Source: C:\Users\user\Desktop\SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe |
Code function: 0_2_0000000140004620 GetFileAttributesW,SetLastError,FindFirstFileW,FindClose,CompareFileTime, |
0_2_0000000140004620 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe |
Code function: 0_2_0000000140003E88 FindFirstFileW,lstrcmpW,lstrcmpW,SetFileAttributesW,DeleteFileW,FindNextFileW,FindClose,SetFileAttributesW,RemoveDirectoryW,??3@YAXPEAX@Z,??3@YAXPEAX@Z, |
0_2_0000000140003E88 |
Source: SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe, 00000000.00000003.1689291681.0000000000858000.00000004.00001000.00020000.00000000.sdmp, SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe, 00000000.00000003.1688185626.00000000048CE000.00000004.00000020.00020000.00000000.sdmp, EasyVBO.exe.0.dr |
String found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0E |
Source: SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe, 00000000.00000003.1689291681.0000000000858000.00000004.00001000.00020000.00000000.sdmp, SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe, 00000000.00000003.1688185626.00000000048CE000.00000004.00000020.00020000.00000000.sdmp, EasyVBO.exe.0.dr |
String found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crt0 |
Source: SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe, 00000000.00000003.1689291681.0000000000858000.00000004.00001000.00020000.00000000.sdmp, SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe, 00000000.00000003.1688185626.00000000048CE000.00000004.00000020.00020000.00000000.sdmp, EasyVBO.exe.0.dr |
String found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crt0 |
Source: SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe, 00000000.00000003.1689291681.0000000000858000.00000004.00001000.00020000.00000000.sdmp, SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe, 00000000.00000003.1688185626.00000000048CE000.00000004.00000020.00020000.00000000.sdmp, EasyVBO.exe.0.dr |
String found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedRootG4.crt0C |
Source: SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe, 00000000.00000003.1689291681.0000000000858000.00000004.00001000.00020000.00000000.sdmp, SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe, 00000000.00000003.1688185626.00000000048CE000.00000004.00000020.00020000.00000000.sdmp, EasyVBO.exe.0.dr |
String found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0 |
Source: SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe, 00000000.00000003.1689291681.0000000000858000.00000004.00001000.00020000.00000000.sdmp, SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe, 00000000.00000003.1688185626.00000000048CE000.00000004.00000020.00020000.00000000.sdmp, EasyVBO.exe.0.dr |
String found in binary or memory: http://crl3.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crl0S |
Source: SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe, 00000000.00000003.1689291681.0000000000858000.00000004.00001000.00020000.00000000.sdmp, SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe, 00000000.00000003.1688185626.00000000048CE000.00000004.00000020.00020000.00000000.sdmp, EasyVBO.exe.0.dr |
String found in binary or memory: http://crl3.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crl0 |
Source: EasyVBO.exe.0.dr |
String found in binary or memory: http://crl3.digicert.com/DigiCertTrustedRootG4.crl0 |
Source: SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe, 00000000.00000003.1689291681.0000000000858000.00000004.00001000.00020000.00000000.sdmp, SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe, 00000000.00000003.1688185626.00000000048CE000.00000004.00000020.00020000.00000000.sdmp, EasyVBO.exe.0.dr |
String found in binary or memory: http://crl4.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crl0 |
Source: SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe, 00000000.00000003.1689291681.0000000000858000.00000004.00001000.00020000.00000000.sdmp, SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe, 00000000.00000003.1688185626.00000000048CE000.00000004.00000020.00020000.00000000.sdmp, EasyVBO.exe.0.dr |
String found in binary or memory: http://ocsp.digicert.com0 |
Source: SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe, 00000000.00000003.1689291681.0000000000858000.00000004.00001000.00020000.00000000.sdmp, SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe, 00000000.00000003.1688185626.00000000048CE000.00000004.00000020.00020000.00000000.sdmp, EasyVBO.exe.0.dr |
String found in binary or memory: http://ocsp.digicert.com0A |
Source: SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe, 00000000.00000003.1689291681.0000000000858000.00000004.00001000.00020000.00000000.sdmp, SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe, 00000000.00000003.1688185626.00000000048CE000.00000004.00000020.00020000.00000000.sdmp, EasyVBO.exe.0.dr |
String found in binary or memory: http://ocsp.digicert.com0C |
Source: SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe, 00000000.00000003.1689291681.0000000000858000.00000004.00001000.00020000.00000000.sdmp, SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe, 00000000.00000003.1688185626.00000000048CE000.00000004.00000020.00020000.00000000.sdmp, EasyVBO.exe.0.dr |
String found in binary or memory: http://ocsp.digicert.com0X |
Source: SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe, 00000000.00000003.1689291681.0000000000858000.00000004.00001000.00020000.00000000.sdmp, SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe, 00000000.00000003.1688185626.00000000048CE000.00000004.00000020.00020000.00000000.sdmp, EasyVBO.exe.0.dr |
String found in binary or memory: http://www.digicert.com/CPS0 |
Source: EasyVBO.exe.0.dr |
String found in binary or memory: http://www.easyas.co.zaBYour |
Source: EasyVBO.exe.0.dr |
String found in binary or memory: https://www.easyas.co.za/downloads/7zEasyVBO.exef |
Source: EasyVBO.exe.0.dr |
String found in binary or memory: https://www.google.com/ |
Source: EasyVBO.exe.0.dr |
String found in binary or memory: https://www.winsms.co.za/api/credits.ASP?User= |
Source: C:\Users\user\Desktop\SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe |
Code function: 0_2_000000014001BE60 |
0_2_000000014001BE60 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe |
Code function: 0_2_000000014001AB78 |
0_2_000000014001AB78 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe |
Code function: 0_2_0000000140007FA4 |
0_2_0000000140007FA4 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe |
Code function: 0_2_0000000140016C30 |
0_2_0000000140016C30 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe |
Code function: 0_2_0000000140006C60 |
0_2_0000000140006C60 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe |
Code function: 0_2_000000014000DC90 |
0_2_000000014000DC90 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe |
Code function: 0_2_0000000140022CA0 |
0_2_0000000140022CA0 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe |
Code function: 0_2_000000014000ECB0 |
0_2_000000014000ECB0 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe |
Code function: 0_2_00000001400108C0 |
0_2_00000001400108C0 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe |
Code function: 0_2_0000000140022940 |
0_2_0000000140022940 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe |
Code function: 0_2_000000014000E940 |
0_2_000000014000E940 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe |
Code function: 0_2_0000000140014190 |
0_2_0000000140014190 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe |
Code function: 0_2_000000014000E1A0 |
0_2_000000014000E1A0 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe |
Code function: 0_2_0000000140013230 |
0_2_0000000140013230 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe |
Code function: 0_2_000000014000DA50 |
0_2_000000014000DA50 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe |
Code function: 0_2_000000014000F6E0 |
0_2_000000014000F6E0 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe |
Code function: 0_2_0000000140021B8C |
0_2_0000000140021B8C |
Source: C:\Users\user\Desktop\SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe |
Code function: 0_2_0000000140022F94 |
0_2_0000000140022F94 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe |
Code function: 0_2_0000000140022BB1 |
0_2_0000000140022BB1 |
Source: SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe |
Binary or memory string: OriginalFilename vs SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe |
Source: SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe, 00000000.00000003.1689291681.0000000000858000.00000004.00001000.00020000.00000000.sdmp |
Binary or memory string: OriginalFilenameEasyVBO.exe vs SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe |
Source: SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe, 00000000.00000000.1632439150.0000000140031000.00000002.00000001.01000000.00000003.sdmp |
Binary or memory string: OriginalFilename7ZSfxMod_x64.exeD vs SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe |
Source: SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe, 00000000.00000003.1681407885.00000000023B0000.00000004.00000020.00020000.00000000.sdmp |
Binary or memory string: OriginalFilename7ZSfxMod_x64.exeD vs SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe |
Source: SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe, 00000000.00000003.1688185626.00000000048CB000.00000004.00000020.00020000.00000000.sdmp |
Binary or memory string: OriginalFilenameEasyVBO.exe vs SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe |
Source: SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe |
Binary or memory string: OriginalFilename7ZSfxMod_x64.exeD vs SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe |
Source: C:\Users\user\Desktop\SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe |
Code function: 0_2_000000014000CE2C GetDlgItem,SendMessageW,GetDlgItem,SetWindowTextW,GetDlgItem,GetWindowLongPtrW,GetDlgItem,SetWindowLongPtrW,GetSystemMenu,EnableMenuItem,GetDlgItem,SetFocus,SetTimer,CoCreateInstance,GetDlgItem,IsWindow,GetDlgItem,EnableWindow,GetDlgItem,ShowWindow, |
0_2_000000014000CE2C |
Source: EasyVBO.exe.0.dr |
Binary or memory string: SELECT sum(daily.Profit) as TotalPR1 from daily WHERE (CODSale = False or (CODSale = True and CODPAID = True)) and RetailLevel = 1; |
Source: EasyVBO.exe.0.dr |
Binary or memory string: SELECT supplierinvoices.date_c, supplierinvoices.SUPPLIER, supplierinvoices.INVNO, supplierinvoices.INVTOTAL, supplierinvoices.UnitCostExcl, supplierinvoices.PLUTOTALExcl, supplierinvoices.USER, supplierinvoices.PLU, supplierinvoices.Barcode, supplierinvoices.DESCRIPTION, supplierinvoices.QTY FROM supplierinvoices WHERE supplierinvoices.INVNO = 'DVBO-frmSupInvLoaded-txtDesc_Change2' and DESCRIPTION like '%N%' order by supplierinvoices.lineorder;&%' AND Supplier = 'T' and InvTotal < 0 and DESCRIPTION like '%&dd-MMM-yyyy : HH:MM:VBO-frmSupInvLoaded-ListItems |
Source: EasyVBO.exe.0.dr |
Binary or memory string: Select sales.date_c as tDate, Null as lTotal, Sum(sales.QTY) as sTotal from sales where Date_c Between '^' Group by format(sales.date_c, 'dd-MMM-yyyy'); |
Source: EasyVBO.exe.0.dr |
Binary or memory string: SELECT Sum(daily.PLUTOTAL) AS TOTALACC from daily where RefNum <> '2' AND AccountSale = True; |
Source: EasyVBO.exe.0.dr |
Binary or memory string: SELECT Rentals.InvNo, Sum(Rentals.VAT) AS TotalVAT, Sum(Rentals.Discount) AS TotalDisc From Rentals where InvNo = 0 GROUP BY Rentals.InvNo; |
Source: EasyVBO.exe.0.dr |
Binary or memory string: SELECT sum(sales.PLUTOTAL) as TotalR2 from sales WHERE Date_c Between ',' and RetailLevel = 2; |
Source: EasyVBO.exe.0.dr |
Binary or memory string: SELECT sum(daily.PLUTOTAL) as TotalR1 from daily WHERE (CODSale = False or (CODSale = True and CODPAID = True)) and RetailLevel = 1; |
Source: EasyVBO.exe.0.dr |
Binary or memory string: SELECT sum(daily.PLUTOTAL) as TotalR2 from daily WHERE (CODSale = False or (CODSale = True and CODPAID = True)) and RetailLevel = 2; |
Source: EasyVBO.exe.0.dr |
Binary or memory string: Select sales.PLU, Null as lTotal, Sum(sales.QTY) as sTotal from sales where PLU = '*' Group by sales.PLU;@Select * from stock where PLU =' |
Source: EasyVBO.exe.0.dr |
Binary or memory string: SELECT orders.date_c, orders.DATELASTSOLD, orders.LASTRETAIL, orders.NUMBER, orders.PLU, orders.DESCRIPTION, orders.QTY, orders.ORDERED, orders.COSTEX, orders.Supplier, orders.LinkedToOther, stock.PLU, stock.SOH, stock.REORDER from orders,stock WHERE orders.PLU=stock.PLU AND `%' ORDER BY orders.Supplier, orders.Description; |
Source: EasyVBO.exe.0.dr |
Binary or memory string: Select suppliers.Supplier from suppliers group by suppliers.Supplier order by suppliers.Supplier;0] STOCK SUPPLIERS REPORT |
Source: EasyVBO.exe.0.dr |
Binary or memory string: SELECT sales.plu, sum(sales.PLUTOTAL) as TotalPettyIn from sales where Company = '*' group by sales.plu; |
Source: EasyVBO.exe.0.dr |
Binary or memory string: SELECT sales.Selected, sales.PLU, sales.Description, sum(sales.Qty) AS TotalQty, recipes.LinkPLU from sales, recipes where Company = 'DfrmSalesHistory-PrintRecipeItemsPP*' GROUP BY sales.PLU; |
Source: EasyVBO.exe.0.dr |
Binary or memory string: SELECT count(1) as RecCount, sales.InvNo from sales Where Date_c Between '.' Group By sales.InvNo;0VBO-mdiMain-ConnectAgain6VBO-mdiMain-cboServer_Click&mdiMain-CheckUpdate |
Source: EasyVBO.exe.0.dr |
Binary or memory string: SELECT sales.category, sum(sales.PLUTOTAL) as TotalSurcharges from sales where Company = '4' group by sales.category; |
Source: EasyVBO.exe.0.dr |
Binary or memory string: Select sales.date_c, Sum(sales.QTY) as sTotal from sales where PLU = '0' Group by sales.date_c; |
Source: EasyVBO.exe.0.dr |
Binary or memory string: Select date_format(sales.Date_c, '%m-%Y') as tDate, Sum(sales.PLUTOTAL) as MonthlyTotal, Sum(sales.PROFIT) as Profit from sales where Company = '\' Group by DATE_FORMAT(sales.Date_c, '%m-%Y');&Account sales only? |
Source: EasyVBO.exe.0.dr |
Binary or memory string: SELECT sales.PLU, sales.Description, sum(sales.Qty) AS TotalQty, recipes.LinkPLU from sales, recipes where Company = 'l' and recipes.LinkPLU = sales.PLU and Date_c Between 'n' GROUP BY sales.PLU,sales.DESCRIPTION,recipes.LINKPLU; |
Source: EasyVBO.exe.0.dr |
Binary or memory string: SELECT daily.LineOrder, daily.InvNo, Sum(daily.VAT) AS TotalVAT, Sum(daily.Discount) AS TotalDisc from daily where InvNo = t GROUP BY daily.LineOrder, daily.InvNo order by LineOrder; |
Source: EasyVBO.exe.0.dr |
Binary or memory string: SELECT daily.CustID, daily.Name, Sum(daily.PLUTotal) AS Total from daily where Company = 'n' and CashedUp = 0 and AccountSale = 1 AND Terminal = 'z' GROUP BY daily.CustID, daily.Name order by daily.Name Desc;2Account Receipts Summary: |
Source: EasyVBO.exe.0.dr |
Binary or memory string: SELECT sum(daily.PROFIT) as TotalPR2 from daily WHERE (CODSale = False or (CODSale = True and CODPAID = True)) and RetailLevel = 2; |
Source: EasyVBO.exe.0.dr |
Binary or memory string: SELECT SUM(sales.PLUTotalCost) as PLUTOTALCOST from sales where Company = '~SELECT SUM(sales.profit) as PROFIT from sales where Company = '^SELECT sales.InvNo from sales where Company = '0' Group By sales.InvNo; |
Source: EasyVBO.exe.0.dr |
Binary or memory string: SELECT -Sum(sales.InvTotal) as TTotal from sales where Company = ',') GROUP BY sales.VAT; |
Source: EasyVBO.exe.0.dr |
Binary or memory string: SELECT sales.Invno, sales.InvTotalCost from sales WHERE Date_c Between 'V' Group By sales.InvNo, sales.InvTotalCost; |
Source: EasyVBO.exe.0.dr |
Binary or memory string: SELECT Sum(sales.Profit) as Profit, Sum(sales.PLUTotal) AS Total from sales where Company = ',' And AccountSale = 1;6Please enter email address: |
Source: EasyVBO.exe.0.dr |
Binary or memory string: SELECT sales.Category, Sum(sales.PLUTotal) AS PLUTotal from sales where Date_c Between '4' GROUP BY sales.Category; |
Source: EasyVBO.exe.0.dr |
Binary or memory string: SELECT daily.driver, Sum(daily.CommValue) as Comm from daily where Company = '0' GROUP BY daily.driver; |
Source: EasyVBO.exe.0.dr |
Binary or memory string: SELECT sales.InvNo, Sum(sales.VAT) AS TotalVAT, Sum(sales.Discount) AS TotalDisc from sales where InvNo = , GROUP BY sales.InvNo;DSelect * from daily WHERE InvNo = |
Source: EasyVBO.exe.0.dr |
Binary or memory string: SELECT sales.PLU, sales.Description, Sum(sales.QTY) AS Qty, Sum(sales.PLUTotal) As PLUTotal, Sum(sales.Profit) as Profit from sales where Company = 'd' Group by description order by sales.Description;4SALES TOTALS FOR PERIOD : |
Source: EasyVBO.exe.0.dr |
Binary or memory string: SELECT supplierinvoices.date_c, supplierinvoices.InvNo, supplierinvoices.SUPPLIER, supplierinvoices.SUPID, supplierinvoices.INVTOTAL, supplierinvoices.USER From supplierinvoices where Date_c Between 'L' order by supplierinvoices.lineorder;\select * from supplierinvoices where InvNo = '$' and Supplier = 'NWould you like to print barcode labels?(mnuPrintSupInv_ClickF' and supplierinvoices.Supplier = '(' ORDER BY LineOrder6] SUPPLIER INVOICE LOADED: |
Source: EasyVBO.exe.0.dr |
Binary or memory string: SELECT Sum(daily.PROFIT) AS PROFIT from daily WHERE (CODSale = False or (CODSale = True and CODPAID = True)) and PLU <> '"' AND REFNUM <> '4' And AccountSale = False;lblTotalCashuplblSurchargeslblDiscountslblBasketmnuUser2lblPaymentslblToBanklblTotalNoVAT |
Source: EasyVBO.exe.0.dr |
Binary or memory string: SELECT users.PicCode, users.UserName, users.UserType, users.FullName from users GROUP BY users.PicCode, users.UserName, users.UserType, users.FullName ORDER BY users.UserName; |
Source: EasyVBO.exe.0.dr |
Binary or memory string: SELECT supplierinvoices.INVNO, supplierinvoices.INVTOTAL From supplierinvoices where Date_c = 'x' Group by supplierinvoices.INVNO,supplierinvoices.INVTOTAL; |
Source: EasyVBO.exe.0.dr |
Binary or memory string: SELECT sum(daily.DISCAMT) as TotalDisc from daily where Company = 'j' and (CODSale = 0 or (CODSale = 1 and CODPAID = 1)); |
Source: EasyVBO.exe.0.dr |
Binary or memory string: SELECT Sum(sales.PLUTOTAL) AS TOTALACC from sales where Date_c Between 'P' and AccountSale = True and RefNum <> ',' and RetailLevel = 1; |
Source: EasyVBO.exe.0.dr |
Binary or memory string: Select stockdept.Department from stockdept group by stockdept.Department order by stockdept.Department;4] STOCK DEPARTMENTS REPORT8Stock Suppliers Report PrintVC:\eZ-Az!\Export\Stock Suppliers Report.csv |
Source: EasyVBO.exe.0.dr |
Binary or memory string: SELECT count(1) as RecCount, daily.InvNo from daily where (daily.CODSale = 0 or (daily.CODSale = 1 and daily.CODPAID = 1)) Group by daily.InvNo; |
Source: EasyVBO.exe.0.dr |
Binary or memory string: SELECT Quotations.InvNo, Sum(Quotations.VAT) AS TotalVAT from quotations where InvNo = 6 GROUP BY Quotations.InvNo;FSelect * from daily where InvNo = & order by LineOrder&Customer : **CASH** |
Source: EasyVBO.exe.0.dr |
Binary or memory string: SELECT Sum(daily.Profit) as Profit, Sum(daily.PLUTotal) AS Total from daily WHERE PLU <> '2' And AccountSale = True; |
Source: EasyVBO.exe.0.dr |
Binary or memory string: SELECT sales.AllocatedTo, Sum(sales.PLUTOTAL) AS Total, (Sum(sales.PLUTOTAL) / R) as TotalEx from sales where Company = 'T' and not isnull(AllocatedTo) and PLU <> ':' GROUP BY sales.AllocatedTo;>frmSalesHistory-cmdDetail_Click |
Source: EasyVBO.exe.0.dr |
Binary or memory string: SELECT sales.LineOrder, sales.InvNo, Sum(sales.VAT) AS TotalVAT, Sum(sales.Discount) AS TotalDisc from sales where InvNo = t GROUP BY sales.LineOrder, sales.InvNo order by LineOrder;(Reprinted invoice : |
Source: EasyVBO.exe.0.dr |
Binary or memory string: SELECT sales.plu, sum(sales.PLUTOTAL) as TotalPettyOut from sales where Company = ',') group by sales.plu; |
Source: EasyVBO.exe.0.dr |
Binary or memory string: Select supplierinvoices.date_c, Sum(supplierinvoices.QTY) as lTotal, Null as sTotal from supplierinvoices where PLU = 'F' Group by supplierinvoices.Date_c;<There are no records to print!>Item Totals Loaded/Sold History |
Source: EasyVBO.exe.0.dr |
Binary or memory string: SELECT stocksnap.PLU, stocksnap.Description, stocksnap.Department, stocksnap.Category, stocksnap.Supplier, stocksnap.SOH, stocksnap.QtySold, stocksnap.Loaded, stocksnap.TotalCostEx, stocksnap.TotalRetail from stocksnap where AtCashup = 1 and SnapDate Between 'p' Group By stocksnap.plu order by stocksnap.description;HfrmSalesHistory-PrintDailySalesSOHPP |
Source: EasyVBO.exe.0.dr |
Binary or memory string: Select supplierinvoices.PLU, Sum(supplierinvoices.QTY) as lTotal, Null as sTotal from supplierinvoices where PLU = '@' Group by supplierinvoices.PLU; |
Source: EasyVBO.exe.0.dr |
Binary or memory string: SELECT sales.Selected, sales.PLU, sales.Description, sales.AccountSale, sales.Refnum, sales.Name, sales.Contact, sales.IDNo, sales.VatNo, Sum(sales.QTY) AS Qty, Sum(sales.PLUTotal) As PLUTotal, Sum(sales.Profit) as Profit from sales where Company = 'd' Group by description order by sales.date_c desc;HfrmSalesHistory-PrintSalesDetailSlip |
Source: C:\Users\user\Desktop\SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe |
Section loaded: apphelp.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe |
Section loaded: uxtheme.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe |
Section loaded: windows.storage.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe |
Section loaded: wldp.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe |
Section loaded: profapi.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe |
Section loaded: kernel.appcore.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe |
Section loaded: textshaping.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe |
Section loaded: textinputframework.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe |
Section loaded: coreuicomponents.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe |
Section loaded: coremessaging.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe |
Section loaded: ntmarta.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe |
Section loaded: wintypes.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe |
Section loaded: wintypes.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe |
Section loaded: wintypes.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe |
Section loaded: explorerframe.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe |
Section loaded: propsys.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe |
Section loaded: edputil.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe |
Section loaded: urlmon.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe |
Section loaded: iertutil.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe |
Section loaded: srvcli.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe |
Section loaded: netutils.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe |
Section loaded: windows.staterepositoryps.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe |
Section loaded: sspicli.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe |
Section loaded: appresolver.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe |
Section loaded: bcp47langs.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe |
Section loaded: slc.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe |
Section loaded: userenv.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe |
Section loaded: sppc.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe |
Section loaded: onecorecommonproxystub.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe |
Section loaded: onecoreuapcommonproxystub.dll |
Jump to behavior |
Source: C:\Windows\System32\cmd.exe |
Section loaded: cmdext.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe |
Code function: 0_2_0000000140004620 GetFileAttributesW,SetLastError,FindFirstFileW,FindClose,CompareFileTime, |
0_2_0000000140004620 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe |
Code function: 0_2_0000000140003E88 FindFirstFileW,lstrcmpW,lstrcmpW,SetFileAttributesW,DeleteFileW,FindNextFileW,FindClose,SetFileAttributesW,RemoveDirectoryW,??3@YAXPEAX@Z,??3@YAXPEAX@Z, |
0_2_0000000140003E88 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.HEUR.Trojan.Win32.DelShad.vho.25230.12529.exe |
Code function: 0_2_0000000140007FA4 ?_set_new_handler@@YAP6AH_K@ZP6AH0@Z@Z,GetVersionExW,GetCommandLineW,lstrlenW,wsprintfW,_wtol,GetModuleFileNameW,_wtol,??2@YAPEAX_K@Z,??3@YAXPEAX@Z,??3@YAXPEAX@Z,??3@YAXPEAX@Z,wsprintfW,_wtol,??3@YAXPEAX@Z,??3@YAXPEAX@Z,??3@YAXPEAX@Z,??3@YAXPEAX@Z,??3@YAXPEAX@Z,??3@YAXPEAX@Z,GetCommandLineW,??3@YAXPEAX@Z,??3@YAXPEAX@Z,??3@YAXPEAX@Z,??3@YAXPEAX@Z,??3@YAXPEAX@Z,GetCurrentProcess,SetProcessWorkingSetSize,??3@YAXPEAX@Z,??3@YAXPEAX@Z,??3@YAXPEAX@Z,??3@YAXPEAX@Z,??3@YAXPEAX@Z,??3@YAXPEAX@Z,??3@YAXPEAX@Z,??3@YAXPEAX@Z,??3@YAXPEAX@Z,CoInitialize,lstrlenW,memcpy,_wtol,??3@YAXPEAX@Z,??3@YAXPEAX@Z,GetKeyState,??3@YAXPEAX@Z,??3@YAXPEAX@Z,??3@YAXPEAX@Z,??3@YAXPEAX@Z,??3@YAXPEAX@Z,??3@YAXPEAX@Z,??3@YAXPEAX@Z,??3@YAXPEAX@Z,??3@YAXPEAX@Z,??3@YAXPEAX@Z,GetFileAttributesW,??3@YAXPEAX@Z,??3@YAXPEAX@Z,_wtol,??3@YAXPEAX@Z,??3@YAXPEAX@Z,??3@YAXPEAX@Z,??3@YAXPEAX@Z,??3@YAXPEAX@Z,??3@YAXPEAX@Z,??3@YAXPEAX@Z,??3@YAXPEAX@Z,??3@YAXPEAX@Z,??3@YAXPEAX@Z,??3@YAXPEAX@Z,??3@YAXPEAX@Z,??3@YAXPEAX@Z,??3@YAXPEAX@Z,SetLastError,??3@YAXPEAX@Z,??3@YAXPEAX@Z,??3@YAXPEAX@Z,??3@YAXPEAX@Z,??3@YAXPEAX@Z,??3@YAXPEAX@Z,??3@YAXPEAX@Z,??3@YAXPEAX@Z,??3@YAXPEAX@Z,??3@YAXPEAX@Z,??3@YAXPEAX@Z,??3@YAXPEAX@Z,??3@YAXPEAX@Z,??3@YAXPEAX@Z,SetCurrentDirectoryW,??3@YAXPEAX@Z,??3@YAXPEAX@Z,??3@YAXPEAX@Z,??3@YAXPEAX@Z,??3@YAXPEAX@Z,??3@YAXPEAX@Z,MessageBoxA, |
0_2_0000000140007FA4 |