vs SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Binary or memory string: OriginalFilenameSystem.Security.Principal.Windows.dll@ vs SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Binary or memory string: OriginalFilenameSystem.Threading.Channels.dll@ vs SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Binary or memory string: OriginalFilenameSystem.dll@ vs SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
String found in binary or memory: overflow:hidden;img src="http://addEventListenerresponsible for s.js"></script> |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
String found in binary or memory: Morph - Structs/AddrExp |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
String found in binary or memory: prejitIndirect call transformExpand patchpointsPre-importImportationProfile instrumentationProfile incorporationPost-importProfile instrumentation prepMorph - Add internal blocksAllocate ObjectsMorph - InitMorph - InliningMerge callfinally chainsClone finallyRemove empty tryRemove empty finallyMorph - Structs/AddrExpEarly livenessUpdate finally target flagsUpdate flow graph early passIdentify candidates for implicit byref copy omissionMorph - ByRefsPhysical promotionForward SubstitutionMorph - FinishGS CookieMorph - Promote StructsMorph - GlobalTail mergeMerge throw blocksCompute edge weights (1, false)Create EH funcletsOptimize control flowOptimize layoutInvert loopsPost-morph tail mergeRedundant zero InitsFind loopsCompute blocks reachabilitySet block weightsClear loop infoMorph array opsClone loopsUnroll loopsOptimize boolsFind oper orderHoist loop codeMark local varsSSA: topological sortSSA: Doms1Set block orderBuild SSA representationSSA: insert phisSSA: renameSSA: livenessSSA: DFOptimize index checksOptimize Valnum CSEsEarly Value PropagationDo value numberingRedundant branch optsAssertion propVN based copy propVN based intrinsic expansionUpdate flow graph opt passCompute edge weights (2, false)If conversionVN-based dead store removalExpand static initExpand TLS accessStress gtSplitTreeExpand runtime lookupsRationalize IRDo 'simple' loweringInsert GC PollsDetermine first cold blockPer block local var livenessGlobal local var livenessLocal var livenessLocal var liveness initCalculate stack level slotsLinear scan register allocLowering decompositionLowering nodeinfoLSRA resolvePlace 'align' instructionsLSRA build intervalsLSRA allocateEmit GC+EH tablesPost-EmitGenerate codeEmit code Compiled %d methods. |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
String found in binary or memory: GC initialization failed with error 0x%08XVirtualAlloc2kernelbase.dllMapViewOfFile3string too longbad array new lengthApplication root path is empty. This shouldn't happenUsing internal fxrUsing internal hostpolicyPath containing probing policy and assemblies to probe for.<path>--additionalprobingpathPath to <application>.runtimeconfig.json file.--runtimeconfigPath to <application>.deps.json file.--depsfile--roll-forwardVersion of the installed Shared Framework to use to run the application.<version>--fx-versionPath to additional deps.json file.--additional-depsRoll forward to framework version (LatestPatch, Minor, LatestMinor, Major, LatestMajor, Disable)<value>sdk<obsolete><n>--roll-forward-on-no-candidate-fxUsing the provided arguments to determine the application to execute. %s %-*s %sFailed to parse supported options or their values:Parsed known arg %s = %sThe application to execute does not exist: '%s'dotnet exec needs a managed .dll or .exe extension. The application specified was '%s'Application '%s' does not exist.Application '%s' is not a managed executable.exec--- Executing in muxer mode...--- Executing in a native executable mode...--- Executing in split/FX mode... |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
String found in binary or memory: %sNot foundhost-options: The path to an application .dll file to execute.path-to-application:Usage: dotnet [host-options] [path-to-application] -h|--help Displays this help.Common Options: --list-sdks Display the installed SDKs --list-runtimes Display the installed runtimesunordered_map/set too longinvalid string positionvector too long --info Display .NET information.invalid hash bucket count--- Invoked %s [version: %s]hostfxr_main_startupinfoInvalid startup info: host_path, dotnet_root, and app_path should not be null.A fatal error occurred while processing application bundlehostfxr_main_bundle_startupinfoget-native-search-directories.dev.json.jsonHosting components are already initialized. Re-initialization to execute an app is not allowed.Ignoring host interpreted additional probing path %s as it does not exist.|arch|/|tfm||arch|\|tfm|Runtime config is cfg=%s dev=%sSpecified runtimeconfig.json from [%s]App runtimeconfig.json from [%s]The specified runtimeconfig.json [%s] does not existIgnoring additional probing path %s as it does not exist..runtimeconfig.jsonDetecting mode... CoreCLR present in dotnet root [%s] and checking if [%s] file present=[%d].deps.jsonInvalid runtimeconfig.json [%s] [%s]DOTNET_ADDITIONAL_DEPSIt's invalid to use both '%s' and '%s' command line options.Invalid value for command line argument '%s'The specified deps.json [%s] does not existExecuting as a %s app as per config file [%s]self-containedframework-dependentHOSTFXR_PATH--list-runtimes--list-sdksUsing dotnet root path [%s]/?-?--help-hdotnet.dll The command could not be loaded, possibly because: |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
String found in binary or memory: %sNot foundhost-options: The path to an application .dll file to execute.path-to-application:Usage: dotnet [host-options] [path-to-application] -h|--help Displays this help.Common Options: --list-sdks Display the installed SDKs --list-runtimes Display the installed runtimesunordered_map/set too longinvalid string positionvector too long --info Display .NET information.invalid hash bucket count--- Invoked %s [version: %s]hostfxr_main_startupinfoInvalid startup info: host_path, dotnet_root, and app_path should not be null.A fatal error occurred while processing application bundlehostfxr_main_bundle_startupinfoget-native-search-directories.dev.json.jsonHosting components are already initialized. Re-initialization to execute an app is not allowed.Ignoring host interpreted additional probing path %s as it does not exist.|arch|/|tfm||arch|\|tfm|Runtime config is cfg=%s dev=%sSpecified runtimeconfig.json from [%s]App runtimeconfig.json from [%s]The specified runtimeconfig.json [%s] does not existIgnoring additional probing path %s as it does not exist..runtimeconfig.jsonDetecting mode... CoreCLR present in dotnet root [%s] and checking if [%s] file present=[%d].deps.jsonInvalid runtimeconfig.json [%s] [%s]DOTNET_ADDITIONAL_DEPSIt's invalid to use both '%s' and '%s' command line options.Invalid value for command line argument '%s'The specified deps.json [%s] does not existExecuting as a %s app as per config file [%s]self-containedframework-dependentHOSTFXR_PATH--list-runtimes--list-sdksUsing dotnet root path [%s]/?-?--help-hdotnet.dll The command could not be loaded, possibly because: |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
String found in binary or memory: https://aka.ms/dotnet/app-launch-failed |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
String found in binary or memory: https://aka.ms/dotnet/app-launch-failedRequired: |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
String found in binary or memory: https://javadl.oracle.com/webapps/download/AutoDL?BundleId=249553_4d245f941845490c91360409ecffb3b4%java-installer.exe%Installing Java...+java-installer.exe /sUJava still not detected! Try to re-launch.Oexplorer https://www.java.com/download/-Checking for Python...-python --version 3>NUL |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
String found in binary or memory: https://javadl.oracle.com/webapps/download/AutoDL?BundleId=249553_4d245f941845490c91360409ecffb3b4%java-installer.exe%Installing Java...+java-installer.exe /sUJava still not detected! Try to re-launch.Oexplorer https://www.java.com/download/-Checking for Python...-python --version 3>NUL |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
String found in binary or memory: https://www.python.org/ftp/python/3.12.3/python-3.12.3-amd64.exe)python-installer.exe)Installing Python...7python-installer.exe /quiet |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
String found in binary or memory: Python still not detected! Try to re-launch, or install Python manually from the Microsoft Store. |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
String found in binary or memory: ccd platform-tools && cd platform-tools && adb push "%AppData%/Balatro/." /data/local/tmp/balatro/files/save/game && adb shell am force-stop com.unofficial.balatro && adb shell run-as com.unofficial.balatro cp -r /data/local/tmp/balatro/files . && adb shell rm -r /data/local/tmp/balatro && adb kill-servermWould you like to pull saves from your Android device? |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
String found in binary or memory: cd platform-tools && cd platform-tools && adb pull /data/local/tmp/balatro/files/. %AppData%/Balatro/eAttempting to pull save files from Android device.7Deleting temporary files...-del java-installer.exe?del love-11.5-android-embed.apk3del Balatro-APK-Patch.zip |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
String found in binary or memory: del 7za.exeSdel balatro-aligned-debugSigned.apk.idsig1del balatro-unsigned.apk-del platform-tools.zip1del python-installer.exe |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
String found in binary or memory: https://github.com/blake502/balatro-apk-maker/releases/download/Additional-Tools-1.0/7za.exe9Extracting platform-tools...S7za x platform-tools.zip -oplatform-tools |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
String found in binary or memory: https://github.com/blake502/balatro-apk-maker/releases/download/Additional-Tools-1.0/Balatro-APK-Patch.zip+Balatro-APK-Patch.zip |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
String found in binary or memory: https://github.com/blake502/balatro-apk-maker/releases/download/Additional-Tools-1.0/balatro-base.ipa!balatro-base.ipa;An unexpected error occurred! |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
String found in binary or memory: maxBufferSize!CheckTaskNotNull/LoadIntoBufferAsyncCore%HttpMessageHandlerSend |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
String found in binary or memory: ,!requests-started!Requests Started+requests-started-rate+Requests Started Rate |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
String found in binary or memory: usableCHTTP2 connection no longer usableUCreating new HTTP/1.1 connection for pool.1AddHttp11ConnectionAsyncQCreating new HTTP/2 connection for pool./AddHttp2ConnectionAsync |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
String found in binary or memory: (?)-AddressChangedCallback |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_IMPORT |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_RESOURCE |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_BASERELOC |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG |
Source: SecuriteInfo.com.Trojan.MSIL.Rozena.9214.20581.exe |
Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_IAT |