Source: SecuriteInfo.com.FileRepPup.24194.30525.exe |
Static PE information: DYNAMIC_BASE, NX_COMPAT, TERMINAL_SERVER_AWARE |
Source: SecuriteInfo.com.FileRepPup.24194.30525.exe |
String found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0E |
Source: SecuriteInfo.com.FileRepPup.24194.30525.exe |
String found in binary or memory: http://cacerts.digicert.com/DigiCertEVCodeSigningCA-SHA2.crt0 |
Source: SecuriteInfo.com.FileRepPup.24194.30525.exe |
String found in binary or memory: http://cacerts.digicert.com/DigiCertHighAssuranceEVRootCA.crt0 |
Source: SecuriteInfo.com.FileRepPup.24194.30525.exe |
String found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crt0 |
Source: SecuriteInfo.com.FileRepPup.24194.30525.exe |
String found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedRootG4.crt0C |
Source: SecuriteInfo.com.FileRepPup.24194.30525.exe |
String found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0 |
Source: SecuriteInfo.com.FileRepPup.24194.30525.exe |
String found in binary or memory: http://crl3.digicert.com/DigiCertHighAssuranceEVRootCA.crl0 |
Source: SecuriteInfo.com.FileRepPup.24194.30525.exe |
String found in binary or memory: http://crl3.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crl0 |
Source: SecuriteInfo.com.FileRepPup.24194.30525.exe |
String found in binary or memory: http://crl3.digicert.com/DigiCertTrustedRootG4.crl0 |
Source: SecuriteInfo.com.FileRepPup.24194.30525.exe |
String found in binary or memory: http://crl3.digicert.com/EVCodeSigningSHA2-g1.crl07 |
Source: SecuriteInfo.com.FileRepPup.24194.30525.exe |
String found in binary or memory: http://crl4.digicert.com/DigiCertHighAssuranceEVRootCA.crl0 |
Source: SecuriteInfo.com.FileRepPup.24194.30525.exe |
String found in binary or memory: http://crl4.digicert.com/EVCodeSigningSHA2-g1.crl0J |
Source: SecuriteInfo.com.FileRepPup.24194.30525.exe |
String found in binary or memory: http://ocsp.digicert.com0A |
Source: SecuriteInfo.com.FileRepPup.24194.30525.exe |
String found in binary or memory: http://ocsp.digicert.com0C |
Source: SecuriteInfo.com.FileRepPup.24194.30525.exe |
String found in binary or memory: http://ocsp.digicert.com0H |
Source: SecuriteInfo.com.FileRepPup.24194.30525.exe |
String found in binary or memory: http://ocsp.digicert.com0I |
Source: SecuriteInfo.com.FileRepPup.24194.30525.exe |
String found in binary or memory: http://ocsp.digicert.com0X |
Source: SecuriteInfo.com.FileRepPup.24194.30525.exe |
String found in binary or memory: http://tj2.sj |
Source: SecuriteInfo.com.FileRepPup.24194.30525.exe |
String found in binary or memory: http://tj2.sjhfrj.com&&&X-HM-Time:X-HM-Credential:Content-Type:application/jsoncitycountry_code |
Source: SecuriteInfo.com.FileRepPup.24194.30525.exe |
String found in binary or memory: http://tj2.sjhfrj.com/software/346 |
Source: SecuriteInfo.com.FileRepPup.24194.30525.exe |
String found in binary or memory: http://tj2.sjhfrj.com/software/346DownloadUrlInstallDownloadTypetrueIsCheckNetIsEnableAppSensors.dow |
Source: SecuriteInfo.com.FileRepPup.24194.30525.exe, 00000000.00000002.2868959775.0000000001320000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: http://tj2.sjhfrj.com/software/346full.dll |
Source: SecuriteInfo.com.FileRepPup.24194.30525.exe |
String found in binary or memory: http://www.digicert.com/CPS0 |
Source: SecuriteInfo.com.FileRepPup.24194.30525.exe |
String found in binary or memory: http://www.digicert.com/ssl-cps-repository.htm0 |
Source: SecuriteInfo.com.FileRepPup.24194.30525.exe |
String found in binary or memory: https://curl.haxx.se/docs/http-cookies.html |
Source: SecuriteInfo.com.FileRepPup.24194.30525.exe |
String found in binary or memory: https://curl.haxx.se/docs/http-cookies.html# |
Source: SecuriteInfo.com.FileRepPup.24194.30525.exe |
String found in binary or memory: https://tj.nnxieli.com/sa?project=my_project |
Source: SecuriteInfo.com.FileRepPup.24194.30525.exe |
String found in binary or memory: https://tj.nnxieli.com/sa?project=my_projecthttps://tj.nnxieli.com/sa?project=pc |
Source: SecuriteInfo.com.FileRepPup.24194.30525.exe, palmtranslator.downloader_HDSConfigure.ini.0.dr |
String found in binary or memory: https://tj.nnxieli.com/sa?project=pc |
Source: SecuriteInfo.com.FileRepPup.24194.30525.exe, 00000000.00000002.2868959775.0000000001328000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://tj.nnxieli.com/sa?project=pcata |
Source: SecuriteInfo.com.FileRepPup.24194.30525.exe, 00000000.00000002.2868959775.0000000001328000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://tj.nnxieli.com/sa?project=pcrive |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: 0_2_009A7730 GetKeyState,GetKeyState,GetKeyState,GetKeyState,GetKeyState,GetKeyState, |
0_2_009A7730 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: 0_2_009A9F40 GetKeyState,GetKeyState,GetKeyState,GetKeyState,GetKeyState,GetKeyState,GetTickCount,_wcsstr,GetKeyState, |
0_2_009A9F40 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: 0_2_00958470 |
0_2_00958470 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: 0_2_009B6570 |
0_2_009B6570 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: 0_2_009CA770 |
0_2_009CA770 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: 0_2_009D0A60 |
0_2_009D0A60 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: 0_2_009C5410 |
0_2_009C5410 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: 0_2_00961580 |
0_2_00961580 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: 0_2_009A7790 |
0_2_009A7790 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: 0_2_009A3E10 |
0_2_009A3E10 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: 0_2_009B0080 |
0_2_009B0080 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: 0_2_0099A0D0 |
0_2_0099A0D0 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: 0_2_00A840F3 |
0_2_00A840F3 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: 0_2_00A3E1E0 |
0_2_00A3E1E0 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: 0_2_00968220 |
0_2_00968220 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: 0_2_00A7433A |
0_2_00A7433A |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: 0_2_009D25C0 |
0_2_009D25C0 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: 0_2_00A02500 |
0_2_00A02500 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: 0_2_009B0520 |
0_2_009B0520 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: 0_2_009CE6E0 |
0_2_009CE6E0 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: 0_2_009CC700 |
0_2_009CC700 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: 0_2_009F2770 |
0_2_009F2770 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: 0_2_00A46800 |
0_2_00A46800 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: 0_2_009F2820 |
0_2_009F2820 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: 0_2_009C49E0 |
0_2_009C49E0 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: 0_2_009DE920 |
0_2_009DE920 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: 0_2_00A6E970 |
0_2_00A6E970 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: 0_2_00996A20 |
0_2_00996A20 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: 0_2_009BEA20 |
0_2_009BEA20 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: 0_2_009DAA50 |
0_2_009DAA50 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: 0_2_0096ABA0 |
0_2_0096ABA0 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: 0_2_009D8C80 |
0_2_009D8C80 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: 0_2_00962C50 |
0_2_00962C50 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: 0_2_00A64D8D |
0_2_00A64D8D |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: 0_2_009EAE00 |
0_2_009EAE00 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: 0_2_00A64FBC |
0_2_00A64FBC |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: 0_2_00986FE0 |
0_2_00986FE0 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: 0_2_009C0F70 |
0_2_009C0F70 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: 0_2_0095F090 |
0_2_0095F090 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: 0_2_009CD160 |
0_2_009CD160 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: 0_2_00A072F0 |
0_2_00A072F0 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: 0_2_0096F3F0 |
0_2_0096F3F0 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: 0_2_009BF480 |
0_2_009BF480 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: 0_2_009C34E0 |
0_2_009C34E0 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: 0_2_0099D400 |
0_2_0099D400 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: 0_2_00A417F0 |
0_2_00A417F0 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: 0_2_009CB9A0 |
0_2_009CB9A0 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: 0_2_009919D0 |
0_2_009919D0 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: 0_2_00A13BA0 |
0_2_00A13BA0 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: 0_2_00A4FBE7 |
0_2_00A4FBE7 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: 0_2_00A17CB0 |
0_2_00A17CB0 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: 0_2_00A61CC0 |
0_2_00A61CC0 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: 0_2_00A21D20 |
0_2_00A21D20 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: 0_2_009C9D00 |
0_2_009C9D00 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: 0_2_009BDE50 |
0_2_009BDE50 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: String function: 009564B0 appears 57 times |
|
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: String function: 00956940 appears 36 times |
|
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: String function: 00956610 appears 44 times |
|
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: String function: 00956720 appears 40 times |
|
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: String function: 00A45E80 appears 37 times |
|
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: String function: 00A45DD4 appears 67 times |
|
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: String function: 00A423A4 appears 59 times |
|
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: String function: 00A6C07E appears 51 times |
|
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: 0_2_0099F790 GetDiskFreeSpaceExW,GetLocalTime,GetLastError,GetCurrentThreadId,GetCurrentProcessId, |
0_2_0099F790 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: 0_2_0096F1E0 CreateToolhelp32Snapshot,Process32FirstW,Process32NextW,Process32NextW,lstrcmpW,lstrcmpW,Process32NextW,CloseHandle, |
0_2_0096F1E0 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: 0_2_0099BD60 CoCreateInstance,GetLocalTime,GetCurrentThreadId,GetCurrentProcessId,GetLocalTime,GetCurrentThreadId,GetCurrentProcessId,CoFreeUnusedLibraries, |
0_2_0099BD60 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: 0_2_009B85C0 GetWindowLongW,SetWindowLongW,GetClientRect,SetWindowPos,FindResourceW,LoadResource,FreeResource,SizeofResource,LockResource,FreeResource,MessageBoxW,ExitProcess, |
0_2_009B85C0 |
Source: SecuriteInfo.com.FileRepPup.24194.30525.exe |
Static PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ |
Source: SecuriteInfo.com.FileRepPup.24194.30525.exe |
String found in binary or memory: MonTueWedThuFriSatSunMondayTuesdayWednesdayThursdayFridaySaturdaySundayJanFebMarAprMayJunJulAugSepOctNovDec%31[ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz]%02d:%02d:%02d%02d:%02d0123456789LoadLibraryExA\/AddDllDirectory%d.%d.%d.%dschannel: SSL/TLS connection with %s port %hu (step 1/3) |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Section loaded: urlmon.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Section loaded: winmm.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Section loaded: wtsapi32.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Section loaded: netapi32.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Section loaded: iertutil.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Section loaded: srvcli.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Section loaded: netutils.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Section loaded: samcli.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Section loaded: version.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Section loaded: sxs.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Section loaded: dwmapi.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Section loaded: msimg32.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Section loaded: ieframe.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Section loaded: userenv.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Section loaded: winhttp.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Section loaded: wkscli.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Section loaded: ws2help.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Section loaded: windowscodecs.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Section loaded: secur32.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Section loaded: sspicli.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Section loaded: windows.storage.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Section loaded: wldp.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Section loaded: kernel.appcore.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Section loaded: uxtheme.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Section loaded: propsys.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Section loaded: profapi.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Section loaded: textinputframework.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Section loaded: coreuicomponents.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Section loaded: coremessaging.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Section loaded: ntmarta.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Section loaded: wintypes.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Section loaded: wintypes.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Section loaded: wintypes.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Section loaded: iconcodecservice.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Section loaded: winsta.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Section loaded: samlib.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Section loaded: textshaping.dll |
Jump to behavior |
Source: SecuriteInfo.com.FileRepPup.24194.30525.exe |
Static PE information: Raw size of .text is bigger than: 0x100000 < 0x147600 |
Source: SecuriteInfo.com.FileRepPup.24194.30525.exe |
Static PE information: Raw size of .rsrc is bigger than: 0x100000 < 0x23ce00 |
Source: SecuriteInfo.com.FileRepPup.24194.30525.exe |
Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_IMPORT |
Source: SecuriteInfo.com.FileRepPup.24194.30525.exe |
Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_RESOURCE |
Source: SecuriteInfo.com.FileRepPup.24194.30525.exe |
Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_BASERELOC |
Source: SecuriteInfo.com.FileRepPup.24194.30525.exe |
Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG |
Source: SecuriteInfo.com.FileRepPup.24194.30525.exe |
Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG |
Source: SecuriteInfo.com.FileRepPup.24194.30525.exe |
Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_IAT |
Source: SecuriteInfo.com.FileRepPup.24194.30525.exe |
Static PE information: DYNAMIC_BASE, NX_COMPAT, TERMINAL_SERVER_AWARE |
Source: SecuriteInfo.com.FileRepPup.24194.30525.exe |
Static PE information: Data directory: IMAGE_DIRECTORY_ENTRY_IMPORT is in: .rdata |
Source: SecuriteInfo.com.FileRepPup.24194.30525.exe |
Static PE information: Data directory: IMAGE_DIRECTORY_ENTRY_RESOURCE is in: .rsrc |
Source: SecuriteInfo.com.FileRepPup.24194.30525.exe |
Static PE information: Data directory: IMAGE_DIRECTORY_ENTRY_BASERELOC is in: .reloc |
Source: SecuriteInfo.com.FileRepPup.24194.30525.exe |
Static PE information: Data directory: IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG is in: .rdata |
Source: SecuriteInfo.com.FileRepPup.24194.30525.exe |
Static PE information: Data directory: IMAGE_DIRECTORY_ENTRY_IAT is in: .rdata |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: 0_2_00A22560 GetModuleHandleA,GetProcAddress,_strpbrk,LoadLibraryA,GetProcAddress,LoadLibraryExA,GetSystemDirectoryA,GetSystemDirectoryA,LoadLibraryA, |
0_2_00A22560 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: 0_2_00958470 GetModuleFileNameW,PathStripPathW,PathRemoveFileSpecW,PathFileExistsW,GetPrivateProfileStringW,GetPrivateProfileStringW,GetPrivateProfileIntW,GetPrivateProfileStringW,GetPrivateProfileStringW,GetPrivateProfileStringW,GetPrivateProfileStringW,GetPrivateProfileStringW,GetPrivateProfileStringW, |
0_2_00958470 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: 0_2_009723B0 PathRelativePathToW,GetPrivateProfileStringW, |
0_2_009723B0 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: 0_2_009847A0 GetPrivateProfileStringA, |
0_2_009847A0 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: 0_2_0099E890 PathFileExistsW,GetPrivateProfileStringW, |
0_2_0099E890 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: 0_2_009A7790 IsIconic,ScreenToClient,SendMessageW,SendMessageW,IsRectEmpty,IsIconic,GetTickCount,SendMessageW,_TrackMouseEvent,GetTickCount,SendMessageW,SetFocus,GetTickCount,SetFocus,GetTickCount,ReleaseCapture,GetTickCount,SetFocus,GetTickCount,ScreenToClient,GetTickCount,SendMessageW,SendMessageW,SendMessageW,GetCursorPos,GetWindowRect,IsIconic,GetActiveWindow,PtInRect,SendMessageW,ScreenToClient,SendMessageW,GetTickCount,CreateWindowExW,SendMessageW,SendMessageW,SendMessageW,SendMessageW,SendMessageW,SendMessageW,GetClientRect,SaveDC,GetWindow,GetWindowRect,MapWindowPoints,SetWindowOrgEx,SendMessageW,GetWindow,RestoreDC, |
0_2_009A7790 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: 0_2_009A7790 IsIconic,ScreenToClient,SendMessageW,SendMessageW,IsRectEmpty,IsIconic,GetTickCount,SendMessageW,_TrackMouseEvent,GetTickCount,SendMessageW,SetFocus,GetTickCount,SetFocus,GetTickCount,ReleaseCapture,GetTickCount,SetFocus,GetTickCount,ScreenToClient,GetTickCount,SendMessageW,SendMessageW,SendMessageW,GetCursorPos,GetWindowRect,IsIconic,GetActiveWindow,PtInRect,SendMessageW,ScreenToClient,SendMessageW,GetTickCount,CreateWindowExW,SendMessageW,SendMessageW,SendMessageW,SendMessageW,SendMessageW,SendMessageW,GetClientRect,SaveDC,GetWindow,GetWindowRect,MapWindowPoints,SetWindowOrgEx,SendMessageW,GetWindow,RestoreDC, |
0_2_009A7790 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: 0_2_009A7790 IsIconic,ScreenToClient,SendMessageW,SendMessageW,IsRectEmpty,IsIconic,GetTickCount,SendMessageW,_TrackMouseEvent,GetTickCount,SendMessageW,SetFocus,GetTickCount,SetFocus,GetTickCount,ReleaseCapture,GetTickCount,SetFocus,GetTickCount,ScreenToClient,GetTickCount,SendMessageW,SendMessageW,SendMessageW,GetCursorPos,GetWindowRect,IsIconic,GetActiveWindow,PtInRect,SendMessageW,ScreenToClient,SendMessageW,GetTickCount,CreateWindowExW,SendMessageW,SendMessageW,SendMessageW,SendMessageW,SendMessageW,SendMessageW,GetClientRect,SaveDC,GetWindow,GetWindowRect,MapWindowPoints,SetWindowOrgEx,SendMessageW,GetWindow,RestoreDC, |
0_2_009A7790 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: 0_2_009B8A80 IsIconic, |
0_2_009B8A80 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: 0_2_009B8D90 IsIconic,GetWindowRect,CreateRoundRectRgn,SetWindowRgn,DeleteObject, |
0_2_009B8D90 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: 0_2_009B7560 GetWindowRect,GetParent,GetWindow,MonitorFromWindow,GetMonitorInfoW,IsIconic,GetWindowRect,SetWindowPos, |
0_2_009B7560 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: 0_2_0095F090 GetLocalTime followed by cmp: cmp byte ptr [edi+000000e8h], bl and CTI: jne 0095F928h |
0_2_0095F090 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: 0_2_00A0D950 GetLocalTime followed by cmp: cmp eax, 1eh and CTI: ja 00A0F90Eh |
0_2_00A0D950 |
Source: SecuriteInfo.com.FileRepPup.24194.30525.exe, 00000000.00000002.2868959775.0000000001328000.00000004.00000020.00020000.00000000.sdmp |
Binary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: 0_2_00A4646E IsProcessorFeaturePresent,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter, |
0_2_00A4646E |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: 0_2_00A22560 GetModuleHandleA,GetProcAddress,_strpbrk,LoadLibraryA,GetProcAddress,LoadLibraryExA,GetSystemDirectoryA,GetSystemDirectoryA,LoadLibraryA, |
0_2_00A22560 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: 0_2_0096DCE0 SetUnhandledExceptionFilter,ReleaseMutex,CloseHandle, |
0_2_0096DCE0 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: 0_2_00A4646E IsProcessorFeaturePresent,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter, |
0_2_00A4646E |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: 0_2_00A5D6C1 IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter, |
0_2_00A5D6C1 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: 0_2_00A459C7 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess, |
0_2_00A459C7 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: GetLocaleInfoA,GetLocaleInfoA,GetLocaleInfoA, |
0_2_00984CF0 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: GetLocaleInfoW, |
0_2_00A77580 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: 0_2_00A4D54C GetVersionExW,Concurrency::details::platform::InitializeSystemFunctionPointers,Concurrency::details::WinRT::Initialize,__CxxThrowException@8, |
0_2_00A4D54C |
Source: C:\Users\user\Desktop\SecuriteInfo.com.FileRepPup.24194.30525.exe |
Code function: 0_2_00A57DD4 Concurrency::details::SchedulerBase::GetInternalContext,Concurrency::details::WorkItem::ResolveToken,Concurrency::details::WorkItem::BindTo,Concurrency::details::SchedulerBase::ReleaseInternalContext,Concurrency::details::SchedulerBase::GetInternalContext, |
0_2_00A57DD4 |