Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
String found in binary or memory: http://crl.comodoca.com/AAACertificateServices.crl04 |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
String found in binary or memory: http://crl.sectigo.com/SectigoPublicCodeSigningCAR36.crl0y |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
String found in binary or memory: http://crl.sectigo.com/SectigoPublicCodeSigningRootR46.crl0 |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
String found in binary or memory: http://crl.sectigo.com/SectigoRSATimeStampingCA.crl0t |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
String found in binary or memory: http://crt.sectigo.com/SectigoPublicCodeSigningCAR36.crt0# |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
String found in binary or memory: http://crt.sectigo.com/SectigoPublicCodeSigningRootR46.p7c0# |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
String found in binary or memory: http://crt.sectigo.com/SectigoRSATimeStampingCA.crt0# |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
String found in binary or memory: http://ocsp.comodoca.com0 |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
String found in binary or memory: http://ocsp.sectigo.com0 |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2923930855.00000000043F2000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0 |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2923930855.00000000043F2000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://www.carterandcone.coml |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1671497734.0000000002ECD000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2923930855.00000000043F2000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1671776140.0000000002ECB000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: http://www.fontbureau.com |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1671497734.0000000002ECD000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1671776140.0000000002ECB000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: http://www.fontbureau.com/0 |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2923930855.00000000043F2000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1673595275.0000000002EF8000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1673690345.0000000002EF8000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1671594449.0000000002EF7000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: http://www.fontbureau.com/designers |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1673404574.0000000002EF8000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: http://www.fontbureau.com/designers/ |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2923930855.00000000043F2000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://www.fontbureau.com/designers/? |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2923930855.00000000043F2000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://www.fontbureau.com/designers/cabarga.htmlN |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2923930855.00000000043F2000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://www.fontbureau.com/designers/frere-user.html |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2923930855.00000000043F2000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://www.fontbureau.com/designers8 |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2923930855.00000000043F2000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://www.fontbureau.com/designers? |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2923930855.00000000043F2000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://www.fontbureau.com/designersG |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1671555330.0000000002EF7000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1673517650.0000000002EF8000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1673473687.0000000002EF8000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1673595275.0000000002EF8000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1673690345.0000000002EF8000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: http://www.fontbureau.com/designersh |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1671776140.0000000002ECB000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: http://www.fontbureau.com/jp/ |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2923930855.00000000043F2000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://www.fonts.com |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1666212503.0000000002ED3000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: http://www.founder.com.cn/cn |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2923930855.00000000043F2000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://www.founder.com.cn/cn/bThe |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2923930855.00000000043F2000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://www.founder.com.cn/cn/cThe |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1666141866.0000000002ED3000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1666082767.0000000002ED1000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1666212503.0000000002ED3000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: http://www.founder.com.cn/cnl |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1666141866.0000000002ED3000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1666082767.0000000002ED1000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1666212503.0000000002ED3000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: http://www.founder.com.cn/cnt |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2923930855.00000000043F2000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://www.galapagosdesign.com/DPlease |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2923930855.00000000043F2000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://www.galapagosdesign.com/staff/dennis.htm |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2923930855.00000000043F2000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://www.goodfont.co.kr |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1668867021.0000000002EC4000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: http://www.jiyu-kobo.co.jp/ |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1669578089.0000000002ECB000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1668867021.0000000002EC4000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: http://www.jiyu-kobo.co.jp//ta |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1670920120.0000000002EC8000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: http://www.jiyu-kobo.co.jp/0 |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1670920120.0000000002EC8000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: http://www.jiyu-kobo.co.jp/4 |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1669578089.0000000002ECB000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: http://www.jiyu-kobo.co.jp/6 |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1671497734.0000000002ECD000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: http://www.jiyu-kobo.co.jp/7 |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1669578089.0000000002ECB000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: http://www.jiyu-kobo.co.jp/9 |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1669578089.0000000002ECB000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: http://www.jiyu-kobo.co.jp/://w |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1670920120.0000000002EC8000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1671497734.0000000002ECD000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1669578089.0000000002ECB000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1671776140.0000000002ECB000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1668867021.0000000002EC4000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: http://www.jiyu-kobo.co.jp/W |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1671497734.0000000002ECD000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: http://www.jiyu-kobo.co.jp/Y0 |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1670920120.0000000002EC8000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1671497734.0000000002ECD000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1669578089.0000000002ECB000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1671776140.0000000002ECB000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: http://www.jiyu-kobo.co.jp/Y0tr |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1670920120.0000000002EC8000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1671497734.0000000002ECD000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: http://www.jiyu-kobo.co.jp/j |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1671776140.0000000002ECB000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: http://www.jiyu-kobo.co.jp/jp/ |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1670920120.0000000002EC8000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1671497734.0000000002ECD000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1671776140.0000000002ECB000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: http://www.jiyu-kobo.co.jp/jp/9 |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1670920120.0000000002EC8000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1671497734.0000000002ECD000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1671776140.0000000002ECB000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: http://www.jiyu-kobo.co.jp/of |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1670920120.0000000002EC8000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1671497734.0000000002ECD000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1669578089.0000000002ECB000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1671776140.0000000002ECB000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: http://www.jiyu-kobo.co.jp/s |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1671497734.0000000002ECD000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1671776140.0000000002ECB000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: http://www.jiyu-kobo.co.jp/x |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1676399480.0000000002EF8000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: http://www.monotype. |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1676399480.0000000002EF8000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1676519881.0000000002EF8000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: http://www.monotype.4 |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2923930855.00000000043F2000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://www.sajatypeworks.com |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1659304789.0000000002EF5000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1658918288.0000000002EF5000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1659190883.0000000002EF5000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: http://www.sajatypeworks.com/ |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2923930855.00000000043F2000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://www.sakkal.com |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2923930855.00000000043F2000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://www.sandoll.co.kr |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2923930855.00000000043F2000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://www.tiro.com |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2923930855.00000000043F2000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://www.typography.netD |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2923930855.00000000043F2000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://www.urwpp.deDPlease |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2923930855.00000000043F2000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://www.zhongyicts.com.cn |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
String found in binary or memory: http://www2.aomeisoftware.com/download/ftl/FoneTool_free.exe |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1658545798.00000000010DA000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2922874933.00000000010E4000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: http://www2.aomeisoftware.com/download/ftl/FoneTool_free.exe. |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1678099416.0000000001177000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: http://www2.aomeisoftware.com/download/ftl/FoneTool_free.exe7x |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1658545798.00000000010DA000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2922874933.00000000010E4000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: http://www2.aomeisoftware.com/download/ftl/FoneTool_free.exe? |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1658545798.00000000010DA000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2922874933.00000000010E4000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: http://www2.aomeisoftware.com/download/ftl/FoneTool_free.exea |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1678099416.0000000001177000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2922874933.0000000001182000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: http://www2.aomeisoftware.com/download/ftl/FoneTool_free.exeha |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1658545798.00000000010DA000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2922874933.00000000010E4000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: http://www2.aomeisoftware.com/download/ftl/FoneTool_free.exes |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2922874933.00000000010AE000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: http://www2.aomeisoftware.com/download/mbackup/configinfo/ft.dat |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
String found in binary or memory: http://www2.aomeisoftware.com/download/mbackup/configinfo/ft.dat) |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
String found in binary or memory: http://www2.aomeisoftware.com/download/mbackup/configinfo/ft.dat)FoneTool.TitleBar.SaleButtonInNotLi |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2922158925.0000000000E56000.00000040.00000001.01000000.00000003.sdmp |
String found in binary or memory: http://www2.aomeisoftware.com/download/mbackup/setups/FoneTool_free.exe |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2922158925.0000000000A41000.00000040.00000001.01000000.00000003.sdmp |
String found in binary or memory: http://www2.aomeisoftware.com/download/mbackup/setups/MBackupper_setup.exe |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2922158925.0000000000A41000.00000040.00000001.01000000.00000003.sdmp |
String found in binary or memory: http://www2.aomeisoftware.com/download/mbackup/setups/MBackupper_setup.exehttp://www2.aomeisoftware. |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
String found in binary or memory: https://a.aomeisoftware.com/api/v2/soft/collect |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2922874933.00000000010AE000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://a.aomeisoftware.com/api/v2/soft/collectp |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2922158925.0000000000A41000.00000040.00000001.01000000.00000003.sdmp |
String found in binary or memory: https://b.aomeisoftware.com/api/v2/soft/collect |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2922158925.0000000000A41000.00000040.00000001.01000000.00000003.sdmp |
String found in binary or memory: https://curl.haxx.se/docs/http-cookies.html |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2922158925.0000000000A41000.00000040.00000001.01000000.00000003.sdmp |
String found in binary or memory: https://mobile.ubackup.com/ |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2922158925.0000000000A41000.00000040.00000001.01000000.00000003.sdmp |
String found in binary or memory: https://mobile.ubackup.com/130003 |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
String found in binary or memory: https://sectigo.com/CPS0 |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
String found in binary or memory: https://www.aomeitech.com/ |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2922158925.0000000000A41000.00000040.00000001.01000000.00000003.sdmp |
String found in binary or memory: https://www.aomeitech.com/101004 |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
String found in binary or memory: https://www.aomeitech.com/mbackupper/thanks-install.html?ver=onstd |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2922158925.0000000000A41000.00000040.00000001.01000000.00000003.sdmp |
String found in binary or memory: https://www.aomeitech.com/mbackupper/thanks-install.html?ver=onstdOnSetup.SaveAsExtendedDataonlineme |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
String found in binary or memory: https://www.fonetool.com |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
String found in binary or memory: https://www.fonetool.com/campaign/download-latest-version.html |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1678099416.0000000001177000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2922874933.0000000001182000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://www.fonetool.com/campaign/download-latest-version.html0y |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2922874933.0000000001182000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://www.fonetool.com/campaign/download-latest-version.htmlup |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1678099416.0000000001177000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://www.fonetool.com/campaign/download-latest-version.htmluz |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
String found in binary or memory: https://www.fonetool.com/campaign/thanks-install.html?edition=off%s |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2922874933.00000000010AE000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://www.fonetool.com/campaign/thanks-install.html?edition=off%s) |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
String found in binary or memory: https://www.fonetool.com/campaign/thanks-install.html?edition=onFree |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2922874933.00000000010E4000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://www.fonetool.com/campaign/thanks-install.html?edition=onFreeo |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1658545798.00000000010DA000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2922874933.00000000010E4000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://www.fonetool.com/campaign/thanks-install.html?edition=onFreeq |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2922874933.00000000010AE000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://www.fonetool.com/campaign/thanks-install.html?edition=onFreetdxU |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2922158925.0000000000E56000.00000040.00000001.01000000.00000003.sdmp |
String found in binary or memory: https://www.fonetool.com/campaign/thanks-install.html?ver=onFree |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
String found in binary or memory: https://www.fonetool.com/campaign/uninstall-completed.html |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1678099416.0000000001177000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2922874933.0000000001182000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://www.fonetool.com/campaign/uninstall-completed.htmlR~2 |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1658545798.00000000010DA000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2922874933.00000000010E4000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://www.fonetool.com/campaign/uninstall-completed.htmlu |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
String found in binary or memory: https://www.fonetool.com/campaign/upgrade-now.html?source= |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2922874933.0000000001182000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://www.fonetool.com/campaign/upgrade-now.html?sourc~z |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
String found in binary or memory: https://www.fonetool.com/de |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
String found in binary or memory: https://www.fonetool.com/de/ |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2922874933.0000000001133000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://www.fonetool.com/de/7 |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
String found in binary or memory: https://www.fonetool.com/de/campaign/download-latest-version.html |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
String found in binary or memory: https://www.fonetool.com/de/campaign/thanks-install.html?edition=off%s |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
String found in binary or memory: https://www.fonetool.com/de/campaign/thanks-install.html?edition=onFree |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
String found in binary or memory: https://www.fonetool.com/de/campaign/uninstall-completed.html |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1658545798.00000000010DA000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2922874933.00000000010E4000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://www.fonetool.com/de/campaign/uninstall-completed.htmlO |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
String found in binary or memory: https://www.fonetool.com/de/campaign/upgrade-now.html?source= |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2922158925.0000000000E56000.00000040.00000001.01000000.00000003.sdmp |
String found in binary or memory: https://www.fonetool.com/de/ux-improvement-program.html |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1658545798.00000000010DA000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2922874933.00000000010E4000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://www.fonetool.com/ded |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
String found in binary or memory: https://www.fonetool.com/es |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
String found in binary or memory: https://www.fonetool.com/es/ |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
String found in binary or memory: https://www.fonetool.com/es/campaign/download-latest-version.html |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
String found in binary or memory: https://www.fonetool.com/es/campaign/thanks-install.html?edition=off%s |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2922874933.00000000010AE000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://www.fonetool.com/es/campaign/thanks-install.html?edition=off%sw |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
String found in binary or memory: https://www.fonetool.com/es/campaign/thanks-install.html?edition=onFree |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2922874933.00000000010E4000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://www.fonetool.com/es/campaign/thanks-install.html?edition=onFreer |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
String found in binary or memory: https://www.fonetool.com/es/campaign/uninstall-completed.html |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1678099416.0000000001177000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2922874933.0000000001182000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://www.fonetool.com/es/campaign/uninstall-completed.html6~ |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
String found in binary or memory: https://www.fonetool.com/es/campaign/upgrade-now.html?source= |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1678099416.0000000001177000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2922874933.0000000001182000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://www.fonetool.com/fo |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
String found in binary or memory: https://www.fonetool.com/fr |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
String found in binary or memory: https://www.fonetool.com/fr/ |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
String found in binary or memory: https://www.fonetool.com/fr/campaign/download-latest-version.html |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
String found in binary or memory: https://www.fonetool.com/fr/campaign/thanks-install.html?edition=off%s |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
String found in binary or memory: https://www.fonetool.com/fr/campaign/thanks-install.html?edition=onFree |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2922874933.00000000010E4000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://www.fonetool.com/fr/campaign/thanks-install.html?edition=onFreeuy |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
String found in binary or memory: https://www.fonetool.com/fr/campaign/uninstall-completed.html |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1678099416.0000000001177000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2922874933.0000000001182000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://www.fonetool.com/fr/campaign/uninstall-completed.htmli~ |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
String found in binary or memory: https://www.fonetool.com/fr/campaign/upgrade-now.html?source= |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2922158925.0000000000E56000.00000040.00000001.01000000.00000003.sdmp |
String found in binary or memory: https://www.fonetool.com/fr/ux-improvement-program.html |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
String found in binary or memory: https://www.fonetool.com/it |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
String found in binary or memory: https://www.fonetool.com/it/ |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1658545798.00000000010DA000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2922874933.00000000010E4000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://www.fonetool.com/it/B |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
String found in binary or memory: https://www.fonetool.com/it/campaign/download-latest-version.html |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2922874933.00000000010AE000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://www.fonetool.com/it/campaign/download-latest-version.htmlV |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
String found in binary or memory: https://www.fonetool.com/it/campaign/thanks-install.html?edition=off%s |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
String found in binary or memory: https://www.fonetool.com/it/campaign/thanks-install.html?edition=onFree |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1658545798.00000000010DA000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2922874933.00000000010E4000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://www.fonetool.com/it/campaign/thanks-install.html?edition=onFreej |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2922874933.0000000001182000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://www.fonetool.com/it/campaign/uninstall-c |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
String found in binary or memory: https://www.fonetool.com/it/campaign/uninstall-completed.html |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
String found in binary or memory: https://www.fonetool.com/it/campaign/upgrade-now.html?source= |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
String found in binary or memory: https://www.fonetool.com/jp |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
String found in binary or memory: https://www.fonetool.com/jp/ |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1658545798.00000000010DA000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2922874933.00000000010E4000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://www.fonetool.com/jp/E |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
String found in binary or memory: https://www.fonetool.com/jp/campaign/download-latest-version.html |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
String found in binary or memory: https://www.fonetool.com/jp/campaign/thanks-install.html?edition=off%s |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
String found in binary or memory: https://www.fonetool.com/jp/campaign/thanks-install.html?edition=onFree |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1658545798.00000000010DA000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2922874933.00000000010E4000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://www.fonetool.com/jp/campaign/thanks-install.html?edition=onFreeN |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2922874933.00000000010E4000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://www.fonetool.com/jp/campaign/thanks-install.html?edition=onFreey |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
String found in binary or memory: https://www.fonetool.com/jp/campaign/uninstall-completed.html |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1658545798.00000000010DA000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2922874933.00000000010E4000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://www.fonetool.com/jp/campaign/uninstall-completed.htmlH |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
String found in binary or memory: https://www.fonetool.com/jp/campaign/upgrade-now.html?source= |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1678099416.0000000001177000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2922874933.0000000001182000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://www.fonetool.com/jp/d |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2922158925.0000000000E56000.00000040.00000001.01000000.00000003.sdmp |
String found in binary or memory: https://www.fonetool.com/jp/ux-improvement-program.html |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
String found in binary or memory: https://www.fonetool.com/tw |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
String found in binary or memory: https://www.fonetool.com/tw/ |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
String found in binary or memory: https://www.fonetool.com/tw/campaign/download-latest-version.html |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
String found in binary or memory: https://www.fonetool.com/tw/campaign/thanks-install.html?edition=off%s |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
String found in binary or memory: https://www.fonetool.com/tw/campaign/thanks-install.html?edition=onFree |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
String found in binary or memory: https://www.fonetool.com/tw/campaign/uninstall-completed.html |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
String found in binary or memory: https://www.fonetool.com/tw/campaign/upgrade-now.html?source= |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2922158925.0000000000E56000.00000040.00000001.01000000.00000003.sdmp |
String found in binary or memory: https://www.fonetool.com/tw/ux-improvement-program.html |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1658545798.00000000010DA000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2922874933.00000000010E4000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://www.fonetool.com/twO |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1678099416.0000000001177000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2922874933.0000000001182000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://www.fonetool.com/twlf. |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2922158925.0000000000E56000.00000040.00000001.01000000.00000003.sdmp, SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2922874933.00000000010E4000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2922874933.00000000010AE000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://www.fonetool.com/ux-improvement-program.html |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1658545798.00000000010DA000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2922874933.00000000010E4000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://www.fonetool.com4 |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1658545798.00000000010DA000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2922874933.00000000010E4000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://www.fonetool.comd |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
String found in binary or memory: https://www2.aomeisoftware.com/download/ftl/FoneTool_free.exe |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1678099416.0000000001177000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2922874933.0000000001182000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://www2.aomeisoftware.com/download/ftl/FoneTool_free.exeGa |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1658545798.00000000010DA000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2922874933.00000000010E4000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://www2.aomeisoftware.com/download/ftl/FoneTool_free.exeN |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1658545798.00000000010DA000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2922874933.00000000010E4000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://www2.aomeisoftware.com/download/ftl/FoneTool_free.exeR |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1678099416.0000000001177000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2922874933.0000000001182000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://www2.aomeisoftware.com/download/ftl/FoneTool_free.exeZa9 |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1678099416.0000000001177000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://www2.aomeisoftware.com/download/ftl/FoneTool_free.exeax/ |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1678099416.0000000001177000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2922874933.0000000001182000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://www2.aomeisoftware.com/download/ftl/FoneTool_free.execa |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1678099416.0000000001177000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://www2.aomeisoftware.com/download/ftl/FoneTool_free.exer |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
String found in binary or memory: https://www2.aomeisoftware.com/download/ftl/ftonlinefree.ini |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1678099416.0000000001177000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://www2.aomeisoftware.com/download/ftl/ftonlinefree.iniEx |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1678099416.0000000001177000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://www2.aomeisoftware.com/download/ftl/ftonlinefree.iniJx |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1678099416.0000000001177000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2922874933.0000000001182000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://www2.aomeisoftware.com/download/ftl/ftonlinefree.iniUa6 |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1658545798.00000000010DA000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2922874933.00000000010E4000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://www2.aomeisoftware.com/download/ftl/ftonlinefree.iniW |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1658545798.00000000010DA000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2922874933.00000000010E4000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://www2.aomeisoftware.com/download/ftl/ftonlinefree.inii |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1658545798.00000000010DA000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2922874933.00000000010E4000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://www2.aomeisoftware.com/download/ftl/ftonlinefree.inij |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1678099416.0000000001177000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://www2.aomeisoftware.com/download/ftl/ftonlinefree.inim |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1678099416.0000000001177000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2922874933.0000000001182000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://www2.aomeisoftware.com/download/ftl/ftonlinefree.iniub |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2922158925.0000000000E56000.00000040.00000001.01000000.00000003.sdmp, SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2922874933.00000000010AE000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2922158925.0000000000A41000.00000040.00000001.01000000.00000003.sdmp |
String found in binary or memory: https://www2.aomeisoftware.com/download/ftl/ftonlinesetup.ini |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2922158925.0000000000A41000.00000040.00000001.01000000.00000003.sdmp |
String found in binary or memory: https://www2.aomeisoftware.com/download/ftl/ftonlinesetup.inihttps://www2.aomeisoftware.com/download |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
String found in binary or memory: https://www2.aomeisoftware.com/download/mbackup/configinfo/Config/MBUpgrade.json |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000003.1658545798.00000000010DA000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2922874933.00000000010E4000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://www2.aomeisoftware.com/download/mbackup/configinfo/Config/MBUpgrade.jsonuy |
Source: SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe, 00000000.00000002.2922158925.0000000000E56000.00000040.00000001.01000000.00000003.sdmp |
String found in binary or memory: https://www2.aomeisoftware.com/download/mbackup/setups/FoneTool_free.exe |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\calibril.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\calibrii.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\calibrili.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\calibrib.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\calibriz.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\cambria.ttc VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\cambriai.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\cambriab.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\cambriaz.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\cambria.ttc VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\Candara.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\Candaral.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\Candarai.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\Candarali.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\Candarab.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\Candaraz.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\comic.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\comici.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\comicbd.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\comicz.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\constan.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\constani.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\constanb.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\constanz.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\corbel.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\corbell.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\corbeli.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\corbelli.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\corbelb.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\corbelz.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\cour.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\couri.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\courbd.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\courbi.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\ebrima.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\ebrimabd.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\framd.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\FRADM.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\framdit.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\FRADMIT.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\FRAMDCN.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\FRAHV.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\FRAHVIT.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\gadugi.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\gadugib.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\georgia.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\georgiai.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\georgiab.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\georgiaz.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\impact.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\Inkfree.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\javatext.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\LeelawUI.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\LeelUIsl.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\LeelaUIb.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\lucon.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\l_10646.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\malgun.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\malgunsl.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\malgunbd.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\himalaya.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\msjh.ttc VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\msjhl.ttc VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\msjhbd.ttc VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\msjh.ttc VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\msjhl.ttc VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\ntailu.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\ntailub.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\phagspa.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\phagspab.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\micross.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\taile.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\taileb.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\msyh.ttc VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\msyhl.ttc VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\msyhbd.ttc VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\msyh.ttc VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\msyhl.ttc VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\msyi.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\mingliub.ttc VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\mingliub.ttc VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\msgothic.ttc VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\msgothic.ttc VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\msgothic.ttc VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\mvboli.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\mmrtext.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\mmrtextb.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\Nirmala.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\NirmalaS.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\NirmalaB.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\palai.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\palab.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\palabi.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\segoepr.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\segoeprb.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\segoesc.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\segoescb.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\seguihis.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\simsun.ttc VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\simsunb.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\Sitka.ttc VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\SitkaI.ttc VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\SitkaB.ttc VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\SitkaZ.ttc VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\Sitka.ttc VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\SitkaZ.ttc VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\Sitka.ttc VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\sylfaen.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\symbol.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\tahoma.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\timesi.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\timesbd.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\timesbi.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\trebuc.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\trebucit.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\trebucbd.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\trebucbi.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\verdana.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\verdanai.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\verdanab.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\verdanaz.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\webdings.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\wingding.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\YuGothR.ttc VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\YuGothM.ttc VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\YuGothL.ttc VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\YuGothB.ttc VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\YuGothM.ttc VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\holomdl2.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\AGENCYR.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\AGENCYB.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\ALGER.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\BKANT.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\ARLRDBD.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\BAUHS93.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\BELL.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\BELLI.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\BOD_I.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\BOD_B.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\BOD_BLAR.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\BOD_CB.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\BOOKOS.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\CALISTI.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\CALISTB.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\CENTAUR.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\CENTURY.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\CHILLER.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\COPRGTL.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\DUBAI-LIGHT.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\ELEPHNT.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\ELEPHNTI.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\ENGR.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\ERASDEMI.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\GARA.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\GARABD.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\HARNGTON.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\ITCBLKAD.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\LBRITEI.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\LSANSI.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\MAIAN.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\MSUIGHUB.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\MTEXTRA.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\OCRAEXT.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\REFSAN.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\OFFSYMSB.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\OFFSYML.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\tahoma.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\tahomabd.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\arialbd.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\arialbd.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.BScope.TrojanPSW.Maria.32604.16928.exe |
Queries volume information: C:\Windows\Fonts\tahoma.ttf VolumeInformation |
Jump to behavior |