Source: SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe, 00000000.00000002.2894439917.0000000002999000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://thunderspy.com |
Source: CreamSodaActivityLog.txt.0.dr |
String found in binary or memory: http://thunderspy.com/manifest.xml |
Source: SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe, 00000000.00000002.2894439917.00000000028E1000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://thunderspy.com/manifest.xmlL.)lX |
Source: SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe, 00000000.00000002.2895815253.0000000005E72000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0 |
Source: SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe, 00000000.00000002.2895815253.0000000005E72000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://www.carterandcone.coml |
Source: SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe, 00000000.00000002.2895815253.0000000005E72000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://www.fontbureau.com |
Source: SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe, 00000000.00000002.2895815253.0000000005E72000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://www.fontbureau.com/designers |
Source: SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe, 00000000.00000002.2895815253.0000000005E72000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://www.fontbureau.com/designers/? |
Source: SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe, 00000000.00000002.2895815253.0000000005E72000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://www.fontbureau.com/designers/cabarga.htmlN |
Source: SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe, 00000000.00000002.2895815253.0000000005E72000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://www.fontbureau.com/designers/frere-user.html |
Source: SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe, 00000000.00000002.2895815253.0000000005E72000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://www.fontbureau.com/designers8 |
Source: SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe, 00000000.00000002.2895815253.0000000005E72000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://www.fontbureau.com/designers? |
Source: SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe, 00000000.00000002.2895815253.0000000005E72000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://www.fontbureau.com/designersG |
Source: SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe, 00000000.00000002.2895815253.0000000005E72000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://www.fonts.com |
Source: SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe, 00000000.00000002.2895815253.0000000005E72000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://www.founder.com.cn/cn |
Source: SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe, 00000000.00000002.2895815253.0000000005E72000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://www.founder.com.cn/cn/bThe |
Source: SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe, 00000000.00000002.2895815253.0000000005E72000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://www.founder.com.cn/cn/cThe |
Source: SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe, 00000000.00000002.2895815253.0000000005E72000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://www.galapagosdesign.com/DPlease |
Source: SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe, 00000000.00000002.2895815253.0000000005E72000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://www.galapagosdesign.com/staff/dennis.htm |
Source: SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe, 00000000.00000002.2895815253.0000000005E72000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://www.goodfont.co.kr |
Source: SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe, 00000000.00000002.2895815253.0000000005E72000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://www.jiyu-kobo.co.jp/ |
Source: SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe, 00000000.00000002.2895815253.0000000005E72000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://www.sajatypeworks.com |
Source: SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe, 00000000.00000002.2895815253.0000000005E72000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://www.sakkal.com |
Source: SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe, 00000000.00000002.2895815253.0000000005E72000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://www.sandoll.co.kr |
Source: SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe, 00000000.00000002.2895815253.0000000005E72000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://www.tiro.com |
Source: SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe, 00000000.00000002.2895815253.0000000005E72000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://www.typography.netD |
Source: SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe, 00000000.00000002.2895815253.0000000005E72000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://www.urwpp.deDPlease |
Source: SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe, 00000000.00000002.2895815253.0000000005E72000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://www.zhongyicts.com.cn |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: mscoree.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: apphelp.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: kernel.appcore.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: version.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: windows.storage.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: wldp.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: profapi.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: uxtheme.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: dwrite.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: textshaping.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: ieframe.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: iertutil.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: netapi32.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: userenv.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: winhttp.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: wkscli.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: netutils.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: sxs.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: dataexchange.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: d3d11.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: dcomp.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: dxgi.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: twinapi.appcore.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: propsys.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: msiso.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: urlmon.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: srvcli.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: mshtml.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: sspicli.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: powrprof.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: umpdc.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: cryptbase.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: srpapi.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: explorerframe.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: windowscodecs.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: thumbcache.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: policymanager.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: msvcp110_win.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: textinputframework.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: coreuicomponents.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: coremessaging.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: ntmarta.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: coremessaging.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: wintypes.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: wintypes.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: wintypes.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: msimtf.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: msls31.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: d2d1.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: resourcepolicyclient.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: d3d10warp.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: mpr.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: drprov.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: winsta.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: ntlanman.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: davclnt.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: davhlpr.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: cscapi.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: dxcore.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: secur32.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: mlang.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: wininet.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: dlnashext.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: playtodevice.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: devdispitemprovider.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: samcli.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: samlib.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: mmdevapi.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: devobj.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: wpdshext.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: networkexplorer.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: portabledeviceapi.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: msasn1.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: audiodev.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: wmvcore.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: wmasf.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: mfperfhelper.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: cryptsp.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: rsaenh.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: rasapi32.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: rasman.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: rtutils.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: mswsock.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: ondemandconnroutehelper.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: iphlpapi.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: dhcpcsvc6.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: dhcpcsvc.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: dnsapi.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: winnsi.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: rasadhlp.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Section loaded: fwpuclnt.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\calibriz.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\cambria.ttc VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\cambriab.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\cambriaz.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\cambria.ttc VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\Candara.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\Candaral.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\Candarai.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\Candarali.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\Candarab.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\Candaraz.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\comic.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\comici.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\comicbd.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\comicz.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\constan.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\constani.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\constanb.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\constanz.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\corbel.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\corbell.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\corbeli.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\corbelli.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\corbelb.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\corbelz.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\cour.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\couri.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\courbd.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\courbi.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\ebrima.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\ebrimabd.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\framd.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\FRADM.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\framdit.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\FRADMIT.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\Gabriola.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\gadugi.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\gadugib.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\georgia.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\georgiai.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\georgiab.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\georgiaz.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\impact.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\Inkfree.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\javatext.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\LeelawUI.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\LeelUIsl.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\LeelaUIb.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\lucon.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\l_10646.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\malgun.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\malgunsl.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\malgunbd.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\himalaya.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\msjh.ttc VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\msjhl.ttc VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\msjhbd.ttc VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\msjh.ttc VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\ntailu.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\ntailub.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\phagspa.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\phagspab.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\micross.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\taileb.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\msyh.ttc VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\msyhl.ttc VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\msyhbd.ttc VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\msyh.ttc VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\msyhl.ttc VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\msyhbd.ttc VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\msyi.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\mingliub.ttc VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\mingliub.ttc VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\msgothic.ttc VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\msgothic.ttc VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\msgothic.ttc VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\mvboli.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\mmrtext.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\mmrtextb.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\Nirmala.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\NirmalaS.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\NirmalaB.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\pala.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\palai.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\palab.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\palabi.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\segoepr.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\segoeprb.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\segoesc.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\segoescb.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\seguihis.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\simsun.ttc VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\simsunb.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\Sitka.ttc VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\SitkaI.ttc VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\SitkaB.ttc VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\SitkaZ.ttc VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\Sitka.ttc VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\SitkaB.ttc VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\SitkaI.ttc VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\sylfaen.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\symbol.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\tahoma.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\tahomabd.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\timesi.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\timesbd.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\timesbi.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\trebuc.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\trebucit.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\trebucbi.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\verdana.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\verdanai.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\verdanab.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\verdanaz.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\webdings.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\wingding.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\YuGothR.ttc VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\YuGothM.ttc VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\YuGothL.ttc VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\YuGothB.ttc VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\YuGothM.ttc VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\YuGothL.ttc VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\holomdl2.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\BKANT.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\ANTQUAI.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\ANTQUABI.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\ARLRDBD.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\BASKVILL.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\BAUHS93.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\BOD_R.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\BOD_I.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\BOD_B.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\BOD_BI.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\BOD_CI.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\BOD_CB.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\BOD_PSTC.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\BRITANIC.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\BRLNSR.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\BRLNSB.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\BROADW.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\BSSYM7.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\CASTELAR.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\SCHLBKBI.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\CENTAUR.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\CENTURY.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\CHILLER.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\COLONNA.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\COOPBL.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\COPRGTL.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\CURLZ___.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\ERASMD.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\GILI____.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\GILB____.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\HATTEN.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\IMPRISHA.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\LHANDW.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\OLDENGL.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\PAPYRUS.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\PERBI___.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\SHOWG.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\OFFSYMB.TTF VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\micross.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\times.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\assembly\GAC_MSIL\System.Xml.Linq\3.5.0.0__b77a5c561934e089\System.Xml.Linq.dll VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\assembly\GAC_MSIL\System.Xml.Linq\3.5.0.0__b77a5c561934e089\System.Xml.Linq.dll VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\seguisym.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\seguisym.ttf VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\SecuriteInfo.com.W32.ABRisk.NVJI-4581.31168.9649.exe |
Queries volume information: C:\Windows\Fonts\seguisym.ttf VolumeInformation |
Jump to behavior |