Windows Analysis Report
ReefMasterSonarViewer1.1.42.exe

Overview

General Information

Sample name: ReefMasterSonarViewer1.1.42.exe
Analysis ID: 1431860
MD5: c62866600614868da4941c5346ff120a
SHA1: ed20d35ef4551846302185f94275553b2f3c85a3
SHA256: 0575af1327f2ad125653e40d15abde6dbabb9de5e628fa674c122f95a6c1c55a
Infos:

Detection

Score: 36
Range: 0 - 100
Whitelisted: false
Confidence: 0%

Compliance

Score: 48
Range: 0 - 100

Signatures

Snort IDS alert for network traffic
Found evasive API chain (may stop execution after reading information in the PEB, e.g. number of processors)
Queries memory information (via WMI often done to detect virtual machines)
Queries sensitive disk information (via WMI, Win32_DiskDrive, often done to detect virtual machines)
Queries sensitive physical memory information (via WMI, Win32_PhysicalMemory, often done to detect virtual machines)
Queries sensitive service information (via WMI, Win32_LogicalDisk, often done to detect sandboxes)
Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)
Allocates memory with a write watch (potentially for evading sandboxes)
Checks for available system drives (often done to infect USB drives)
Contains functionality to call native functions
Contains functionality to check if a debugger is running (IsDebuggerPresent)
Contains functionality to check if a debugger is running (OutputDebugString,GetLastError)
Contains functionality to check the parent process ID (often done to detect debuggers and analysis systems)
Contains functionality to dynamically determine API calls
Contains functionality to open a port and listen for incoming connection (possibly a backdoor)
Contains functionality to query CPU information (cpuid)
Contains functionality to query locales information (e.g. system language)
Contains functionality to query network adapater information
Contains functionality to read the PEB
Contains functionality to record screenshots
Contains functionality to retrieve information about pressed keystrokes
Contains functionality which may be used to detect a debugger (GetProcessHeap)
Creates a process in suspended mode (likely to inject code)
Creates files inside the system directory
Deletes files inside the Windows folder
Detected potential crypto function
Drops PE files
Drops PE files to the application program directory (C:\ProgramData)
Drops PE files to the windows directory (C:\Windows)
Drops files with a non-matching file extension (content does not match file extension)
Extensive use of GetProcAddress (often used to hide API calls)
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
Found decision node followed by non-executed suspicious APIs
Found dropped PE file which has not been started or loaded
Found evasive API chain (date check)
Found large amount of non-executed APIs
Found potential string decryption / allocating functions
JA3 SSL client fingerprint seen in connection with other malware
May sleep (evasive loops) to hinder dynamic analysis
Modifies existing windows services
PE file contains sections with non-standard names
Queries sensitive BIOS Information (via WMI, Win32_Bios & Win32_BaseBoard, often done to detect virtual machines)
Queries sensitive processor information (via WMI, Win32_Processor, often done to detect virtual machines)
Queries the volume information (name, serial number etc) of a device
Sample file is different than original file name gathered from version info
Stores files to the Windows start menu directory
Uses 32bit PE files
Uses Microsoft's Enhanced Cryptographic Provider
Uses a known web browser user agent for HTTP communication
Uses code obfuscation techniques (call, push, ret)
Very long cmdline option found, this is very uncommon (may be encrypted or packed)

Classification

Uses Microsoft's Enhanced Cryptographic Provider
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD15595608 GetModuleHandleA,GetProcAddress,MultiByteToWideChar,PFXImportCertStore,GetLastError,CertFindCertificateInStore,GetLastError,CertCloseStore,CertOpenStore,GetLastError,CryptStringToBinaryW,CertFindCertificateInStore,CertCloseStore,CertFreeCertificateContext,CertFreeCertificateContext, 14_2_00007FFD15595608
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD15563D78 CryptGenRandom, 14_2_00007FFD15563D78
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD15563A54 CryptAcquireContextA,GetLastError,CryptAcquireContextA,CryptAcquireContextA,SetLastError, 14_2_00007FFD15563A54
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD15597650 CryptHashData, 14_2_00007FFD15597650
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD15597604 CryptAcquireContextW,CryptCreateHash, 14_2_00007FFD15597604
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD15597660 CryptGetHashParam,CryptGetHashParam,CryptDestroyHash,CryptReleaseContext, 14_2_00007FFD15597660
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD15563D20 CryptReleaseContext, 14_2_00007FFD15563D20
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD155A2838 GetLastError,CreateFileW,GetLastError,GetFileSizeEx,GetLastError,ReadFile,CryptQueryObject,CertAddCertificateContextToStore,CertFreeCertificateContext,GetLastError,GetLastError,GetLastError,CloseHandle, 14_2_00007FFD155A2838
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD15594870 CryptAcquireContextW,CryptGenRandom,CryptReleaseContext, 14_2_00007FFD15594870
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD15594934 CryptAcquireContextW,CryptCreateHash,CryptHashData,CryptGetHashParam,CryptGetHashParam,CryptDestroyHash,CryptReleaseContext, 14_2_00007FFD15594934
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD155A2BD4 CertGetNameStringW,CertFindExtension,CryptDecodeObjectEx, 14_2_00007FFD155A2BD4
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: -----BEGIN PUBLIC KEY----- 14_2_00007FFD15581CC8
Source: ReefMasterSonarViewer.exe Binary or memory string: -----BEGIN PUBLIC KEY-----

Compliance
barindex
Uses 32bit PE files
Source: ReefMasterSonarViewer1.1.42.exe Static PE information: EXECUTABLE_IMAGE, LARGE_ADDRESS_AWARE, 32BIT_MACHINE
Source: ReefMasterSonarViewer1.1.42.exe Static PE information: certificate valid
Source: unknown HTTPS traffic detected: 45.33.71.201:443 -> 192.168.11.20:50383 version: TLS 1.2
Source: ReefMasterSonarViewer1.1.42.exe Static PE information: DYNAMIC_BASE, NX_COMPAT, TERMINAL_SERVER_AWARE
Source: Binary string: wininet.pdb source: ReefMasterSonarViewer1.1.42.exe, 00000005.00000003.149766463670.0000000003EF0000.00000004.00000020.00020000.00000000.sdmp, ReefMasterSonarViewer1.1.42.exe, 00000009.00000003.149953380192.00000000039D4000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\Wyatt\Documents\Visual Studio 2005\Projects\limelm-native-clients\bin64\Release\TurboActivateLib.pdb source: ReefMasterSonarViewer.exe, 0000000E.00000002.151033527663.00007FFD155FE000.00000002.00000001.01000000.0000000E.sdmp
Source: Binary string: C:\JobRelease\win\Release\custact\x86\ExternalUICleaner.pdb, source: ReefMasterSonarViewer1.1.42.exe
Source: Binary string: C:\JobRelease\win\Release\custact\x86\SoftwareDetector.pdb source: ReefMasterSonarViewer1.1.42.exe
Source: Binary string: C:\JobRelease\win\Release\custact\x86\SoftwareDetector.pdb\ source: ReefMasterSonarViewer1.1.42.exe
Source: Binary string: C:\Code\SharpDX\Bin\DirectX11-Signed-net40\SharpDX.DXGI.pdbw source: ReefMasterSonarViewer.exe, 0000000E.00000002.151027384088.000002A45F872000.00000002.00000001.01000000.0000001C.sdmp
Source: Binary string: C:\JobRelease\win\Release\custact\x86\ExternalUICleaner.pdb source: ReefMasterSonarViewer1.1.42.exe
Source: Binary string: C:\JobRelease\win\Release\stubs\x86\ExternalUi.pdbl source: ReefMasterSonarViewer1.1.42.exe
Source: Binary string: C:\JobRelease\win\Release\custact\x86\AICustAct.pdb source: ReefMasterSonarViewer1.1.42.exe, MSIDDD2.tmp.5.dr, MSID8BD.tmp.5.dr, MSIDF1F.tmp.5.dr, MSI5319.tmp.5.dr
Source: Binary string: C:\Code\SharpDX\Bin\DirectX11-Signed-net40\SharpDX.Direct3D9.pdb$k source: SharpDX.Direct3D9.dll.6.dr
Source: Binary string: lease\custact\x86\AICustAct.pdb source: ReefMasterSonarViewer1.1.42.exe, 00000005.00000003.150053688162.0000000006505000.00000004.00000020.00020000.00000000.sdmp, ReefMasterSonarViewer1.1.42.exe, 00000005.00000003.150085724522.0000000006514000.00000004.00000020.00020000.00000000.sdmp, ReefMasterSonarViewer1.1.42.exe, 00000005.00000002.150089288030.0000000006515000.00000004.00000020.00020000.00000000.sdmp, ReefMasterSonarViewer1.1.42.exe, 00000005.00000003.150083019662.000000000650C000.00000004.00000020.00020000.00000000.sdmp, ReefMasterSonarViewer1.1.42.exe, 00000005.00000003.150082522881.0000000006505000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Code\SharpDX\Bin\DirectX11-Signed-net40\SharpDX.Direct3D9.pdb source: SharpDX.Direct3D9.dll.6.dr
Source: Binary string: C:\JobRelease\win\Release\stubs\x86\ExternalUi.pdb source: ReefMasterSonarViewer1.1.42.exe
Source: Binary string: C:\Code\SharpDX\Bin\DirectX11-Signed-net40\SharpDX.Direct3D11.pdb source: ReefMasterSonarViewer.exe, 0000000E.00000002.151018158616.000002A45E9D2000.00000002.00000001.01000000.00000015.sdmp
Source: Binary string: C:\JobRelease\win\Release\custact\x86\Prereq.pdb source: ReefMasterSonarViewer1.1.42.exe
Source: Binary string: C:\JobRelease\win\Release\custact\x86\Prereq.pdbi source: ReefMasterSonarViewer1.1.42.exe
Source: Binary string: D3DCompiler_43.pdb source: ReefMasterSonarViewer.exe, ReefMasterSonarViewer.exe, 0000000E.00000002.151034554218.00007FFD166C1000.00000020.00000001.01000000.0000000C.sdmp
Source: Binary string: C:\Code\SharpDX\Bin\DirectX11-Signed-net40\SharpDX.DXGI.pdb source: ReefMasterSonarViewer.exe, 0000000E.00000002.151027384088.000002A45F872000.00000002.00000001.01000000.0000001C.sdmp
Source: Binary string: C:\Code\SharpDX\Bin\DirectX11-Signed-net40\SharpDX.D3DCompiler.pdb source: SharpDX.D3DCompiler.dll.6.dr
Source: Binary string: wininet.pdbUGP source: ReefMasterSonarViewer1.1.42.exe, 00000005.00000003.149766463670.0000000003EF0000.00000004.00000020.00020000.00000000.sdmp, ReefMasterSonarViewer1.1.42.exe, 00000009.00000003.149953380192.00000000039D4000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Code\SharpDX\Bin\DirectX11-Signed-net40\SharpDX.Direct3D11.pdb$ source: ReefMasterSonarViewer.exe, 0000000E.00000002.151018158616.000002A45E9D2000.00000002.00000001.01000000.00000015.sdmp
Source: Binary string: c:\Products\WpfRibbonBuild\SourceCode\trunk\DevComponents.WPF.Controls\obj\Release\DevComponents.WPF.Controls.pdb source: ReefMasterSonarViewer.exe, 0000000E.00000002.151019455565.000002A45EC72000.00000002.00000001.01000000.0000001A.sdmp
Source: Binary string: c:\Users\Matthew\Documents\Dev\Gong\gong-wpf-dragdrop-master\GongSolutions.Wpf.DragDrop\obj\Debug\GongSolutions.Wpf.DragDrop.pdbD source: ReefMasterSonarViewer.exe, 0000000E.00000002.151027243378.000002A45F6D2000.00000002.00000001.01000000.0000001B.sdmp
Source: Binary string: C:\Code\SharpDX\Bin\DirectX11-Signed-net40\SharpDX.pdb source: ReefMasterSonarViewer.exe, 0000000E.00000002.151018551009.000002A45EA62000.00000002.00000001.01000000.00000017.sdmp
Source: Binary string: c:\Users\Matthew\Documents\Dev\Gong\gong-wpf-dragdrop-master\GongSolutions.Wpf.DragDrop\obj\Debug\GongSolutions.Wpf.DragDrop.pdb source: ReefMasterSonarViewer.exe, 0000000E.00000002.151027243378.000002A45F6D2000.00000002.00000001.01000000.0000001B.sdmp
Source: Binary string: D3DCompiler_43.pdbH source: ReefMasterSonarViewer.exe, 0000000E.00000002.151034554218.00007FFD166C1000.00000020.00000001.01000000.0000000C.sdmp
Source: Binary string: C:\JobRelease\win\Release\custact\x86\lzmaextractor.pdb source: ReefMasterSonarViewer1.1.42.exe
Source: Binary string: C:\JobRelease\win\Release\custact\x86\AICustAct.pdbg source: ReefMasterSonarViewer1.1.42.exe, MSIDDD2.tmp.5.dr, MSID8BD.tmp.5.dr, MSIDF1F.tmp.5.dr, MSI5319.tmp.5.dr
Source: Binary string: C:\JobRelease\win\Release\stubs\x86\Updater.pdb source: sonarviewer_updater.exe, 0000000F.00000002.150116550309.0000000000E3B000.00000002.00000001.01000000.0000000D.sdmp, sonarviewer_updater.exe, 0000000F.00000000.150093611695.0000000000E3B000.00000002.00000001.01000000.0000000D.sdmp
Checks for available system drives (often done to infect USB drives)
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe File opened: z: Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe File opened: x: Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe File opened: v: Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe File opened: t: Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe File opened: r: Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe File opened: p: Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe File opened: n: Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe File opened: l: Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe File opened: j: Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe File opened: h: Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe File opened: f: Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe File opened: d: Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe File opened: b: Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe File opened: y: Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe File opened: w: Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe File opened: u: Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe File opened: s: Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe File opened: q: Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe File opened: o: Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe File opened: m: Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe File opened: k: Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe File opened: i: Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe File opened: g: Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe File opened: e: Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe File opened: c: Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe File opened: a: Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00E4A3A0 FindFirstFileW,GetLastError,FindClose, 5_2_00E4A3A0
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00E52810 FindFirstFileW,FindClose,FindClose, 5_2_00E52810
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00E67100 ReadFile,FindFirstFileW,FindClose,CloseHandle,CloseHandle,CloseHandle,CreateEventW,CreateThread,WaitForSingleObject,GetExitCodeThread,CloseHandle,CloseHandle,CloseHandle,CloseHandle,CloseHandle,CloseHandle,CloseHandle,DuplicateHandle,CloseHandle, 5_2_00E67100
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00E68080 FindFirstFileW,FindClose, 5_2_00E68080
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00E72050 FindFirstFileW,FindClose, 5_2_00E72050
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00E749E0 FindFirstFileW,FindClose, 5_2_00E749E0
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00E4EE20 FindFirstFileW,FindClose,PathIsUNCW,FindFirstFileW,GetFullPathNameW,GetFullPathNameW,FindClose,SetLastError, 5_2_00E4EE20
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 9_2_00E4A3A0 FindFirstFileW,GetLastError,FindClose, 9_2_00E4A3A0
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD155ED0C0 FindFirstFileExW, 14_2_00007FFD155ED0C0
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00E3ED30 GetLogicalDriveStringsW, 5_2_00E3ED30

Networking
barindex
Snort IDS alert for network traffic
Source: Traffic Snort IDS: 2834928 ETPRO MALWARE Observed Suspicious UA (AdvancedInstaller) 192.168.11.20:50378 -> 20.60.80.196:80
JA3 SSL client fingerprint seen in connection with other malware
Source: Joe Sandbox View JA3 fingerprint: ce5f3254611a8c095a3d821d44539877
Uses a known web browser user agent for HTTP communication
Source: global traffic HTTP traffic detected: POST /limelm/api/rest/ HTTP/1.1Host: wyday.comAuthorization: Basic Og==User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept: */*Accept-Encoding: brContent-Length: 782Content-Type: application/x-www-form-urlencoded
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD1558F828 socket,htonl,setsockopt,bind,getsockname,listen,socket,connect,accept,send,recv,closesocket,closesocket,closesocket,closesocket, 14_2_00007FFD1558F828
Source: ReefMasterSonarViewer1.1.42.exe String found in binary or memory: ALShell32.dllShlwapi.dllbinSoftware\JavaSoft\Java Runtime Environment\Software\JavaSoft\Java Development Kit\JavaHomeFlashWindowExFlashWindowGetPackagePathKernel32.dllhttp://www.google.comhttp://www.example.comhttp://www.yahoo.comtin9999.tmpTEST.partattachmentHEAD "=charsetfilename123DLDutf-8POSTISO-8859-1utf-16AdvancedInstallerUS-ASCIILocal Network ServerGET*/*FTP ServerRange: bytes=%u- equals www.yahoo.com (Yahoo)
Source: ReefMasterSonarViewer1.1.42.exe, 00000005.00000000.149752094953.0000000000F37000.00000002.00000001.01000000.00000004.sdmp, ReefMasterSonarViewer1.1.42.exe, 00000005.00000002.150087793615.0000000000F37000.00000002.00000001.01000000.00000004.sdmp, ReefMasterSonarViewer1.1.42.exe, 00000009.00000002.150010724584.0000000000F37000.00000002.00000001.01000000.00000004.sdmp String found in binary or memory: Shell32.dllShlwapi.dllbinSoftware\JavaSoft\Java Runtime Environment\Software\JavaSoft\Java Development Kit\JavaHomeFlashWindowExFlashWindowGetPackagePathKernel32.dllhttp://www.google.comhttp://www.example.comhttp://www.yahoo.comtin9999.tmpTEST.partattachmentHEAD "=charsetfilename123DLDutf-8POSTISO-8859-1utf-16AdvancedInstallerUS-ASCIILocal Network ServerGET*/*FTP ServerRange: bytes=%u- equals www.yahoo.com (Yahoo)
Source: ReefMasterSonarViewer1.1.42.exe String found in binary or memory: http://www.yahoo.com equals www.yahoo.com (Yahoo)
Source: global traffic DNS traffic detected: DNS query: wyday.com
Source: unknown HTTP traffic detected: POST /limelm/api/rest/ HTTP/1.1Host: wyday.comAuthorization: Basic Og==User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept: */*Accept-Encoding: brContent-Length: 782Content-Type: application/x-www-form-urlencoded
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151033527663.00007FFD155FE000.00000002.00000001.01000000.0000000E.sdmp, TurboActivate.dll.6.dr String found in binary or memory: http://.css
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151033527663.00007FFD155FE000.00000002.00000001.01000000.0000000E.sdmp, TurboActivate.dll.6.dr String found in binary or memory: http://.jpg
Source: ReefMasterSonarViewer1.1.42.exe, TurboActivate.dll.6.dr, MSIDDD2.tmp.5.dr, MSID8BD.tmp.5.dr, MSIDF1F.tmp.5.dr, MSI5319.tmp.5.dr String found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0
Source: ReefMasterSonarViewer1.1.42.exe, TurboActivate.dll.6.dr, MSIDDD2.tmp.5.dr, MSID8BD.tmp.5.dr, MSIDF1F.tmp.5.dr, MSI5319.tmp.5.dr String found in binary or memory: http://cacerts.digicert.com/DigiCertSHA2AssuredIDTimestampingCA.crt0
Source: ReefMasterSonarViewer1.1.42.exe, 00000005.00000003.150082328381.000000000097B000.00000004.00000020.00020000.00000000.sdmp, ReefMasterSonarViewer1.1.42.exe, 00000005.00000002.150087103964.000000000099C000.00000004.00000020.00020000.00000000.sdmp, ReefMasterSonarViewer1.1.42.exe, 00000005.00000003.149763968615.000000000099E000.00000004.00000020.00020000.00000000.sdmp, ReefMasterSonarViewer1.1.42.exe, 00000005.00000003.150082716103.000000000097B000.00000004.00000020.00020000.00000000.sdmp, ReefMasterSonarViewer1.1.42.exe, 00000005.00000003.150082845986.000000000099A000.00000004.00000020.00020000.00000000.sdmp, ReefMasterSonarViewer1.1.42.exe, 00000005.00000003.150053603692.0000000000978000.00000004.00000020.00020000.00000000.sdmp, ReefMasterSonarViewer1.1.42.exe, 00000005.00000003.150053420732.0000000000954000.00000004.00000020.00020000.00000000.sdmp, ReefMasterSonarViewer1.1.42.exe, 00000005.00000003.149971177637.0000000000954000.00000004.00000020.00020000.00000000.sdmp, ReefMasterSonarViewer1.1.42.exe, 00000009.00000002.150011223373.0000000001260000.00000004.00000020.00020000.00000000.sdmp, ReefMasterSonarViewer.exe, 0000000E.00000002.151016938725.000002A45E7E1000.00000004.00000020.00020000.00000000.sdmp String found in binary or memory: http://crl.comodoca.com/AAACertificateServices.crl06
Source: ReefMasterSonarViewer1.1.42.exe, 00000005.00000003.149971177637.0000000000954000.00000004.00000020.00020000.00000000.sdmp String found in binary or memory: http://crl.comodoca.com/COMODORSACertificationAuthority.crl0
Source: ReefMasterSonarViewer1.1.42.exe, TurboActivate.dll.6.dr String found in binary or memory: http://crl.comodoca.com/COMODORSACertificationAuthority.crl0q
Source: ReefMasterSonarViewer1.1.42.exe, TurboActivate.dll.6.dr, MSI28B7.tmp.6.dr String found in binary or memory: http://crl.comodoca.com/COMODORSAExtendedValidationCodeSigningCA.crl0
Source: ReefMasterSonarViewer1.1.42.exe, 00000005.00000003.150082328381.000000000097B000.00000004.00000020.00020000.00000000.sdmp, ReefMasterSonarViewer1.1.42.exe, 00000005.00000002.150087103964.000000000099C000.00000004.00000020.00020000.00000000.sdmp, ReefMasterSonarViewer1.1.42.exe, 00000005.00000003.149763968615.000000000099E000.00000004.00000020.00020000.00000000.sdmp, ReefMasterSonarViewer1.1.42.exe, 00000005.00000003.150082716103.000000000097B000.00000004.00000020.00020000.00000000.sdmp, ReefMasterSonarViewer1.1.42.exe, 00000005.00000003.150082845986.000000000099A000.00000004.00000020.00020000.00000000.sdmp, ReefMasterSonarViewer1.1.42.exe, 00000005.00000003.150053603692.0000000000978000.00000004.00000020.00020000.00000000.sdmp, ReefMasterSonarViewer1.1.42.exe, 00000005.00000003.150053420732.0000000000954000.00000004.00000020.00020000.00000000.sdmp, ReefMasterSonarViewer1.1.42.exe, 00000005.00000003.149971177637.0000000000954000.00000004.00000020.00020000.00000000.sdmp, ReefMasterSonarViewer1.1.42.exe, 00000009.00000003.150009909403.00000000012F2000.00000004.00000020.00020000.00000000.sdmp, ReefMasterSonarViewer1.1.42.exe, 00000009.00000003.149949641020.00000000012F6000.00000004.00000020.00020000.00000000.sdmp, ReefMasterSonarViewer1.1.42.exe, 00000009.00000003.149949749438.00000000012F6000.00000004.00000020.00020000.00000000.sdmp, ReefMasterSonarViewer1.1.42.exe, 00000009.00000002.150011601011.00000000012F5000.00000004.00000020.00020000.00000000.sdmp, ReefMasterSonarViewer1.1.42.exe, 00000009.00000003.150009347313.00000000012E0000.00000004.00000020.00020000.00000000.sdmp, ReefMasterSonarViewer.exe, 0000000E.00000002.151016938725.000002A45E7E1000.00000004.00000020.00020000.00000000.sdmp String found in binary or memory: http://crl.globalsign.net/root-r2.crl0
Source: ReefMasterSonarViewer1.1.42.exe String found in binary or memory: http://crl.sectigo.com/SectigoRSATimeStampingCA.crl0t
Source: ReefMasterSonarViewer1.1.42.exe, TurboActivate.dll.6.dr, MSIDDD2.tmp.5.dr, MSID8BD.tmp.5.dr, MSIDF1F.tmp.5.dr, MSI5319.tmp.5.dr String found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0P
Source: ReefMasterSonarViewer1.1.42.exe, TurboActivate.dll.6.dr, MSIDDD2.tmp.5.dr, MSID8BD.tmp.5.dr, MSIDF1F.tmp.5.dr, MSI5319.tmp.5.dr String found in binary or memory: http://crl3.digicert.com/sha2-assured-ts.crl02
Source: ReefMasterSonarViewer1.1.42.exe, TurboActivate.dll.6.dr, MSIDDD2.tmp.5.dr, MSID8BD.tmp.5.dr, MSIDF1F.tmp.5.dr, MSI5319.tmp.5.dr String found in binary or memory: http://crl4.digicert.com/DigiCertAssuredIDRootCA.crl0:
Source: ReefMasterSonarViewer1.1.42.exe, TurboActivate.dll.6.dr, MSIDDD2.tmp.5.dr, MSID8BD.tmp.5.dr, MSIDF1F.tmp.5.dr, MSI5319.tmp.5.dr String found in binary or memory: http://crl4.digicert.com/sha2-assured-ts.crl0
Source: ReefMasterSonarViewer1.1.42.exe String found in binary or memory: http://crt.sectigo.com/SectigoRSATimeStampingCA.crt0#
Source: ReefMasterSonarViewer1.1.42.exe, 00000005.00000002.150088876344.00000000059A0000.00000004.00000020.00020000.00000000.sdmp String found in binary or memory: http://crt.usertrust
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446644000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://defaultcontainer/ReefMasterSonarViewer;component/controls/applicationsettingscontrol.xaml
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A44656D000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://defaultcontainer/ReefMasterSonarViewer;component/controls/datapanel.xaml
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446498000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://defaultcontainer/ReefMasterSonarViewer;component/controls/mouseoverpopup.xaml
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446644000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://defaultcontainer/ReefMasterSonarViewer;component/controls/quickaccesstoolbar.xaml
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446644000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://defaultcontainer/ReefMasterSonarViewer;component/controls/recentfilelistcontrol.xaml
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446498000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://defaultcontainer/ReefMasterSonarViewer;component/controls/sonarviewercontrolbar.xaml
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A44686C000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://defaultcontainer/ReefMasterSonarViewer;component/controls/trialwindow.xaml
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446498000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://defaultcontainer/ReefMasterSonarViewer;component/sonarviewer/channelselectcontrol.xaml
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446498000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://defaultcontainer/ReefMasterSonarViewer;component/sonarviewer/sonarviewerchannelgridrows.xaml
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A4469B4000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://defaultcontainer/Resources/Images/Camera35.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A44656D000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://defaultcontainer/Resources/Images/ControlBarIcons/PlayD25.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A44656D000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://defaultcontainer/Resources/Images/ControlBarIcons/PlayN25.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A44656D000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://defaultcontainer/Resources/Images/ControlBarIcons/PlayO25.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446498000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://defaultcontainer/Resources/Images/ControlBarIcons/ShowMapD50.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446498000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://defaultcontainer/Resources/Images/ControlBarIcons/ShowMapN50.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446498000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://defaultcontainer/Resources/Images/ControlBarIcons/ShowMapO50.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446498000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://defaultcontainer/Resources/Images/ControlBarIcons/ShowSonarD50.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446498000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://defaultcontainer/Resources/Images/ControlBarIcons/ShowSonarN50.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446498000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://defaultcontainer/Resources/Images/ControlBarIcons/ShowSonarO50.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A44656D000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://defaultcontainer/Resources/Images/ControlBarIcons/StopD25.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A44656D000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://defaultcontainer/Resources/Images/ControlBarIcons/StopN25.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A44656D000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://defaultcontainer/Resources/Images/ControlBarIcons/StopO25.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446644000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://defaultcontainer/Resources/Images/Help_D_QA20px.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446644000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://defaultcontainer/Resources/Images/Help_N_QA20px.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A44656D000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://defaultcontainer/Resources/Images/Logo_White.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446644000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://defaultcontainer/Resources/Images/MouseModeIcons/DropPinD50.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446644000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://defaultcontainer/Resources/Images/MouseModeIcons/DropPinN50.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446644000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://defaultcontainer/Resources/Images/MouseModeIcons/DropPinO50.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446644000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://defaultcontainer/Resources/Images/MouseModeIcons/GrabD50.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446644000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://defaultcontainer/Resources/Images/MouseModeIcons/GrabN50.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446644000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://defaultcontainer/Resources/Images/MouseModeIcons/GrabO50.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446644000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://defaultcontainer/Resources/Images/MouseModeIcons/PointerD50.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446644000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://defaultcontainer/Resources/Images/MouseModeIcons/PointerN50.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446644000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://defaultcontainer/Resources/Images/MouseModeIcons/PointerO50.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446644000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://defaultcontainer/Resources/Images/MouseModeIcons/RulerD50.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446644000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://defaultcontainer/Resources/Images/MouseModeIcons/RulerN50.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446644000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://defaultcontainer/Resources/Images/MouseModeIcons/RulerO50.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446644000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://defaultcontainer/Resources/Images/MouseModeIcons/ZoomD50.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446644000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://defaultcontainer/Resources/Images/MouseModeIcons/ZoomN50.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446644000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://defaultcontainer/Resources/Images/MouseModeIcons/ZoomO50.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446498000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://defaultcontainer/Resources/Images/Note16.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446644000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://defaultcontainer/Resources/Images/QuickAccessToolbar/Open_D_QA20px.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A44686C000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://defaultcontainer/Resources/Images/logo.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446616000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://defaultcontainer/Resources/Images/mouse.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A44655F000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://defaultcontainer/Resources/Images/save23.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A4469B4000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/Resources/Images/Camera35.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A44656D000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/Resources/Images/ControlBarIcons/PlayD25.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A44656D000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/Resources/Images/ControlBarIcons/PlayN25.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A44656D000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/Resources/Images/ControlBarIcons/PlayO25.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446498000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/Resources/Images/ControlBarIcons/ShowMapD50.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446498000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/Resources/Images/ControlBarIcons/ShowMapN50.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446498000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/Resources/Images/ControlBarIcons/ShowMapO50.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446498000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/Resources/Images/ControlBarIcons/ShowSonarD50.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446498000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/Resources/Images/ControlBarIcons/ShowSonarN50.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446498000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/Resources/Images/ControlBarIcons/ShowSonarO50.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A44656D000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/Resources/Images/ControlBarIcons/StopD25.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A44656D000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/Resources/Images/ControlBarIcons/StopN25.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A44656D000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/Resources/Images/ControlBarIcons/StopO25.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446644000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/Resources/Images/Help_D_QA20px.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446644000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/Resources/Images/Help_N_QA20px.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A44656D000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/Resources/Images/Logo_White.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446644000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/Resources/Images/MouseModeIcons/DropPinD50.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446644000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/Resources/Images/MouseModeIcons/DropPinN50.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446644000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/Resources/Images/MouseModeIcons/DropPinO50.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446644000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/Resources/Images/MouseModeIcons/GrabD50.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446644000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/Resources/Images/MouseModeIcons/GrabN50.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446644000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/Resources/Images/MouseModeIcons/GrabO50.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446644000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/Resources/Images/MouseModeIcons/PointerD50.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446644000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/Resources/Images/MouseModeIcons/PointerN50.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446644000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/Resources/Images/MouseModeIcons/PointerO50.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446644000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/Resources/Images/MouseModeIcons/RulerD50.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446644000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/Resources/Images/MouseModeIcons/RulerN50.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446644000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/Resources/Images/MouseModeIcons/RulerO50.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446644000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/Resources/Images/MouseModeIcons/ZoomD50.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446644000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/Resources/Images/MouseModeIcons/ZoomN50.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446644000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/Resources/Images/MouseModeIcons/ZoomO50.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446498000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/Resources/Images/Note16.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446644000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/Resources/Images/QuickAccessToolbar/Open_D_QA20px.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A44686C000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/Resources/Images/logo.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446616000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/Resources/Images/mouse.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A44655F000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/Resources/Images/save23.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446644000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/bar/controls/applicationsettingscontrol.baml
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A44656D000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/bar/controls/datapanel.baml
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446498000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/bar/controls/mouseoverpopup.baml
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446644000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/bar/controls/quickaccesstoolbar.baml
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446644000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/bar/controls/recentfilelistcontrol.baml
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446498000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/bar/controls/sonarviewercontrolbar.baml
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A44686C000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/bar/controls/trialwindow.baml
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A4469B4000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/bar/resources/images/camera35.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A44656D000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/bar/resources/images/controlbaricons/playd25.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A44656D000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/bar/resources/images/controlbaricons/playn25.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A44656D000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/bar/resources/images/controlbaricons/playo25.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446498000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/bar/resources/images/controlbaricons/showmapd50.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446498000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/bar/resources/images/controlbaricons/showmapn50.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446498000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/bar/resources/images/controlbaricons/showmapo50.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446498000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/bar/resources/images/controlbaricons/showsonard50.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446498000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/bar/resources/images/controlbaricons/showsonarn50.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446498000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/bar/resources/images/controlbaricons/showsonaro50.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A44656D000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/bar/resources/images/controlbaricons/stopd25.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A44656D000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/bar/resources/images/controlbaricons/stopn25.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A44656D000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/bar/resources/images/controlbaricons/stopo25.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446644000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/bar/resources/images/help_d_qa20px.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446644000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/bar/resources/images/help_n_qa20px.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A44686C000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/bar/resources/images/logo.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A44656D000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/bar/resources/images/logo_white.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446616000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/bar/resources/images/mouse.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446644000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/bar/resources/images/mousemodeicons/droppind50.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446644000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/bar/resources/images/mousemodeicons/droppinn50.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446644000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/bar/resources/images/mousemodeicons/droppino50.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446644000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/bar/resources/images/mousemodeicons/grabd50.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446644000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/bar/resources/images/mousemodeicons/grabn50.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446644000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/bar/resources/images/mousemodeicons/grabo50.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446644000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/bar/resources/images/mousemodeicons/pointerd50.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446644000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/bar/resources/images/mousemodeicons/pointern50.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446644000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/bar/resources/images/mousemodeicons/pointero50.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446644000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/bar/resources/images/mousemodeicons/rulerd50.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446644000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/bar/resources/images/mousemodeicons/rulern50.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446644000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/bar/resources/images/mousemodeicons/rulero50.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446644000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/bar/resources/images/mousemodeicons/zoomd50.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446644000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/bar/resources/images/mousemodeicons/zoomn50.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446644000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/bar/resources/images/mousemodeicons/zoomo50.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446498000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/bar/resources/images/note16.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446644000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/bar/resources/images/quickaccesstoolbar/open_d_qa20px.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A44655F000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/bar/resources/images/save23.png
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446498000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/bar/sonarviewer/channelselectcontrol.baml
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446498000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/bar/sonarviewer/sonarviewerchannelgridrows.baml
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446644000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/controls/applicationsettingscontrol.xaml
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A44656D000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/controls/datapanel.xaml
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446498000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/controls/mouseoverpopup.xaml
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446644000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/controls/quickaccesstoolbar.xaml
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446644000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/controls/recentfilelistcontrol.xaml
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446498000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/controls/sonarviewercontrolbar.xaml
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A44686C000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/controls/trialwindow.xaml
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446498000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/sonarviewer/channelselectcontrol.xaml
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446498000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://foo/sonarviewer/sonarviewerchannelgridrows.xaml
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151033527663.00007FFD155FE000.00000002.00000001.01000000.0000000E.sdmp, TurboActivate.dll.6.dr String found in binary or memory: http://html4/loose.dtd
Source: ReefMasterSonarViewer1.1.42.exe, TurboActivate.dll.6.dr, MSI28B7.tmp.6.dr String found in binary or memory: http://ocsp.comodoca.com0
Source: TurboActivate.dll.6.dr String found in binary or memory: http://ocsp.comodoca.com02
Source: ReefMasterSonarViewer1.1.42.exe, TurboActivate.dll.6.dr, MSIDDD2.tmp.5.dr, MSID8BD.tmp.5.dr, MSIDF1F.tmp.5.dr, MSI5319.tmp.5.dr String found in binary or memory: http://ocsp.digicert.com0C
Source: ReefMasterSonarViewer1.1.42.exe, TurboActivate.dll.6.dr, MSIDDD2.tmp.5.dr, MSID8BD.tmp.5.dr, MSIDF1F.tmp.5.dr, MSI5319.tmp.5.dr String found in binary or memory: http://ocsp.digicert.com0O
Source: ReefMasterSonarViewer1.1.42.exe String found in binary or memory: http://ocsp.sectigo.com0
Source: MSI28B7.tmp.6.dr, sonarviewer_updater.ini.6.dr String found in binary or memory: http://reefmastersoftware.blob.core.windows.net/sonarviewer-updates/ReefMaster
Source: sonarviewer_updater.exe, 0000000F.00000002.150115965577.0000000000BF5000.00000004.00000020.00020000.00000000.sdmp String found in binary or memory: http://reefmastersoftware.blob.core.windows.net/sonarviewer-updates/ReefMaster%20Sonar%20Viewer%20Up
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446013000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://schemas.xmlsoap.org/soap/encoding/
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A446013000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
Source: ReefMasterSonarViewer1.1.42.exe, MSIDDD2.tmp.5.dr, MSID8BD.tmp.5.dr, MSIDF1F.tmp.5.dr, MSI5319.tmp.5.dr String found in binary or memory: http://t1.symcb.com/ThawtePCA.crl0
Source: ReefMasterSonarViewer1.1.42.exe, MSIDDD2.tmp.5.dr, MSID8BD.tmp.5.dr, MSIDF1F.tmp.5.dr, MSI5319.tmp.5.dr String found in binary or memory: http://t2.symcb.com0
Source: ReefMasterSonarViewer1.1.42.exe, MSIDDD2.tmp.5.dr, MSID8BD.tmp.5.dr, MSIDF1F.tmp.5.dr, MSI5319.tmp.5.dr String found in binary or memory: http://tl.symcb.com/tl.crl0
Source: ReefMasterSonarViewer1.1.42.exe, MSIDDD2.tmp.5.dr, MSID8BD.tmp.5.dr, MSIDF1F.tmp.5.dr, MSI5319.tmp.5.dr String found in binary or memory: http://tl.symcb.com/tl.crt0
Source: ReefMasterSonarViewer1.1.42.exe, MSIDDD2.tmp.5.dr, MSID8BD.tmp.5.dr, MSIDF1F.tmp.5.dr, MSI5319.tmp.5.dr String found in binary or memory: http://tl.symcd.com0&
Source: ReefMasterSonarViewer1.1.42.exe, MSIDDD2.tmp.5.dr, MSID8BD.tmp.5.dr, MSIDF1F.tmp.5.dr, MSI5319.tmp.5.dr String found in binary or memory: http://www.digicert.com/CPS0
Source: ReefMasterSonarViewer1.1.42.exe String found in binary or memory: http://www.google.com
Source: ReefMasterSonarViewer.exe, 0000000E.00000000.150081123216.000002A4440B2000.00000002.00000001.01000000.0000000A.sdmp, ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A44638D000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://www.opencyclemap.org/
Source: ReefMasterSonarViewer.exe, 0000000E.00000000.150081123216.000002A4440B2000.00000002.00000001.01000000.0000000A.sdmp String found in binary or memory: http://www.openstreetmap.org/copyright
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A44638D000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://www.openstreetmap.org/copyrightl
Source: ReefMasterSonarViewer1.1.42.exe, 00000005.00000003.150082328381.000000000097B000.00000004.00000020.00020000.00000000.sdmp, ReefMasterSonarViewer1.1.42.exe, 00000005.00000002.150087103964.000000000099C000.00000004.00000020.00020000.00000000.sdmp, ReefMasterSonarViewer1.1.42.exe, 00000005.00000003.149763968615.000000000099E000.00000004.00000020.00020000.00000000.sdmp, ReefMasterSonarViewer1.1.42.exe, 00000005.00000003.150082716103.000000000097B000.00000004.00000020.00020000.00000000.sdmp, ReefMasterSonarViewer1.1.42.exe, 00000005.00000003.150082845986.000000000099A000.00000004.00000020.00020000.00000000.sdmp, ReefMasterSonarViewer1.1.42.exe, 00000005.00000003.150053603692.0000000000978000.00000004.00000020.00020000.00000000.sdmp, ReefMasterSonarViewer1.1.42.exe, 00000005.00000003.150053420732.0000000000954000.00000004.00000020.00020000.00000000.sdmp, ReefMasterSonarViewer1.1.42.exe, 00000005.00000003.149971177637.0000000000954000.00000004.00000020.00020000.00000000.sdmp, ReefMasterSonarViewer1.1.42.exe, 00000009.00000002.150011223373.0000000001260000.00000004.00000020.00020000.00000000.sdmp, ReefMasterSonarViewer.exe, 0000000E.00000002.151016938725.000002A45E7E1000.00000004.00000020.00020000.00000000.sdmp String found in binary or memory: http://www.quovadis.bm0
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A44686C000.00000004.00000800.00020000.00000000.sdmp, ReefMasterSonarViewer.exe, 0000000E.00000002.151009984417.000002A44682F000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://www.w3.or
Source: ReefMasterSonarViewer1.1.42.exe String found in binary or memory: http://www.yahoo.com
Source: ReefMasterSonarViewer1.1.42.exe, 00000005.00000003.150082328381.000000000097B000.00000004.00000020.00020000.00000000.sdmp, ReefMasterSonarViewer1.1.42.exe, 00000005.00000002.150087103964.000000000099C000.00000004.00000020.00020000.00000000.sdmp, ReefMasterSonarViewer1.1.42.exe, 00000005.00000003.149763968615.000000000099E000.00000004.00000020.00020000.00000000.sdmp, ReefMasterSonarViewer1.1.42.exe, 00000005.00000003.150082716103.000000000097B000.00000004.00000020.00020000.00000000.sdmp, ReefMasterSonarViewer1.1.42.exe, 00000005.00000003.150082845986.000000000099A000.00000004.00000020.00020000.00000000.sdmp, ReefMasterSonarViewer1.1.42.exe, 00000005.00000003.150053603692.0000000000978000.00000004.00000020.00020000.00000000.sdmp, ReefMasterSonarViewer1.1.42.exe, 00000005.00000003.150053420732.0000000000954000.00000004.00000020.00020000.00000000.sdmp, ReefMasterSonarViewer1.1.42.exe, 00000005.00000003.149971177637.0000000000954000.00000004.00000020.00020000.00000000.sdmp, ReefMasterSonarViewer1.1.42.exe, 00000009.00000002.150011223373.0000000001260000.00000004.00000020.00020000.00000000.sdmp, ReefMasterSonarViewer.exe, 0000000E.00000002.151016938725.000002A45E7E1000.00000004.00000020.00020000.00000000.sdmp String found in binary or memory: https://ocsp.quovadisoffshore.com0
Source: sonarviewer_updater.exe, 0000000F.00000002.150115965577.0000000000BF5000.00000004.00000020.00020000.00000000.sdmp, sonarviewer_updater.exe, 0000000F.00000002.150115965577.0000000000C12000.00000004.00000020.00020000.00000000.sdmp String found in binary or memory: https://reefmastersoftware.blob.core.windows.net/sonarviewer-updates/ReefMasterSonarViewer1.1.42.exe
Source: ReefMasterSonarViewer1.1.42.exe, 00000009.00000003.150009909403.00000000012F2000.00000004.00000020.00020000.00000000.sdmp, ReefMasterSonarViewer1.1.42.exe, 00000009.00000002.150011601011.00000000012F5000.00000004.00000020.00020000.00000000.sdmp, ReefMasterSonarViewer1.1.42.exe, 00000009.00000003.150009347313.00000000012E0000.00000004.00000020.00020000.00000000.sdmp String found in binary or memory: https://sectigo.com
Source: ReefMasterSonarViewer1.1.42.exe, MSI28B7.tmp.6.dr String found in binary or memory: https://sectigo.com/CPS0
Source: ReefMasterSonarViewer1.1.42.exe String found in binary or memory: https://sectigo.com/CPS0D
Source: TurboActivate.dll.6.dr String found in binary or memory: https://sectigo.com/CPS0U
Source: ReefMasterSonarViewer1.1.42.exe, 00000009.00000003.150009909403.00000000012F2000.00000004.00000020.00020000.00000000.sdmp, ReefMasterSonarViewer1.1.42.exe, 00000009.00000002.150011601011.00000000012F5000.00000004.00000020.00020000.00000000.sdmp, ReefMasterSonarViewer1.1.42.exe, 00000009.00000003.150009347313.00000000012E0000.00000004.00000020.00020000.00000000.sdmp String found in binary or memory: https://sectigo.comh
Source: ReefMasterSonarViewer1.1.42.exe, TurboActivate.dll.6.dr String found in binary or memory: https://secure.comodo.com/CPS0L
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151021160605.000002A45EE97000.00000004.00000020.00020000.00000000.sdmp String found in binary or memory: https://secure.gravatar.com/avatar/;
Source: ReefMasterSonarViewer1.1.42.exe, MSIDDD2.tmp.5.dr, MSID8BD.tmp.5.dr, MSIDF1F.tmp.5.dr, MSI5319.tmp.5.dr String found in binary or memory: https://www.advancedinstaller.com
Source: ReefMasterSonarViewer1.1.42.exe, TurboActivate.dll.6.dr, MSIDDD2.tmp.5.dr, MSID8BD.tmp.5.dr, MSIDF1F.tmp.5.dr, MSI5319.tmp.5.dr String found in binary or memory: https://www.digicert.com/CPS0
Source: ReefMasterSonarViewer1.1.42.exe, MSIDDD2.tmp.5.dr, MSID8BD.tmp.5.dr, MSIDF1F.tmp.5.dr, MSI5319.tmp.5.dr String found in binary or memory: https://www.thawte.com/cps0/
Source: ReefMasterSonarViewer1.1.42.exe, MSIDDD2.tmp.5.dr, MSID8BD.tmp.5.dr, MSIDF1F.tmp.5.dr, MSI5319.tmp.5.dr String found in binary or memory: https://www.thawte.com/repository0W
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151033527663.00007FFD155FE000.00000002.00000001.01000000.0000000E.sdmp, ReefMasterSonarViewer.exe, 0000000E.00000002.151022414756.000002A45EF92000.00000004.00000020.00020000.00000000.sdmp, TurboActivate.dll.6.dr String found in binary or memory: https://wyday.com/limelm/api/rest/
Source: TurboActivate.dll.6.dr String found in binary or memory: https://wyday.com/limelm/api/rest/D
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151033527663.00007FFD155FE000.00000002.00000001.01000000.0000000E.sdmp String found in binary or memory: https://wyday.com/limelm/api/rest/httpsSignature
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50383
Source: unknown Network traffic detected: HTTP traffic on port 50383 -> 443
Source: unknown HTTPS traffic detected: 45.33.71.201:443 -> 192.168.11.20:50383 version: TLS 1.2
Contains functionality to record screenshots
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00E2C110 SendMessageW,GetParent,GetParent,GetWindowRect,GetParent,GetDC,CreateCompatibleDC,CreateCompatibleBitmap,SelectObject,MapWindowPoints,FillRect,DeleteDC,SendMessageW,SendMessageW,SendMessageW, 5_2_00E2C110
Contains functionality to retrieve information about pressed keystrokes
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00DF3E80 ShowWindow,ShowWindow,GetWindowLongW,SetWindowLongW,SetWindowLongW,NtdllDefWindowProc_W,SetWindowLongW,GetWindowLongW,SetWindowLongW,SetWindowLongW,NtdllDefWindowProc_W,SetWindowLongW,GetWindowDC,GetWindowLongW,SetWindowLongW,SetWindowLongW,NtdllDefWindowProc_W,SetWindowLongW,DeleteDC,GetWindowRect,GetWindowDC,GetWindowDC,DeleteDC,GetWindowDC,GetWindowDC,SendMessageW,DeleteDC,GetSystemMetrics,GetAsyncKeyState,GetWindowDC,TrackMouseEvent,DeleteDC,GetWindowDC,DeleteDC, 5_2_00DF3E80
Contains functionality to call native functions
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00DEC1F0 NtdllDefWindowProc_W, 5_2_00DEC1F0
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00E34869 SetUnhandledExceptionFilter,NtdllDefWindowProc_W,KiUserCallbackDispatcher, 5_2_00E34869
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00DFF960 DeleteObject,GetWindowLongW,NtdllDefWindowProc_W,GetClientRect,SendMessageW, 5_2_00DFF960
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00E87BE0 NtdllDefWindowProc_W, 5_2_00E87BE0
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00DF3E80 ShowWindow,ShowWindow,GetWindowLongW,SetWindowLongW,SetWindowLongW,NtdllDefWindowProc_W,SetWindowLongW,GetWindowLongW,SetWindowLongW,SetWindowLongW,NtdllDefWindowProc_W,SetWindowLongW,GetWindowDC,GetWindowLongW,SetWindowLongW,SetWindowLongW,NtdllDefWindowProc_W,SetWindowLongW,DeleteDC,GetWindowRect,GetWindowDC,GetWindowDC,DeleteDC,GetWindowDC,GetWindowDC,SendMessageW,DeleteDC,GetSystemMetrics,GetAsyncKeyState,GetWindowDC,TrackMouseEvent,DeleteDC,GetWindowDC,DeleteDC, 5_2_00DF3E80
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00DEA2F8 NtdllDefWindowProc_W,SetRectEmpty, 5_2_00DEA2F8
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00DF2290 NtdllDefWindowProc_W,SetWindowLongW,GetClientRect,GetParent,SetWindowLongW,ShowWindow, 5_2_00DF2290
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00DBE270 GetWindowLongW,GetWindowLongW,GetWindowLongW,SetWindowLongW,NtdllDefWindowProc_W,GetWindowLongW,GetWindowTextLengthW,GetWindowTextW,SetWindowTextW,GlobalAlloc,GlobalLock,GlobalUnlock,SetWindowLongW,NtdllDefWindowProc_W, 5_2_00DBE270
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00DE85C0 GetWindowLongW,SetWindowLongW,NtdllDefWindowProc_W, 5_2_00DE85C0
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00E2A590 GetWindowLongW,SetWindowLongW,NtdllDefWindowProc_W, 5_2_00E2A590
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00DEA8EA NtdllDefWindowProc_W, 5_2_00DEA8EA
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00E02800 GetWindowLongW,SetWindowLongW,NtdllDefWindowProc_W,SendMessageW,SetWindowPos,RedrawWindow,SendMessageW,SendMessageW,SendMessageW,SendMessageW,GetDC,GetSysColor,ReleaseDC, 5_2_00E02800
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00DBE820 SysFreeString,SysAllocString,GetWindowLongW,GetWindowLongW,GetWindowLongW,SetWindowLongW,NtdllDefWindowProc_W,GetWindowLongW,GetWindowTextLengthW,GetWindowTextW,SetWindowTextW,GlobalAlloc,GlobalLock,GlobalUnlock,SetWindowLongW,SysFreeString,NtdllDefWindowProc_W,SysFreeString, 5_2_00DBE820
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00E0C960 NtdllDefWindowProc_W, 5_2_00E0C960
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00DDABC0 CreateWindowExW,NtdllDefWindowProc_W,SendMessageW,SendMessageW,SendMessageW,SendMessageW,GetWindowTextLengthW,SendMessageW,ClientToScreen,GetWindowRect,PtInRect,SendMessageW,SendMessageW,SendMessageW,SetTimer, 5_2_00DDABC0
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00E0CBB0 NtdllDefWindowProc_W,GetWindowLongW,SetWindowLongW,GetWindowLongW,SetWindowLongW, 5_2_00E0CBB0
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00DCAD60 KillTimer,GetWindowLongW,SetWindowLongW,NtdllDefWindowProc_W,DeleteCriticalSection, 5_2_00DCAD60
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00DC0D00 GetWindowLongW,SetWindowLongW,NtdllDefWindowProc_W,DestroyWindow, 5_2_00DC0D00
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00DBEE50 NtdllDefWindowProc_W,GetSysColor, 5_2_00DBEE50
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00DF3190 NtdllDefWindowProc_W,SendMessageW,SendMessageW,SendMessageW,SendMessageW,SendMessageW,GetWindowTextLengthW,SendMessageW,ClientToScreen,GetWindowRect,PtInRect,SendMessageW,SendMessageW,SendMessageW,SetTimer, 5_2_00DF3190
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00DC1320 NtdllDefWindowProc_W, 5_2_00DC1320
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 9_2_00DEC1F0 NtdllDefWindowProc_W, 9_2_00DEC1F0
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 9_2_00DEA2F8 NtdllDefWindowProc_W, 9_2_00DEA2F8
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 9_2_00DF2290 NtdllDefWindowProc_W, 9_2_00DF2290
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 9_2_00DBE270 NtdllDefWindowProc_W,GlobalAlloc,GlobalLock,GlobalUnlock,NtdllDefWindowProc_W, 9_2_00DBE270
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 9_2_00DE85C0 NtdllDefWindowProc_W, 9_2_00DE85C0
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 9_2_00E2A590 NtdllDefWindowProc_W, 9_2_00E2A590
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 9_2_00DEA8EA NtdllDefWindowProc_W, 9_2_00DEA8EA
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 9_2_00E02800 NtdllDefWindowProc_W, 9_2_00E02800
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 9_2_00DBE820 SysFreeString,NtdllDefWindowProc_W,GlobalAlloc,GlobalLock,GlobalUnlock,SysFreeString,NtdllDefWindowProc_W,SysFreeString, 9_2_00DBE820
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 9_2_00E0C960 NtdllDefWindowProc_W, 9_2_00E0C960
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 9_2_00DDABC0 NtdllDefWindowProc_W, 9_2_00DDABC0
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 9_2_00E0CBB0 NtdllDefWindowProc_W, 9_2_00E0CBB0
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 9_2_00DCAD60 NtdllDefWindowProc_W,DeleteCriticalSection, 9_2_00DCAD60
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 9_2_00DC0D00 NtdllDefWindowProc_W, 9_2_00DC0D00
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 9_2_00DBEE50 NtdllDefWindowProc_W, 9_2_00DBEE50
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 9_2_00DF3190 NtdllDefWindowProc_W, 9_2_00DF3190
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 9_2_00DC1320 NtdllDefWindowProc_W, 9_2_00DC1320
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 9_2_00DC18E0 NtdllDefWindowProc_W, 9_2_00DC18E0
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 9_2_00DE79F0 NtdllDefWindowProc_W, 9_2_00DE79F0
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 9_2_00DFF960 NtdllDefWindowProc_W, 9_2_00DFF960
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 9_2_00DCFC50 NtdllDefWindowProc_W, 9_2_00DCFC50
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 9_2_00DC7D10 NtdllDefWindowProc_W, 9_2_00DC7D10
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 9_2_00DF3E80 NtdllDefWindowProc_W,NtdllDefWindowProc_W,NtdllDefWindowProc_W, 9_2_00DF3E80
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 9_2_00E07E80 NtdllDefWindowProc_W, 9_2_00E07E80
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD155446FC NtFlushProcessWriteBuffers, 14_2_00007FFD155446FC
Creates files inside the system directory
Source: C:\Windows\System32\msiexec.exe File created: C:\Windows\Installer\1402239.msi Jump to behavior
Source: C:\Windows\System32\msiexec.exe File created: C:\Windows\Installer\MSI2371.tmp Jump to behavior
Source: C:\Windows\System32\msiexec.exe File created: C:\Windows\Installer\MSI23EF.tmp Jump to behavior
Source: C:\Windows\System32\msiexec.exe File created: C:\Windows\Installer\MSI243E.tmp Jump to behavior
Source: C:\Windows\System32\msiexec.exe File created: C:\Windows\Installer\MSI247E.tmp Jump to behavior
Source: C:\Windows\System32\msiexec.exe File created: C:\Windows\Installer\MSI24CD.tmp Jump to behavior
Source: C:\Windows\System32\msiexec.exe File created: C:\Windows\Installer\MSI27FB.tmp Jump to behavior
Source: C:\Windows\System32\msiexec.exe File created: C:\Windows\Installer\inprogressinstallinfo.ipi Jump to behavior
Source: C:\Windows\System32\msiexec.exe File created: C:\Windows\Installer\SourceHash{53A352F5-DB53-4EE6-976A-81BBB0A97267} Jump to behavior
Source: C:\Windows\System32\msiexec.exe File created: C:\Windows\Installer\MSI28B7.tmp Jump to behavior
Source: C:\Windows\System32\msiexec.exe File created: C:\Windows\Installer\{53A352F5-DB53-4EE6-976A-81BBB0A97267} Jump to behavior
Source: C:\Windows\System32\msiexec.exe File created: C:\Windows\Installer\{53A352F5-DB53-4EE6-976A-81BBB0A97267}\reefmasterlogo.exe Jump to behavior
Source: C:\Windows\System32\msiexec.exe File created: C:\Windows\Installer\140223b.msi Jump to behavior
Source: C:\Windows\System32\msiexec.exe File created: C:\Windows\Installer\140223b.msi Jump to behavior
Deletes files inside the Windows folder
Source: C:\Windows\System32\msiexec.exe File deleted: C:\Windows\Installer\MSI2371.tmp Jump to behavior
Detected potential crypto function
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00DE48B0 5_2_00DE48B0
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00E2C930 5_2_00E2C930
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00ED9080 5_2_00ED9080
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00E5BE70 5_2_00E5BE70
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00E800F0 5_2_00E800F0
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00DC8070 5_2_00DC8070
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00DB2010 5_2_00DB2010
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00EE4490 5_2_00EE4490
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00EE46C2 5_2_00EE46C2
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00DE2980 5_2_00DE2980
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00DCCB00 5_2_00DCCB00
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00DE2D40 5_2_00DE2D40
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00E4EE20 5_2_00E4EE20
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00E12FE0 5_2_00E12FE0
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00DD2F00 5_2_00DD2F00
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00DF3190 5_2_00DF3190
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00EFB2BE 5_2_00EFB2BE
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00EF1259 5_2_00EF1259
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00EFB3DE 5_2_00EFB3DE
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 9_2_00DC8070 9_2_00DC8070
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 9_2_00DB2010 9_2_00DB2010
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 9_2_00EE46C2 9_2_00EE46C2
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 9_2_00DE48B0 9_2_00DE48B0
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 9_2_00DE2980 9_2_00DE2980
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 9_2_00E2C930 9_2_00E2C930
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 9_2_00DCCB00 9_2_00DCCB00
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 9_2_00DE2D40 9_2_00DE2D40
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 9_2_00E12FE0 9_2_00E12FE0
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 9_2_00DD2F00 9_2_00DD2F00
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 9_2_00DF3190 9_2_00DF3190
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 9_2_00E058E0 9_2_00E058E0
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 9_2_00ED9A30 9_2_00ED9A30
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 9_2_00DD1B70 9_2_00DD1B70
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 9_2_00DD5D10 9_2_00DD5D10
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 9_2_00E0DE00 9_2_00E0DE00
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD15595608 14_2_00007FFD15595608
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD155E3684 14_2_00007FFD155E3684
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD15531748 14_2_00007FFD15531748
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD15533188 14_2_00007FFD15533188
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD15529160 14_2_00007FFD15529160
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD1553DA28 14_2_00007FFD1553DA28
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD1558BA24 14_2_00007FFD1558BA24
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD155E3918 14_2_00007FFD155E3918
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD1552BABC 14_2_00007FFD1552BABC
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD1552C484 14_2_00007FFD1552C484
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD15528194 14_2_00007FFD15528194
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD155320C4 14_2_00007FFD155320C4
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD155383D4 14_2_00007FFD155383D4
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD155382C0 14_2_00007FFD155382C0
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD1557E268 14_2_00007FFD1557E268
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD1551A2E8 14_2_00007FFD1551A2E8
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD15530D78 14_2_00007FFD15530D78
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD15526F24 14_2_00007FFD15526F24
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD1557CF30 14_2_00007FFD1557CF30
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD15518F08 14_2_00007FFD15518F08
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD155389C8 14_2_00007FFD155389C8
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD15528A74 14_2_00007FFD15528A74
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD15596B10 14_2_00007FFD15596B10
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD155E35A0 14_2_00007FFD155E35A0
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD1559D590 14_2_00007FFD1559D590
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD155A184C 14_2_00007FFD155A184C
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD1559D818 14_2_00007FFD1559D818
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD155CF704 14_2_00007FFD155CF704
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD15515714 14_2_00007FFD15515714
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD1556B1BC 14_2_00007FFD1556B1BC
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD155631BC 14_2_00007FFD155631BC
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD15599180 14_2_00007FFD15599180
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD15549210 14_2_00007FFD15549210
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD155ED0C0 14_2_00007FFD155ED0C0
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD155E90B0 14_2_00007FFD155E90B0
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD155E1144 14_2_00007FFD155E1144
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD15527110 14_2_00007FFD15527110
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD1556F11C 14_2_00007FFD1556F11C
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD155EF3C8 14_2_00007FFD155EF3C8
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD155493BC 14_2_00007FFD155493BC
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD15579374 14_2_00007FFD15579374
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD1559D348 14_2_00007FFD1559D348
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD15589324 14_2_00007FFD15589324
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD155E3DB8 14_2_00007FFD155E3DB8
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD15575D76 14_2_00007FFD15575D76
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD15545E38 14_2_00007FFD15545E38
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD155D1C94 14_2_00007FFD155D1C94
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD1553BD5C 14_2_00007FFD1553BD5C
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD15569D06 14_2_00007FFD15569D06
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD15569CF8 14_2_00007FFD15569CF8
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD1558DF98 14_2_00007FFD1558DF98
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD1559FEC4 14_2_00007FFD1559FEC4
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD15581E6C 14_2_00007FFD15581E6C
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD155259A0 14_2_00007FFD155259A0
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD155F19B8 14_2_00007FFD155F19B8
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD15517A58 14_2_00007FFD15517A58
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD15575B60 14_2_00007FFD15575B60
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD1556FC44 14_2_00007FFD1556FC44
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD1559BBEC 14_2_00007FFD1559BBEC
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD155E9AB4 14_2_00007FFD155E9AB4
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD1559FA8C 14_2_00007FFD1559FA8C
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD155E7B54 14_2_00007FFD155E7B54
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD155424CC 14_2_00007FFD155424CC
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD155DC848 14_2_00007FFD155DC848
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD155F0824 14_2_00007FFD155F0824
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD15548830 14_2_00007FFD15548830
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD155D8698 14_2_00007FFD155D8698
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD155EA730 14_2_00007FFD155EA730
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD155761B8 14_2_00007FFD155761B8
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD155EC188 14_2_00007FFD155EC188
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD1559E17C 14_2_00007FFD1559E17C
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD155780B4 14_2_00007FFD155780B4
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD15564070 14_2_00007FFD15564070
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD1556C13C 14_2_00007FFD1556C13C
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD155DC444 14_2_00007FFD155DC444
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD15576438 14_2_00007FFD15576438
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD155283E8 14_2_00007FFD155283E8
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD155C8354 14_2_00007FFD155C8354
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD1556030C 14_2_00007FFD1556030C
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD155E2DB0 14_2_00007FFD155E2DB0
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD155F2E10 14_2_00007FFD155F2E10
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD1559CCC4 14_2_00007FFD1559CCC4
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD15512CA8 14_2_00007FFD15512CA8
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD15578CB4 14_2_00007FFD15578CB4
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD155DB05C 14_2_00007FFD155DB05C
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD155ECEB4 14_2_00007FFD155ECEB4
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD1554EEB8 14_2_00007FFD1554EEB8
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD155DCF0C 14_2_00007FFD155DCF0C
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD1559CEFC 14_2_00007FFD1559CEFC
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD1555899C 14_2_00007FFD1555899C
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD1556C8E0 14_2_00007FFD1556C8E0
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD155AE8F8 14_2_00007FFD155AE8F8
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD15522B90 14_2_00007FFD15522B90
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD155D8B98 14_2_00007FFD155D8B98
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD155A4C4C 14_2_00007FFD155A4C4C
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD1559EBEC 14_2_00007FFD1559EBEC
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD155DAAA0 14_2_00007FFD155DAAA0
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD1552AA84 14_2_00007FFD1552AA84
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD15522A84 14_2_00007FFD15522A84
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFCD6B31743 14_2_00007FFCD6B31743
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFCD6B30D9D 14_2_00007FFCD6B30D9D
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFCD6B319A9 14_2_00007FFCD6B319A9
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFCD6D23BE0 14_2_00007FFCD6D23BE0
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFCD6D2CF32 14_2_00007FFCD6D2CF32
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFCD6D2BE79 14_2_00007FFCD6D2BE79
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFCD6D2D615 14_2_00007FFCD6D2D615
Found potential string decryption / allocating functions
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: String function: 00DC9CE0 appears 34 times
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: String function: 00DB71C0 appears 428 times
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: String function: 00E461B0 appears 401 times
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: String function: 00DB7920 appears 110 times
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: String function: 00DB9230 appears 63 times
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: String function: 00DB8250 appears 51 times
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: String function: 00DB9860 appears 67 times
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: String function: 00EDC1B5 appears 63 times
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: String function: 00007FFD1551D10C appears 52 times
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: String function: 00007FFD1558637C appears 144 times
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: String function: 00007FFD155209E4 appears 34 times
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: String function: 00007FFD155DF570 appears 49 times
Sample file is different than original file name gathered from version info
Source: ReefMasterSonarViewer1.1.42.exe, 00000005.00000003.150084614346.000000000653D000.00000004.00000020.00020000.00000000.sdmp Binary or memory string: OriginalFilenameAICustAct.dllF vs ReefMasterSonarViewer1.1.42.exe
Source: ReefMasterSonarViewer1.1.42.exe, 00000005.00000002.150089668826.0000000006584000.00000004.00000020.00020000.00000000.sdmp Binary or memory string: OriginalFilenamemsi.dllX vs ReefMasterSonarViewer1.1.42.exe
Source: ReefMasterSonarViewer1.1.42.exe, 00000005.00000003.150053347326.0000000006560000.00000004.00000020.00020000.00000000.sdmp Binary or memory string: OriginalFilenamemsi.dllX vs ReefMasterSonarViewer1.1.42.exe
Source: ReefMasterSonarViewer1.1.42.exe, 00000005.00000002.150089467018.000000000653D000.00000004.00000020.00020000.00000000.sdmp Binary or memory string: OriginalFilenameAICustAct.dllF vs ReefMasterSonarViewer1.1.42.exe
Source: ReefMasterSonarViewer1.1.42.exe, 00000005.00000003.150084107237.0000000006584000.00000004.00000020.00020000.00000000.sdmp Binary or memory string: OriginalFilenamemsi.dllX vs ReefMasterSonarViewer1.1.42.exe
Source: ReefMasterSonarViewer1.1.42.exe, 00000005.00000003.150082237170.0000000006560000.00000004.00000020.00020000.00000000.sdmp Binary or memory string: OriginalFilenameAICustAct.dllF vs ReefMasterSonarViewer1.1.42.exe
Source: ReefMasterSonarViewer1.1.42.exe, 00000005.00000003.150082237170.0000000006560000.00000004.00000020.00020000.00000000.sdmp Binary or memory string: OriginalFilenamemsi.dllX vs ReefMasterSonarViewer1.1.42.exe
Source: ReefMasterSonarViewer1.1.42.exe, 00000005.00000003.150082421167.000000000653A000.00000004.00000020.00020000.00000000.sdmp Binary or memory string: OriginalFilenameAICustAct.dllF vs ReefMasterSonarViewer1.1.42.exe
Source: ReefMasterSonarViewer1.1.42.exe, 00000005.00000003.149766463670.0000000003EF0000.00000004.00000020.00020000.00000000.sdmp Binary or memory string: OriginalFilenamewininet.dllD vs ReefMasterSonarViewer1.1.42.exe
Source: ReefMasterSonarViewer1.1.42.exe, 00000005.00000002.150089832258.0000000006733000.00000004.00000020.00020000.00000000.sdmp Binary or memory string: OriginalFileNameRe vs ReefMasterSonarViewer1.1.42.exe
Source: ReefMasterSonarViewer1.1.42.exe, 00000005.00000003.150083127641.0000000006583000.00000004.00000020.00020000.00000000.sdmp Binary or memory string: OriginalFilenamemsi.dllX vs ReefMasterSonarViewer1.1.42.exe
Source: ReefMasterSonarViewer1.1.42.exe, 00000009.00000003.150007036664.00000000039D2000.00000004.00000020.00020000.00000000.sdmp Binary or memory string: OriginalFileNameReefMasterSonarViewer1.1.42.aiuiP vs ReefMasterSonarViewer1.1.42.exe
Source: ReefMasterSonarViewer1.1.42.exe, 00000009.00000003.149953380192.00000000039D4000.00000004.00000020.00020000.00000000.sdmp Binary or memory string: OriginalFilenamewininet.dllD vs ReefMasterSonarViewer1.1.42.exe
Source: ReefMasterSonarViewer1.1.42.exe Binary or memory string: OriginalFileNameReefMasterSonarViewer1.1.42.aiuiP vs ReefMasterSonarViewer1.1.42.exe
Source: ReefMasterSonarViewer1.1.42.exe Binary or memory string: OriginalFilenamelzmaextractor.dllF vs ReefMasterSonarViewer1.1.42.exe
Source: ReefMasterSonarViewer1.1.42.exe Binary or memory string: OriginalFilenameAICustAct.dllF vs ReefMasterSonarViewer1.1.42.exe
Source: ReefMasterSonarViewer1.1.42.exe Binary or memory string: OriginalFilenameSoftwareDetector.dllF vs ReefMasterSonarViewer1.1.42.exe
Source: ReefMasterSonarViewer1.1.42.exe Binary or memory string: OriginalFilenamePrereq.dllF vs ReefMasterSonarViewer1.1.42.exe
Source: ReefMasterSonarViewer1.1.42.exe Binary or memory string: OriginalFilenameExternalUICleaner.dllF vs ReefMasterSonarViewer1.1.42.exe
Uses 32bit PE files
Source: ReefMasterSonarViewer1.1.42.exe Static PE information: EXECUTABLE_IMAGE, LARGE_ADDRESS_AWARE, 32BIT_MACHINE
Source: TurboActivate.dll.6.dr Binary string: SHA-512SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\%s\ConnectionPnpInstanceIDWQLroot\wmi OR DeviceName="\\DEVICE\\SELECT InstanceName, DeviceName FROM MSNdis_EnumerateAdapter WHERE DeviceName="\\DEVICE\\DeviceName"SELECT InstanceName, NdisPermanentAddress FROM MSNdis_EthernetPermanentAddress WHERE InstanceName="InstanceNameNdisPermanentAddress OR InstanceName="EnableAddressReturnValueWin32_NetworkAdapter.DeviceID="root\StandardCimv2DisableDeviceIDSELECT DeviceID, PermanentAddress FROM MSFT_NetAdapter WHERE (Virtual = FALSE OR PNPDeviceID LIKE "XEN%\\%" OR PNPDeviceID LIKE "VMBUS\\%") AND (InterfaceType = 6 OR InterfaceType = 71) AND NOT NdisPhysicalMedium = 10SELECT GUID, DeviceID FROM Win32_NetworkAdapter WHERE PhysicalAdapter = TRUE AND (PNPDeviceID LIKE "PCI\\%" OR PNPDeviceID LIKE "USB\\%" OR PNPDeviceID LIKE "SD\\%" OR PNPDeviceID LIKE "XEN%\\%" OR PNPDeviceID LIKE "VMBUS\\%" OR PNPDeviceID LIKE "%BDRV\\%") AND NOT ServiceName LIKE "usbrndis%"PermanentAddressroot\cimv2GUIDSelect Model from Win32_DiskDriveWinmgmtSelect SystemDrive from Win32_OperatingSystemModelASSOCIATORS OF {Win32_LogicalDisk.DeviceID="SystemDriveASSOCIATORS OF {Win32_DiskPartition.DeviceID=""} WHERE AssocClass = Win32_LogicalDiskToPartition KEYSONLYSelect Model, SerialNumber from Win32_DiskDrive WHERE DeviceID=""} WHERE AssocClass = Win32_DiskDriveToDiskPartition KEYSONLYSelect Name, SerialNumber, SMBIOSBIOSVersion, Manufacturer, Version from Win32_BIOSSerialNumberParallelsVMwareSMBIOSBIOSVersionNameManufacturerVirtualBoxVersionXenProductSelect Product, Manufacturer from Win32_BaseBoardProcessorIdSelect ProcessorId, Name, Manufacturer from Win32_ProcessorCapacitySelect Capacity from Win32_PhysicalMemorySbieDll.dll
Source: classification engine Classification label: sus36.evad.winEXE@11/149@1/2
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 9_2_00E4DE60 FormatMessageW,GetLastError, 9_2_00E4DE60
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00E72ED0 GetDiskFreeSpaceExW, 5_2_00E72ED0
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00E5A100 GetCurrentProcessId,GetCurrentProcessId,GetCurrentProcessId,CreateToolhelp32Snapshot,CloseHandle,Process32FirstW,Process32NextW,Process32NextW,CloseHandle,CloseHandle, 5_2_00E5A100
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD1552BABC CoCreateInstance,SysAllocString,SysFreeString,CoSetProxyBlanket,SysAllocString,SysAllocString,SysFreeString,SysFreeString,VariantClear,VariantClear,SysAllocString,GetModuleHandleW,GetProcAddress,SysAllocString,VariantClear,VariantClear,SysFreeString,SysFreeString,CoUninitialize, 14_2_00007FFD1552BABC
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00DB90F0 LoadResource,LockResource,SizeofResource, 5_2_00DB90F0
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD1552C484 GetModuleHandleW,GetProcAddress,GetAdaptersInfo,GetAdaptersInfo,RegOpenKeyExA,RegQueryValueExW,RegQueryValueExW,RegCloseKey,CoInitializeEx,CoCreateInstance,SysAllocString,OpenSCManagerW,OpenServiceW,QueryServiceConfigW,GetLastError,LocalAlloc,QueryServiceConfigW,ChangeServiceConfigW,LocalFree,CloseServiceHandle,CloseServiceHandle,CoSetProxyBlanket,SysAllocString,SysFreeString,SysFreeString,SysAllocString,SysFreeString,VariantClear,SysStringLen,VariantClear,SysAllocString,SysFreeString,SysAllocString,VariantClear,SysFreeString,SysAllocString,VariantClear,SysFreeString,SysAllocString,SysStringLen,VariantClear,VariantClear,VariantClear,VariantClear,VariantClear,SysFreeString,VariantClear,SysAllocString,SysFreeString,VariantClear,SysStringLen,VariantClear,VariantClear,VariantClear,VariantClear,SysAllocString,SysFreeString,VariantClear,VariantClear,SysAllocString,SysFreeString,SysStringLen,VariantClear,VariantClear,VariantClear,VariantClear,SysAllocString,SysFreeString,SysStringLen,VariantClear,VariantClear,SysFreeString,SysFreeString,CoUninitialize, 14_2_00007FFD1552C484
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\ReefMaster Software Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe File created: C:\Users\user\AppData\Roaming\ReefMaster Software Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Mutant created: NULL
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Mutant created: \Sessions\1\BaseNamedObjects\8247f3dc-c865-4a80-887e-4fd45a960a00
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe File created: C:\Users\user\AppData\Local\Temp\shiD7E2.tmp Jump to behavior
Source: ReefMasterSonarViewer1.1.42.exe Static PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe WMI Queries: IWbemServices::ExecQuery - root\cimv2 : Select ProcessorId, Name, Manufacturer from Win32_Processor
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe File read: C:\Users\desktop.ini Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Key opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers Jump to behavior
Source: ReefMasterSonarViewer.exe String found in binary or memory: firstbit_hi(i) -> shift/bine/add sequence <| MR.Gen_RequiredTranslate
Source: ReefMasterSonarViewer.exe String found in binary or memory: firstbitlow(i) -> shift/bine/add sequence <| MR.Gen_RequiredTranslate
Source: ReefMasterSonarViewer.exe String found in binary or memory: firstbit_shi(i) -> shift/bine/add sequence <| MR.Gen_RequiredTranslate
Source: ReefMasterSonarViewer.exe String found in binary or memory: countbits(i) -> and/shift/add sequence <| MR.Gen_RequiredTranslate
Source: ReefMasterSonarViewer1.1.42.exe String found in binary or memory: INSERT INTO `` (`Property`, `Order`, `Value`, `Text`) VALUES (?,?,?,?) TEMPORARYComboBoxListBoxSELECT * FROM `%s` WHERE `Property`='%s' AND `Value`='%s'SELECT * FROM `%s` WHERE `Property`='%s'Edit[1]SELECT `Message` FROM `Error` WHERE `Error` = %sSELECT `Text` FROM `UIText` WHERE `Key` = '%s'tmpALLUSERS = 1SELECT `Attributes` FROM `Control` WHERE `Dialog_` = '%s' AND `Control` = '%s'WS_BORDERWS_CAPTIONWS_CHILDWS_CHILDWINDOWWS_CLIPCHILDRENWS_CLIPSIBLINGSWS_DISABLEDWS_DLGFRAMEWS_GROUPWS_HSCROLLWS_ICONICWS_SIZEBOXWS_SYSMENUWS_TABSTOPWS_THICKFRAMEWS_VISIBLEWS_VSCROLLWS_MAXIMIZEBOXWS_MAXIMIZEWS_MINIMIZEBOXWS_MINIMIZEWS_OVERLAPPEDWINDOWWS_OVERLAPPEDWS_POPUPWINDOWWS_POPUPWS_TILEDWINDOWWS_TILEDWS_EX_ACCEPTFILESWS_EX_APPWINDOWWS_EX_CLIENTEDGEWS_EX_CONTEXTHELPWS_EX_CONTROLPARENTWS_EX_DLGMODALFRAMEWS_EX_LEFTWS_EX_LEFTSCROLLBARWS_EX_LTRREADINGWS_EX_MDICHILDWS_EX_NOPARENTNOTIFYWS_EX_OVERLAPPEDWINDOWWS_EX_PALETTEWINDOWWS_EX_RTLREADINGWS_EX_STATICEDGEWS_EX_TOOLWINDOWWS_EX_TOPMOSTWS_EX_TRANSPARENTWS_EX_WINDOWEDGEWS_EX_RIGHTSCROLLBARWS_EX_RIGHTWS_EX_LAYEREDWS_EX_NOACTIVATEWS_EX_NOINHERITLAYOUTWS_EX_LAYOUTRTLWS_EX_COMPOSITEDWS_EXAI_TRIAL_MESSAGE_BODYAI_MSM_TRIAL_MESSAGE_BODYAI_APP_FILEAI_README_FILEAI_APP_ARGSAI_RUN_AS_ADMINMsiLogFileLocation[ProgramFilesFolder][LocalAppDataFolder]Programs\[ProgramFiles64Folder][CommonFilesFolder][LocalAppDataFolder]Programs\Common\[CommonFiles64Folder][AI_ProgramFiles][WindowsFolder][LocalAppDataFolder][SystemFolder][WindowsVolume][ProgramMenuFolder][DesktopFolder][StartupFolder][TemplateFolder][AdminToolsFolder]MIGRATEFindRelatedProductsMigrateFeatureStatesAI_SETMIXINSTLOCATIONAPPDIRAI_RESTORE_LOCATIONSELECT `ActionProperty` FROM `Upgrade`ProgramMenuFolderAI_SH_INITEDSELECT `Action`,`Target` FROM `CustomAction`SET_APPDIRSET_SHORTCUTDIRSELECT * FROM `Control` WHERE `Dialog_` = 'VerifyReadyDlg' AND `Control` = 'Install'AI_INSTALLPERUSER = "0"InstallVerifyReadyDlgSHORTCUTDIRALLUSERS = "2"MSIINSTALLPERUSER = "1"ALLUSERSVersionMsi >= "5.0"2AI_INSTALLPERUSER = "1"MSIINSTALLPERUSERAI_NEWINSTProductLanguageAI_INTANCE_LOCATIONAI_UPGRADENoLanguageVersionStringInstallLocationAI_REPLACE_PRODUCTSAI_Replaced_Versions_ListAI_Upgrade_Replace_Question_YesBackUp_AI_Upgrade_Question_YesAI_Upgrade_Question_YesAI_Upgrade_Replace_Question_NoBackUp_AI_Upgrade_Question_NoAI_Upgrade_Question_NoYesDELETE FROM `Shortcut` WHERE `Shortcut`.`Directory_`='%s'DELETE FROM `IniFile` WHERE `IniFile`.`Section`='InternetShortcut' AND`IniFile`.`DirProperty`='%s'SELECT * FROM `%s`ShortcutIniFileAI_DESKTOP_SH0AI_STARTMENU_SHAI_QUICKLAUNCH_SHAI_STARTUP_SHAI_SHORTCUTSREGNot InstalledDesktopFolderQuickLaunch_DirStartupFolderAI_SH_DIRProductName*.*Riched20.dll -user -machine -quiet -addgroup All_CodeMy_Computer_Zone -url "*" Nothing -name "" -addgroup " FullTrust -remgroup "SELECT `Component` FROM `Component`AI_ARP_SIZEARPPRODUCTICONWindowsFolderAppDataFolderInstallerARP_ICON_PATHMicrosoftAI_BIND_TCP_HOSTAI_SEARCH_TCP_PORTSockErrorAI_PORT_TEST_RESFreePortAI_BIND_TCP
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe File read: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Jump to behavior
Source: unknown Process created: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe "C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe"
Source: unknown Process created: C:\Windows\System32\msiexec.exe C:\Windows\system32\msiexec.exe /V
Source: C:\Windows\System32\msiexec.exe Process created: C:\Windows\SysWOW64\msiexec.exe C:\Windows\syswow64\MsiExec.exe -Embedding 814FD75CA49A0CAF6F4632D049971993 C
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Process created: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe "C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe" /i "C:\Users\user\AppData\Roaming\ReefMaster Software\ReefMaster Sonar Viewer 1.1.42.0\install\ReefMasterSonarViewer1.1.42.msi" AI_EUIMSI=1 SHORTCUTDIR="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ReefMaster Sonar Viewer" APPDIR="C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer" SECONDSEQUENCE="1" CLIENTPROCESSID="3408" CHAINERUIPROCESSID="3408Chainer" ACTION="INSTALL" EXECUTEACTION="INSTALL" CLIENTUILEVEL="0" ADDLOCAL="MainFeature" ALLUSERS="1" PRIMARYFOLDER="APPDIR" ROOTDRIVE="C:\" AI_FOUND_PREREQS=".NET Framework 4.5" AI_DETECTED_DOTNET_VERSION="4.8" AI_SETUPEXEPATH="C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe" SETUPEXEDIR="C:\Users\user\Desktop\" EXE_CMD_LINE="/exenoupdates /forcecleanup /wintime 1714054620 " AI_SETUPEXEPATH_ORIGINAL="C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe" TARGETDIR="C:\" AI_INSTALL="1"
Source: C:\Windows\System32\msiexec.exe Process created: C:\Windows\SysWOW64\msiexec.exe C:\Windows\syswow64\MsiExec.exe -Embedding 775B6AE01A687B1CA3B58C881C9C64E9
Source: unknown Process created: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe "C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe"
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process created: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\sonarviewer_updater.exe "C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\sonarviewer_updater.exe" /justcheck
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Process created: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe "C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe" /i "C:\Users\user\AppData\Roaming\ReefMaster Software\ReefMaster Sonar Viewer 1.1.42.0\install\ReefMasterSonarViewer1.1.42.msi" AI_EUIMSI=1 SHORTCUTDIR="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ReefMaster Sonar Viewer" APPDIR="C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer" SECONDSEQUENCE="1" CLIENTPROCESSID="3408" CHAINERUIPROCESSID="3408Chainer" ACTION="INSTALL" EXECUTEACTION="INSTALL" CLIENTUILEVEL="0" ADDLOCAL="MainFeature" ALLUSERS="1" PRIMARYFOLDER="APPDIR" ROOTDRIVE="C:\" AI_FOUND_PREREQS=".NET Framework 4.5" AI_DETECTED_DOTNET_VERSION="4.8" AI_SETUPEXEPATH="C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe" SETUPEXEDIR="C:\Users\user\Desktop\" EXE_CMD_LINE="/exenoupdates /forcecleanup /wintime 1714054620 " AI_SETUPEXEPATH_ORIGINAL="C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe" TARGETDIR="C:\" AI_INSTALL="1" Jump to behavior
Source: C:\Windows\System32\msiexec.exe Process created: C:\Windows\SysWOW64\msiexec.exe C:\Windows\syswow64\MsiExec.exe -Embedding 814FD75CA49A0CAF6F4632D049971993 C Jump to behavior
Source: C:\Windows\System32\msiexec.exe Process created: C:\Windows\SysWOW64\msiexec.exe C:\Windows\syswow64\MsiExec.exe -Embedding 775B6AE01A687B1CA3B58C881C9C64E9 Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process created: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\sonarviewer_updater.exe "C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\sonarviewer_updater.exe" /justcheck Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: edgegdi.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: windowscodecs.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: msi.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: usp10.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: msls31.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: version.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: mpr.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: uxtheme.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: profapi.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: userenv.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: dwmapi.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: davhlpr.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: msimg32.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: dbghelp.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: wininet.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: urlmon.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: iertutil.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: srvcli.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: netutils.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: cabinet.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: propsys.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: rsaenh.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: apphelp.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: msasn1.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: lpk.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: msihnd.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: cryptsp.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: secur32.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: kernel.appcore.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: riched20.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: windows.storage.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: wldp.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: atlthunk.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: textinputframework.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: coreuicomponents.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: coremessaging.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: ntmarta.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: wintypes.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: wintypes.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: wintypes.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: textshaping.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: explorerframe.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: tsappcmp.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: cryptbase.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: msisip.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: gpapi.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: mscoree.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: sspicli.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: pcacli.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: edputil.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: windows.staterepositoryps.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: appresolver.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: bcp47langs.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: slc.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: sppc.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: onecorecommonproxystub.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: onecoreuapcommonproxystub.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: taskschd.dll Jump to behavior
Source: C:\Windows\System32\msiexec.exe Section loaded: apphelp.dll Jump to behavior
Source: C:\Windows\System32\msiexec.exe Section loaded: aclayers.dll Jump to behavior
Source: C:\Windows\System32\msiexec.exe Section loaded: sfc.dll Jump to behavior
Source: C:\Windows\System32\msiexec.exe Section loaded: sfc_os.dll Jump to behavior
Source: C:\Windows\System32\msiexec.exe Section loaded: edgegdi.dll Jump to behavior
Source: C:\Windows\System32\msiexec.exe Section loaded: kernel.appcore.dll Jump to behavior
Source: C:\Windows\System32\msiexec.exe Section loaded: msi.dll Jump to behavior
Source: C:\Windows\System32\msiexec.exe Section loaded: tsappcmp.dll Jump to behavior
Source: C:\Windows\System32\msiexec.exe Section loaded: userenv.dll Jump to behavior
Source: C:\Windows\System32\msiexec.exe Section loaded: profapi.dll Jump to behavior
Source: C:\Windows\System32\msiexec.exe Section loaded: sspicli.dll Jump to behavior
Source: C:\Windows\System32\msiexec.exe Section loaded: netapi32.dll Jump to behavior
Source: C:\Windows\System32\msiexec.exe Section loaded: wkscli.dll Jump to behavior
Source: C:\Windows\System32\msiexec.exe Section loaded: netutils.dll Jump to behavior
Source: C:\Windows\System32\msiexec.exe Section loaded: srclient.dll Jump to behavior
Source: C:\Windows\System32\msiexec.exe Section loaded: spp.dll Jump to behavior
Source: C:\Windows\System32\msiexec.exe Section loaded: powrprof.dll Jump to behavior
Source: C:\Windows\System32\msiexec.exe Section loaded: vssapi.dll Jump to behavior
Source: C:\Windows\System32\msiexec.exe Section loaded: vsstrace.dll Jump to behavior
Source: C:\Windows\System32\msiexec.exe Section loaded: umpdc.dll Jump to behavior
Source: C:\Windows\System32\msiexec.exe Section loaded: dsrole.dll Jump to behavior
Source: C:\Windows\System32\msiexec.exe Section loaded: msxml3.dll Jump to behavior
Source: C:\Windows\System32\msiexec.exe Section loaded: vss_ps.dll Jump to behavior
Source: C:\Windows\System32\msiexec.exe Section loaded: wldp.dll Jump to behavior
Source: C:\Windows\System32\msiexec.exe Section loaded: msasn1.dll Jump to behavior
Source: C:\Windows\System32\msiexec.exe Section loaded: cryptsp.dll Jump to behavior
Source: C:\Windows\System32\msiexec.exe Section loaded: rsaenh.dll Jump to behavior
Source: C:\Windows\System32\msiexec.exe Section loaded: cryptbase.dll Jump to behavior
Source: C:\Windows\System32\msiexec.exe Section loaded: msisip.dll Jump to behavior
Source: C:\Windows\System32\msiexec.exe Section loaded: gpapi.dll Jump to behavior
Source: C:\Windows\System32\msiexec.exe Section loaded: mscoree.dll Jump to behavior
Source: C:\Windows\System32\msiexec.exe Section loaded: version.dll Jump to behavior
Source: C:\Windows\System32\msiexec.exe Section loaded: vcruntime140_clr0400.dll Jump to behavior
Source: C:\Windows\System32\msiexec.exe Section loaded: ucrtbase_clr0400.dll Jump to behavior
Source: C:\Windows\System32\msiexec.exe Section loaded: ucrtbase_clr0400.dll Jump to behavior
Source: C:\Windows\System32\msiexec.exe Section loaded: rstrtmgr.dll Jump to behavior
Source: C:\Windows\System32\msiexec.exe Section loaded: ncrypt.dll Jump to behavior
Source: C:\Windows\System32\msiexec.exe Section loaded: ntasn1.dll Jump to behavior
Source: C:\Windows\System32\msiexec.exe Section loaded: windows.storage.dll Jump to behavior
Source: C:\Windows\System32\msiexec.exe Section loaded: pcacli.dll Jump to behavior
Source: C:\Windows\System32\msiexec.exe Section loaded: mpr.dll Jump to behavior
Source: C:\Windows\System32\msiexec.exe Section loaded: ntmarta.dll Jump to behavior
Source: C:\Windows\System32\msiexec.exe Section loaded: cabinet.dll Jump to behavior
Source: C:\Windows\System32\msiexec.exe Section loaded: propsys.dll Jump to behavior
Source: C:\Windows\System32\msiexec.exe Section loaded: linkinfo.dll Jump to behavior
Source: C:\Windows\System32\msiexec.exe Section loaded: ntshrui.dll Jump to behavior
Source: C:\Windows\System32\msiexec.exe Section loaded: srvcli.dll Jump to behavior
Source: C:\Windows\System32\msiexec.exe Section loaded: cscapi.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: apphelp.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: aclayers.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: mpr.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: sfc.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: sfc_os.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: edgegdi.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: kernel.appcore.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: msi.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: netapi32.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: iphlpapi.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: samcli.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: netutils.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: logoncli.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: netapi32.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: version.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: secur32.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: samcli.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: netutils.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: sspicli.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: netapi32.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: iphlpapi.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: samcli.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: netutils.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: logoncli.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: netapi32.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: iphlpapi.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: samcli.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: netutils.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: logoncli.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: netapi32.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: iphlpapi.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: samcli.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: netutils.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: logoncli.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: netapi32.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: iphlpapi.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: samcli.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: netutils.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: logoncli.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: uxtheme.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: windows.storage.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: wldp.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: profapi.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: netapi32.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: version.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: secur32.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: samcli.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: netutils.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: sspicli.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: version.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: netapi32.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: netutils.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: samcli.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: netapi32.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: iphlpapi.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: samcli.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: netutils.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: logoncli.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: netapi32.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: iphlpapi.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: samcli.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: netutils.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: logoncli.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: netapi32.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: iphlpapi.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: samcli.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: netutils.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: logoncli.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: sxs.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: onecorecommonproxystub.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: onecoreuapcommonproxystub.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: netapi32.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: iphlpapi.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: samcli.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: netutils.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: logoncli.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: edgegdi.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: windowscodecs.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: msi.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: usp10.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: msls31.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: version.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: mpr.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: uxtheme.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: profapi.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: userenv.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: dwmapi.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: davhlpr.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: msimg32.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: dbghelp.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: wininet.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: urlmon.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: iertutil.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: srvcli.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: netutils.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: cabinet.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: propsys.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: rsaenh.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: apphelp.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: msasn1.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: lpk.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: msihnd.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: cryptsp.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: secur32.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: kernel.appcore.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: riched20.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: windows.storage.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: wldp.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: tsappcmp.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: cryptbase.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: msisip.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: gpapi.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: mscoree.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: sspicli.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: pcacli.dll Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Section loaded: ntmarta.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: apphelp.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: aclayers.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: mpr.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: sfc.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: sfc_os.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: edgegdi.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: kernel.appcore.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: msi.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: netapi32.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: iphlpapi.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: samcli.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: netutils.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: logoncli.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: uxtheme.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: windows.storage.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: wldp.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: profapi.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: netapi32.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: iphlpapi.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: samcli.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: netutils.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: logoncli.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: version.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: netapi32.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: netutils.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: samcli.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: netapi32.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: iphlpapi.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: samcli.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: netutils.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: logoncli.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: version.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: netapi32.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: netutils.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: samcli.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: netapi32.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: iphlpapi.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: samcli.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: netutils.dll Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: logoncli.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: mscoree.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: apphelp.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: kernel.appcore.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: version.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: vcruntime140_clr0400.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: ucrtbase_clr0400.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: ucrtbase_clr0400.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: edgegdi.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: uxtheme.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: cryptsp.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: rsaenh.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: cryptbase.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: dwrite.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: msvcp140_clr0400.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: windows.storage.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: wldp.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: profapi.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: urlmon.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: iertutil.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: srvcli.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: netutils.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: sspicli.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: propsys.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: msasn1.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: riched20.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: usp10.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: msls31.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: gpapi.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: ntmarta.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: dwmapi.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: d3d9.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: windowscodecs.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: mscms.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: userenv.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: coloradapterclient.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: windowscodecsext.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: icm32.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: dlnashext.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: wpdshext.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: edputil.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: windows.staterepositoryps.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: wintypes.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: appresolver.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: bcp47langs.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: slc.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: sppc.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: onecorecommonproxystub.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: onecoreuapcommonproxystub.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: dxgi.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: resourcepolicyclient.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: d3d11.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: ncrypt.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: ntasn1.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: dxcore.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: d3d10warp.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: ncrypt.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: ntasn1.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: ncrypt.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: ntasn1.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: winhttp.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: iphlpapi.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: secur32.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: wbemcomn.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: amsi.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: dhcpcsvc6.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: dhcpcsvc.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: ondemandconnroutehelper.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: mswsock.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: dnsapi.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: rasadhlp.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: fwpuclnt.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: schannel.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: mskeyprotect.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: ntasn1.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: ncrypt.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: ncryptsslp.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: wtsapi32.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: winsta.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: powrprof.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: umpdc.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: dataexchange.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: dcomp.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: twinapi.appcore.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: resourcepolicyclient.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: textshaping.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: textinputframework.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: coreuicomponents.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: coremessaging.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: msctfui.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: uiautomationcore.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Section loaded: d3dcompiler_47.dll Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\sonarviewer_updater.exe Section loaded: version.dll
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\sonarviewer_updater.exe Section loaded: wininet.dll
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\sonarviewer_updater.exe Section loaded: msi.dll
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\sonarviewer_updater.exe Section loaded: mpr.dll
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\sonarviewer_updater.exe Section loaded: uxtheme.dll
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\sonarviewer_updater.exe Section loaded: edgegdi.dll
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\sonarviewer_updater.exe Section loaded: kernel.appcore.dll
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\sonarviewer_updater.exe Section loaded: riched20.dll
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\sonarviewer_updater.exe Section loaded: usp10.dll
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\sonarviewer_updater.exe Section loaded: msls31.dll
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\sonarviewer_updater.exe Section loaded: iertutil.dll
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\sonarviewer_updater.exe Section loaded: sspicli.dll
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\sonarviewer_updater.exe Section loaded: windows.storage.dll
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\sonarviewer_updater.exe Section loaded: wldp.dll
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\sonarviewer_updater.exe Section loaded: profapi.dll
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\sonarviewer_updater.exe Section loaded: ondemandconnroutehelper.dll
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\sonarviewer_updater.exe Section loaded: winhttp.dll
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\sonarviewer_updater.exe Section loaded: mswsock.dll
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\sonarviewer_updater.exe Section loaded: iphlpapi.dll
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\sonarviewer_updater.exe Section loaded: winnsi.dll
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\sonarviewer_updater.exe Section loaded: urlmon.dll
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\sonarviewer_updater.exe Section loaded: srvcli.dll
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\sonarviewer_updater.exe Section loaded: netutils.dll
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\sonarviewer_updater.exe Section loaded: dnsapi.dll
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\sonarviewer_updater.exe Section loaded: rasadhlp.dll
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\sonarviewer_updater.exe Section loaded: fwpuclnt.dll
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\sonarviewer_updater.exe Section loaded: ntmarta.dll
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Key value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{1f486a52-3cb1-48fd-8f50-b8dc300d9f9d}\InProcServer32 Jump to behavior
Source: C:\Windows\System32\msiexec.exe File written: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\sonarviewer_updater.ini Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Automated click: Next >
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Automated click: Install
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Automated click: Next >
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Automated click: Next >
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Automated click: Next >
Source: Window Recorder Window detected: More than 3 window changes detected
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe File opened: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorrc.dll Jump to behavior
Source: ReefMasterSonarViewer1.1.42.exe Static PE information: certificate valid
Source: ReefMasterSonarViewer1.1.42.exe Static PE information: Virtual size of .text is bigger than: 0x100000
Source: ReefMasterSonarViewer1.1.42.exe Static file information: File size 24704432 > 1048576
Source: ReefMasterSonarViewer1.1.42.exe Static PE information: Raw size of .text is bigger than: 0x100000 < 0x186000
Source: ReefMasterSonarViewer1.1.42.exe Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_IMPORT
Source: ReefMasterSonarViewer1.1.42.exe Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_RESOURCE
Source: ReefMasterSonarViewer1.1.42.exe Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_BASERELOC
Source: ReefMasterSonarViewer1.1.42.exe Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG
Source: ReefMasterSonarViewer1.1.42.exe Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG
Source: ReefMasterSonarViewer1.1.42.exe Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_IAT
Source: ReefMasterSonarViewer1.1.42.exe Static PE information: DYNAMIC_BASE, NX_COMPAT, TERMINAL_SERVER_AWARE
Source: ReefMasterSonarViewer1.1.42.exe Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG
Source: Binary string: wininet.pdb source: ReefMasterSonarViewer1.1.42.exe, 00000005.00000003.149766463670.0000000003EF0000.00000004.00000020.00020000.00000000.sdmp, ReefMasterSonarViewer1.1.42.exe, 00000009.00000003.149953380192.00000000039D4000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\Wyatt\Documents\Visual Studio 2005\Projects\limelm-native-clients\bin64\Release\TurboActivateLib.pdb source: ReefMasterSonarViewer.exe, 0000000E.00000002.151033527663.00007FFD155FE000.00000002.00000001.01000000.0000000E.sdmp
Source: Binary string: C:\JobRelease\win\Release\custact\x86\ExternalUICleaner.pdb, source: ReefMasterSonarViewer1.1.42.exe
Source: Binary string: C:\JobRelease\win\Release\custact\x86\SoftwareDetector.pdb source: ReefMasterSonarViewer1.1.42.exe
Source: Binary string: C:\JobRelease\win\Release\custact\x86\SoftwareDetector.pdb\ source: ReefMasterSonarViewer1.1.42.exe
Source: Binary string: C:\Code\SharpDX\Bin\DirectX11-Signed-net40\SharpDX.DXGI.pdbw source: ReefMasterSonarViewer.exe, 0000000E.00000002.151027384088.000002A45F872000.00000002.00000001.01000000.0000001C.sdmp
Source: Binary string: C:\JobRelease\win\Release\custact\x86\ExternalUICleaner.pdb source: ReefMasterSonarViewer1.1.42.exe
Source: Binary string: C:\JobRelease\win\Release\stubs\x86\ExternalUi.pdbl source: ReefMasterSonarViewer1.1.42.exe
Source: Binary string: C:\JobRelease\win\Release\custact\x86\AICustAct.pdb source: ReefMasterSonarViewer1.1.42.exe, MSIDDD2.tmp.5.dr, MSID8BD.tmp.5.dr, MSIDF1F.tmp.5.dr, MSI5319.tmp.5.dr
Source: Binary string: C:\Code\SharpDX\Bin\DirectX11-Signed-net40\SharpDX.Direct3D9.pdb$k source: SharpDX.Direct3D9.dll.6.dr
Source: Binary string: lease\custact\x86\AICustAct.pdb source: ReefMasterSonarViewer1.1.42.exe, 00000005.00000003.150053688162.0000000006505000.00000004.00000020.00020000.00000000.sdmp, ReefMasterSonarViewer1.1.42.exe, 00000005.00000003.150085724522.0000000006514000.00000004.00000020.00020000.00000000.sdmp, ReefMasterSonarViewer1.1.42.exe, 00000005.00000002.150089288030.0000000006515000.00000004.00000020.00020000.00000000.sdmp, ReefMasterSonarViewer1.1.42.exe, 00000005.00000003.150083019662.000000000650C000.00000004.00000020.00020000.00000000.sdmp, ReefMasterSonarViewer1.1.42.exe, 00000005.00000003.150082522881.0000000006505000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Code\SharpDX\Bin\DirectX11-Signed-net40\SharpDX.Direct3D9.pdb source: SharpDX.Direct3D9.dll.6.dr
Source: Binary string: C:\JobRelease\win\Release\stubs\x86\ExternalUi.pdb source: ReefMasterSonarViewer1.1.42.exe
Source: Binary string: C:\Code\SharpDX\Bin\DirectX11-Signed-net40\SharpDX.Direct3D11.pdb source: ReefMasterSonarViewer.exe, 0000000E.00000002.151018158616.000002A45E9D2000.00000002.00000001.01000000.00000015.sdmp
Source: Binary string: C:\JobRelease\win\Release\custact\x86\Prereq.pdb source: ReefMasterSonarViewer1.1.42.exe
Source: Binary string: C:\JobRelease\win\Release\custact\x86\Prereq.pdbi source: ReefMasterSonarViewer1.1.42.exe
Source: Binary string: D3DCompiler_43.pdb source: ReefMasterSonarViewer.exe, ReefMasterSonarViewer.exe, 0000000E.00000002.151034554218.00007FFD166C1000.00000020.00000001.01000000.0000000C.sdmp
Source: Binary string: C:\Code\SharpDX\Bin\DirectX11-Signed-net40\SharpDX.DXGI.pdb source: ReefMasterSonarViewer.exe, 0000000E.00000002.151027384088.000002A45F872000.00000002.00000001.01000000.0000001C.sdmp
Source: Binary string: C:\Code\SharpDX\Bin\DirectX11-Signed-net40\SharpDX.D3DCompiler.pdb source: SharpDX.D3DCompiler.dll.6.dr
Source: Binary string: wininet.pdbUGP source: ReefMasterSonarViewer1.1.42.exe, 00000005.00000003.149766463670.0000000003EF0000.00000004.00000020.00020000.00000000.sdmp, ReefMasterSonarViewer1.1.42.exe, 00000009.00000003.149953380192.00000000039D4000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Code\SharpDX\Bin\DirectX11-Signed-net40\SharpDX.Direct3D11.pdb$ source: ReefMasterSonarViewer.exe, 0000000E.00000002.151018158616.000002A45E9D2000.00000002.00000001.01000000.00000015.sdmp
Source: Binary string: c:\Products\WpfRibbonBuild\SourceCode\trunk\DevComponents.WPF.Controls\obj\Release\DevComponents.WPF.Controls.pdb source: ReefMasterSonarViewer.exe, 0000000E.00000002.151019455565.000002A45EC72000.00000002.00000001.01000000.0000001A.sdmp
Source: Binary string: c:\Users\Matthew\Documents\Dev\Gong\gong-wpf-dragdrop-master\GongSolutions.Wpf.DragDrop\obj\Debug\GongSolutions.Wpf.DragDrop.pdbD source: ReefMasterSonarViewer.exe, 0000000E.00000002.151027243378.000002A45F6D2000.00000002.00000001.01000000.0000001B.sdmp
Source: Binary string: C:\Code\SharpDX\Bin\DirectX11-Signed-net40\SharpDX.pdb source: ReefMasterSonarViewer.exe, 0000000E.00000002.151018551009.000002A45EA62000.00000002.00000001.01000000.00000017.sdmp
Source: Binary string: c:\Users\Matthew\Documents\Dev\Gong\gong-wpf-dragdrop-master\GongSolutions.Wpf.DragDrop\obj\Debug\GongSolutions.Wpf.DragDrop.pdb source: ReefMasterSonarViewer.exe, 0000000E.00000002.151027243378.000002A45F6D2000.00000002.00000001.01000000.0000001B.sdmp
Source: Binary string: D3DCompiler_43.pdbH source: ReefMasterSonarViewer.exe, 0000000E.00000002.151034554218.00007FFD166C1000.00000020.00000001.01000000.0000000C.sdmp
Source: Binary string: C:\JobRelease\win\Release\custact\x86\lzmaextractor.pdb source: ReefMasterSonarViewer1.1.42.exe
Source: Binary string: C:\JobRelease\win\Release\custact\x86\AICustAct.pdbg source: ReefMasterSonarViewer1.1.42.exe, MSIDDD2.tmp.5.dr, MSID8BD.tmp.5.dr, MSIDF1F.tmp.5.dr, MSI5319.tmp.5.dr
Source: Binary string: C:\JobRelease\win\Release\stubs\x86\Updater.pdb source: sonarviewer_updater.exe, 0000000F.00000002.150116550309.0000000000E3B000.00000002.00000001.01000000.0000000D.sdmp, sonarviewer_updater.exe, 0000000F.00000000.150093611695.0000000000E3B000.00000002.00000001.01000000.0000000D.sdmp
Source: ReefMasterSonarViewer1.1.42.exe Static PE information: Data directory: IMAGE_DIRECTORY_ENTRY_IMPORT is in: .rdata
Source: ReefMasterSonarViewer1.1.42.exe Static PE information: Data directory: IMAGE_DIRECTORY_ENTRY_RESOURCE is in: .rsrc
Source: ReefMasterSonarViewer1.1.42.exe Static PE information: Data directory: IMAGE_DIRECTORY_ENTRY_BASERELOC is in: .reloc
Source: ReefMasterSonarViewer1.1.42.exe Static PE information: Data directory: IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG is in: .rdata
Source: ReefMasterSonarViewer1.1.42.exe Static PE information: Data directory: IMAGE_DIRECTORY_ENTRY_IAT is in: .rdata
Contains functionality to dynamically determine API calls
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00E4DF80 LoadLibraryW,GetProcAddress,GetSystemMetrics,GetSystemMetrics,GetSystemMetrics,LoadImageW,FreeLibrary, 5_2_00E4DF80
PE file contains sections with non-standard names
Source: shiD7E2.tmp.5.dr Static PE information: section name: .wpp_sf
Source: shiD7E2.tmp.5.dr Static PE information: section name: .didat
Uses code obfuscation techniques (call, push, ret)
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_3_0091F3C8 push eax; ret 5_3_0091F3C9
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_3_0091F3C8 push eax; ret 5_3_0091F3C9
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_3_0091F3C8 push eax; ret 5_3_0091F3C9
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_3_0091F3C8 push eax; ret 5_3_0091F3C9
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00EDE98C push ecx; ret 5_2_00EDE99F
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00E2D2C0 push ecx; mov dword ptr [esp], 3F800000h 5_2_00E2D408
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00DC5270 push ecx; mov dword ptr [esp], ecx 5_2_00DC5271
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 9_3_013385B1 push es; ret 9_3_013385B2
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 9_3_0133847D push es; ret 9_3_0133847E
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 9_3_01338523 push es; iretd 9_3_0133859C
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 9_3_013384A5 push es; iretd 9_3_0133859C
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 9_2_00EDE98C push ecx; ret 9_2_00EDE99F
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 9_2_00E2D2C0 push ecx; mov dword ptr [esp], 3F800000h 9_2_00E2D408
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 9_2_00DC5270 push ecx; mov dword ptr [esp], ecx 9_2_00DC5271
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 9_2_00E0DB70 push ecx; mov dword ptr [esp], 3F800000h 9_2_00E0DC02
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD155E253A push rax; ret 14_2_00007FFD155E253D
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD166C1614 pushfq ; iretd 14_2_00007FFD166C1631
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD166CC344 push rax; ret 14_2_00007FFD166CC371
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFCD6B376D0 push ebp; ret 14_2_00007FFCD6B3779A
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFCD6B377B1 push ebp; ret 14_2_00007FFCD6B3779A
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFCD6B375BC push ebp; ret 14_2_00007FFCD6B3779A
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFCD6B342FF push ebp; ret 14_2_00007FFCD6B34302
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFCD6B3430F push ebp; ret 14_2_00007FFCD6B34312
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFCD6B37947 push ebx; retf 14_2_00007FFCD6B3794A
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFCD6B300BD pushad ; iretd 14_2_00007FFCD6B300C1
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFCD6D22680 pushad ; retf D6D0h 14_2_00007FFCD6D22959
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFCD6D2CEF9 push ecx; retf 14_2_00007FFCD6D2CEFC
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFCD6D2D529 pushad ; ret 14_2_00007FFCD6D2D52A
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFCD6D2D4D7 push eax; ret 14_2_00007FFCD6D2D4D8
Drops PE files
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\FileDb.dll Jump to dropped file
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe File created: C:\Users\user\AppData\Local\Temp\MSI5319.tmp Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMaster.Models.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Windows\Installer\MSI243E.tmp Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\GongSolutions.Wpf.DragDrop.dll Jump to dropped file
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe File created: C:\ProgramData\Caphyon\Advanced Installer\{53A352F5-DB53-4EE6-976A-81BBB0A97267}\ReefMasterSonarViewer1.1.42.exe Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMaster.Core.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\DevComponents.WpfRibbon.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\SharpDX.Direct3D9.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMaster.ViewModels.dll Jump to dropped file
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe File created: C:\Users\user\AppData\Local\Temp\MSIDEE0.tmp Jump to dropped file
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe File created: C:\Users\user\AppData\Local\Temp\shi20F1.tmp Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\x86\D3DCompiler_43.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Windows\Installer\MSI23EF.tmp Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\TurboActivate.dll Jump to dropped file
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe File created: C:\Users\user\AppData\Local\Temp\MSID8BD.tmp Jump to dropped file
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe File created: C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_3408\ExternalUICleaner.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\TurboActivate64.dll Jump to dropped file
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe File created: C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_3408\lzmaextractor.dll Jump to dropped file
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe File created: C:\Users\user\AppData\Local\Temp\MSIDD63.tmp Jump to dropped file
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe File created: C:\Users\user\AppData\Local\Temp\MSID94B.tmp Jump to dropped file
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe File created: C:\Users\user\AppData\Local\Temp\MSIDDA2.tmp Jump to dropped file
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe File created: C:\Users\user\AppData\Roaming\ReefMaster Software\ReefMaster Sonar Viewer 1.1.42.0\install\ReefMasterSonarViewer1.1.42.aiui Jump to dropped file
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe File created: C:\Users\user\AppData\Local\Temp\MSIDDD2.tmp Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\sonarviewer_updater.exe Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Windows\Installer\MSI24CD.tmp Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\DevComponents.WPF.Controls.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\DevComponents.WPF.Metro.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\DevComponents.WpfEditors.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\SharpDX.DXGI.dll Jump to dropped file
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe File created: C:\Users\user\AppData\Local\Temp\MSIDE70.tmp Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\SharpDX.Direct3D11.dll Jump to dropped file
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe File created: C:\Users\user\AppData\Local\Temp\shiD7E2.tmp Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\de\ReefMasterSonarViewer.resources.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\nl\ReefMasterSonarViewer.resources.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Windows\Installer\MSI247E.tmp Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\x64\D3DCompiler_43.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\SharpDX.D3DCompiler.dll Jump to dropped file
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe File created: C:\Users\user\AppData\Local\Temp\MSIDE02.tmp Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\TurboActivate.exe Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\DotSpatial.Positioning.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Windows\Installer\MSI27FB.tmp Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\fr\ReefMasterSonarViewer.resources.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Windows\Installer\MSI2371.tmp Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMaster.FileHandling.dll Jump to dropped file
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe File created: C:\Users\user\AppData\Local\Temp\MSIDEC0.tmp Jump to dropped file
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe File created: C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_3408\aicustact.dll Jump to dropped file
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe File created: C:\Users\user\AppData\Local\Temp\MSIDF1F.tmp Jump to dropped file
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe File created: C:\Users\user\AppData\Local\Temp\MSI527C.tmp Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\SharpDX.dll Jump to dropped file
Drops PE files to the application program directory (C:\ProgramData)
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe File created: C:\ProgramData\Caphyon\Advanced Installer\{53A352F5-DB53-4EE6-976A-81BBB0A97267}\ReefMasterSonarViewer1.1.42.exe Jump to dropped file
Drops PE files to the windows directory (C:\Windows)
Source: C:\Windows\System32\msiexec.exe File created: C:\Windows\Installer\MSI27FB.tmp Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Windows\Installer\MSI243E.tmp Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Windows\Installer\MSI2371.tmp Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Windows\Installer\MSI247E.tmp Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Windows\Installer\MSI24CD.tmp Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Windows\Installer\MSI23EF.tmp Jump to dropped file
Drops files with a non-matching file extension (content does not match file extension)
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe File created: C:\Users\user\AppData\Roaming\ReefMaster Software\ReefMaster Sonar Viewer 1.1.42.0\install\ReefMasterSonarViewer1.1.42.aiui Jump to dropped file
Modifies existing windows services
Source: C:\Windows\System32\msiexec.exe Registry key value modified: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\VSS\Diag\SystemRestore Jump to behavior
Stores files to the Windows start menu directory
Source: C:\Windows\System32\msiexec.exe File created: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ReefMaster Sonar Viewer Jump to behavior
Source: C:\Windows\System32\msiexec.exe File created: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ReefMaster Sonar Viewer\ReefMaster Sonar Viewer.lnk Jump to behavior
Extensive use of GetProcAddress (often used to hide API calls)
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD155B7218 GetModuleHandleW,GetProcAddress,GetModuleHandleW,GetProcAddress,GetModuleHandleW,GetProcAddress,GetModuleHandleW,GetProcAddress,GetModuleHandleW,GetProcAddress,GetModuleHandleW,GetProcAddress,GetModuleHandleW,GetProcAddress,GetModuleHandleW,GetProcAddress,GetModuleHandleW,GetProcAddress,GetModuleHandleW,GetProcAddress,GetModuleHandleW,GetProcAddress,GetModuleHandleW,GetProcAddress,GetModuleHandleW,GetProcAddress,GetModuleHandleW,GetProcAddress,GetModuleHandleW,GetProcAddress,GetModuleHandleW,GetProcAddress,GetModuleHandleW,GetProcAddress,GetLastError,GetLastError,GetLastError,GetLastError,GetLastError,GetLastError,GetLastError,GetLastError,GetLastError,GetLastError,GetLastError,GetLastError,GetLastError,GetLastError,GetLastError,GetLastError,GetLastError, 14_2_00007FFD155B7218
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Windows\System32\msiexec.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Windows\System32\msiexec.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Windows\System32\msiexec.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Windows\System32\msiexec.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Windows\System32\msiexec.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Windows\System32\msiexec.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Windows\System32\msiexec.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Windows\System32\msiexec.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Windows\System32\msiexec.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Windows\System32\msiexec.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Windows\System32\msiexec.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Windows\System32\msiexec.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Windows\System32\msiexec.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Windows\System32\msiexec.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Windows\System32\msiexec.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Windows\System32\msiexec.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Windows\System32\msiexec.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Windows\System32\msiexec.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Windows\System32\msiexec.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Windows\System32\msiexec.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process information set: NOOPENFILEERRORBOX Jump to behavior

Malware Analysis System Evasion
barindex
Found evasive API chain (may stop execution after reading information in the PEB, e.g. number of processors)
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Evasive API call chain: GetPEB, DecisionNodes, ExitProcess
Queries memory information (via WMI often done to detect virtual machines)
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe WMI Queries: IWbemServices::ExecQuery - root\cimv2 : Select Capacity from Win32_PhysicalMemory
Queries sensitive disk information (via WMI, Win32_DiskDrive, often done to detect virtual machines)
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe WMI Queries: IWbemServices::ExecQuery - root\cimv2 : ASSOCIATORS OF {Win32_DiskPartition.DeviceID=&quot;Disk #0, Partition #2&quot;} WHERE AssocClass = Win32_DiskDriveToDiskPartition KEYSONLY
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe WMI Queries: IWbemServices::ExecQuery - root\cimv2 : select * from Win32_DiskDriveToDiskPartition where Dependent=&quot;Win32_DiskPartition.DeviceID=\&quot;Disk #0, Partition #2\&quot;&quot;
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe WMI Queries: IWbemServices::ExecQuery - root\cimv2 : Select Model, SerialNumber from Win32_DiskDrive WHERE DeviceID=&quot;\\\\.\\PHYSICALDRIVE0&quot;
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe WMI Queries: IWbemServices::ExecQuery - root\cimv2 : Select Model, SerialNumber from Win32_DiskDrive WHERE DeviceID=&quot;\\\\.\\PHYSICALDRIVE0&quot;
Queries sensitive physical memory information (via WMI, Win32_PhysicalMemory, often done to detect virtual machines)
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe WMI Queries: IWbemServices::ExecQuery - root\cimv2 : Select Capacity from Win32_PhysicalMemory
Queries sensitive service information (via WMI, Win32_LogicalDisk, often done to detect sandboxes)
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe WMI Queries: IWbemServices::ExecQuery - root\cimv2 : ASSOCIATORS OF {Win32_LogicalDisk.DeviceID=&quot;C:&quot;} WHERE AssocClass = Win32_LogicalDiskToPartition KEYSONLY
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe WMI Queries: IWbemServices::ExecQuery - root\cimv2 : select * from Win32_LogicalDiskToPartition where Dependent=&quot;Win32_LogicalDisk.DeviceID=\&quot;C:\&quot;&quot;
Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)
Source: TurboActivate.dll.6.dr Binary or memory string: SHA-512SYSTEM\CURRENTCONTROLSET\CONTROL\NETWORK\{4D36E972-E325-11CE-BFC1-08002BE10318}\%S\CONNECTIONPNPINSTANCEIDWQLROOT\WMI OR DEVICENAME="\\DEVICE\\SELECT INSTANCENAME, DEVICENAME FROM MSNDIS_ENUMERATEADAPTER WHERE DEVICENAME="\\DEVICE\\DEVICENAME"SELECT INSTANCENAME, NDISPERMANENTADDRESS FROM MSNDIS_ETHERNETPERMANENTADDRESS WHERE INSTANCENAME="INSTANCENAMENDISPERMANENTADDRESS OR INSTANCENAME="ENABLEADDRESSRETURNVALUEWIN32_NETWORKADAPTER.DEVICEID="ROOT\STANDARDCIMV2DISABLEDEVICEIDSELECT DEVICEID, PERMANENTADDRESS FROM MSFT_NETADAPTER WHERE (VIRTUAL = FALSE OR PNPDEVICEID LIKE "XEN%\\%" OR PNPDEVICEID LIKE "VMBUS\\%") AND (INTERFACETYPE = 6 OR INTERFACETYPE = 71) AND NOT NDISPHYSICALMEDIUM = 10SELECT GUID, DEVICEID FROM WIN32_NETWORKADAPTER WHERE PHYSICALADAPTER = TRUE AND (PNPDEVICEID LIKE "PCI\\%" OR PNPDEVICEID LIKE "USB\\%" OR PNPDEVICEID LIKE "SD\\%" OR PNPDEVICEID LIKE "XEN%\\%" OR PNPDEVICEID LIKE "VMBUS\\%" OR PNPDEVICEID LIKE "%BDRV\\%") AND NOT SERVICENAME LIKE "USBRNDIS%"PERMANENTADDRESSROOT\CIMV2GUIDSELECT MODEL FROM WIN32_DISKDRIVEWINMGMTSELECT SYSTEMDRIVE FROM WIN32_OPERATINGSYSTEMMODELASSOCIATORS OF {WIN32_LOGICALDISK.DEVICEID="SYSTEMDRIVEASSOCIATORS OF {WIN32_DISKPARTITION.DEVICEID=""} WHERE ASSOCCLASS = WIN32_LOGICALDISKTOPARTITION KEYSONLYSELECT MODEL, SERIALNUMBER FROM WIN32_DISKDRIVE WHERE DEVICEID=""} WHERE ASSOCCLASS = WIN32_DISKDRIVETODISKPARTITION KEYSONLYSELECT NAME, SERIALNUMBER, SMBIOSBIOSVERSION, MANUFACTURER, VERSION FROM WIN32_BIOSSERIALNUMBERPARALLELSVMWARESMBIOSBIOSVERSIONNAMEMANUFACTURERVIRTUALBOXVERSIONXENPRODUCTSELECT PRODUCT, MANUFACTURER FROM WIN32_BASEBOARDPROCESSORIDSELECT PROCESSORID, NAME, MANUFACTURER FROM WIN32_PROCESSORCAPACITYSELECT CAPACITY FROM WIN32_PHYSICALMEMORYSBIEDLL.DLL
Source: ReefMasterSonarViewer.exe Binary or memory string: SBIEDLL.DLL
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151033527663.00007FFD155FE000.00000002.00000001.01000000.0000000E.sdmp Binary or memory string: SHA-512SYSTEM\CURRENTCONTROLSET\CONTROL\NETWORK\{4D36E972-E325-11CE-BFC1-08002BE10318}\%S\CONNECTIONROOT\WMIWQLPNPINSTANCEID"DEVICENAMESELECT INSTANCENAME, DEVICENAME FROM MSNDIS_ENUMERATEADAPTER WHERE DEVICENAME="\\DEVICE\\ OR DEVICENAME="\\DEVICE\\ OR INSTANCENAME="NDISPERMANENTADDRESSINSTANCENAMESELECT INSTANCENAME, NDISPERMANENTADDRESS FROM MSNDIS_ETHERNETPERMANENTADDRESS WHERE INSTANCENAME="WIN32_NETWORKADAPTER.DEVICEID="RETURNVALUEADDRESSENABLESELECT DEVICEID, PERMANENTADDRESS FROM MSFT_NETADAPTER WHERE (VIRTUAL = FALSE OR PNPDEVICEID LIKE "XEN%\\%" OR PNPDEVICEID LIKE "VMBUS\\%") AND (INTERFACETYPE = 6 OR INTERFACETYPE = 71) AND NOT NDISPHYSICALMEDIUM = 10DEVICEIDDISABLEROOT\STANDARDCIMV2GUIDROOT\CIMV2PERMANENTADDRESSSELECT GUID, DEVICEID FROM WIN32_NETWORKADAPTER WHERE PHYSICALADAPTER = TRUE AND (PNPDEVICEID LIKE "PCI\\%" OR PNPDEVICEID LIKE "USB\\%" OR PNPDEVICEID LIKE "SD\\%" OR PNPDEVICEID LIKE "XEN%\\%" OR PNPDEVICEID LIKE "VMBUS\\%" OR PNPDEVICEID LIKE "%BDRV\\%") AND NOT SERVICENAME LIKE "USBRNDIS%"MODELSELECT SYSTEMDRIVE FROM WIN32_OPERATINGSYSTEMWINMGMTSELECT MODEL FROM WIN32_DISKDRIVE"} WHERE ASSOCCLASS = WIN32_LOGICALDISKTOPARTITION KEYSONLYASSOCIATORS OF {WIN32_DISKPARTITION.DEVICEID="SYSTEMDRIVEASSOCIATORS OF {WIN32_LOGICALDISK.DEVICEID="SERIALNUMBERSELECT NAME, SERIALNUMBER, SMBIOSBIOSVERSION, MANUFACTURER, VERSION FROM WIN32_BIOS"} WHERE ASSOCCLASS = WIN32_DISKDRIVETODISKPARTITION KEYSONLYSELECT MODEL, SERIALNUMBER FROM WIN32_DISKDRIVE WHERE DEVICEID="NAMESMBIOSBIOSVERSIONVMWAREPARALLELSXENVERSIONVIRTUALBOXMANUFACTURERSELECT PROCESSORID, NAME, MANUFACTURER FROM WIN32_PROCESSORPROCESSORIDSELECT PRODUCT, MANUFACTURER FROM WIN32_BASEBOARDPRODUCTSBIEDLL.DLLSELECT CAPACITY FROM WIN32_PHYSICALMEMORYCAPACITY
Allocates memory with a write watch (potentially for evading sandboxes)
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Memory allocated: 2A444690000 memory reserve | memory write watch Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Memory allocated: 2A45DFE0000 memory reserve | memory write watch Jump to behavior
Contains functionality to check the parent process ID (often done to detect debuggers and analysis systems)
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00E5A100 GetCurrentProcessId,GetCurrentProcessId,GetCurrentProcessId,CreateToolhelp32Snapshot,CloseHandle,Process32FirstW,Process32NextW,Process32NextW,CloseHandle,CloseHandle, 5_2_00E5A100
Contains functionality to query network adapater information
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: GetModuleHandleW,GetProcAddress,GetAdaptersInfo,GetAdaptersInfo,RegOpenKeyExA,RegQueryValueExW,RegQueryValueExW,RegCloseKey,CoInitializeEx,CoCreateInstance,SysAllocString,OpenSCManagerW,OpenServiceW,QueryServiceConfigW,GetLastError,LocalAlloc,QueryServiceConfigW,ChangeServiceConfigW,LocalFree,CloseServiceHandle,CloseServiceHandle,CoSetProxyBlanket,SysAllocString,SysFreeString,SysFreeString,SysAllocString,SysFreeString,VariantClear,SysStringLen,VariantClear,SysAllocString,SysFreeString,SysAllocString,VariantClear,SysFreeString,SysAllocString,VariantClear,SysFreeString,SysAllocString,SysStringLen,VariantClear,VariantClear,VariantClear,VariantClear,VariantClear,SysFreeString,VariantClear,SysAllocString,SysFreeString,VariantClear,SysStringLen,VariantClear,VariantClear,VariantClear,VariantClear,SysAllocString,SysFreeString,VariantClear,VariantClear,SysAllocString,SysFreeString,SysStringLen,VariantClear,VariantClear,VariantClear,VariantClear,SysAllocString,SysFreeString,SysStringLen,VariantClear,VariantClear,SysFreeString,SysFreeString,CoUninitialize, 14_2_00007FFD1552C484
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Window / User API: threadDelayed 9961 Jump to behavior
Found decision node followed by non-executed suspicious APIs
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Decision node followed by non-executed suspicious API: DecisionNode, Non Executed (send or recv or WinExec)
Found dropped PE file which has not been started or loaded
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\FileDb.dll Jump to dropped file
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\MSI5319.tmp Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMaster.Models.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Windows\Installer\MSI243E.tmp Jump to dropped file
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Dropped PE file which has not been started: C:\ProgramData\Caphyon\Advanced Installer\{53A352F5-DB53-4EE6-976A-81BBB0A97267}\ReefMasterSonarViewer1.1.42.exe Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\GongSolutions.Wpf.DragDrop.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMaster.Core.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\DevComponents.WpfRibbon.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\SharpDX.Direct3D9.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMaster.ViewModels.dll Jump to dropped file
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\MSIDEE0.tmp Jump to dropped file
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\shi20F1.tmp Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Windows\Installer\MSI23EF.tmp Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\x86\D3DCompiler_43.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\TurboActivate.dll Jump to dropped file
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\MSID8BD.tmp Jump to dropped file
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_3408\ExternalUICleaner.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\TurboActivate64.dll Jump to dropped file
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_3408\lzmaextractor.dll Jump to dropped file
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\MSIDD63.tmp Jump to dropped file
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\MSID94B.tmp Jump to dropped file
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\MSIDDA2.tmp Jump to dropped file
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Dropped PE file which has not been started: C:\Users\user\AppData\Roaming\ReefMaster Software\ReefMaster Sonar Viewer 1.1.42.0\install\ReefMasterSonarViewer1.1.42.aiui Jump to dropped file
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\MSIDDD2.tmp Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Windows\Installer\MSI24CD.tmp Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\DevComponents.WPF.Controls.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\DevComponents.WPF.Metro.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\DevComponents.WpfEditors.dll Jump to dropped file
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\MSIDE70.tmp Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\SharpDX.Direct3D11.dll Jump to dropped file
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\shiD7E2.tmp Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\de\ReefMasterSonarViewer.resources.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\nl\ReefMasterSonarViewer.resources.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Windows\Installer\MSI247E.tmp Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\x64\D3DCompiler_43.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\SharpDX.D3DCompiler.dll Jump to dropped file
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\MSIDE02.tmp Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\TurboActivate.exe Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\DotSpatial.Positioning.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Windows\Installer\MSI27FB.tmp Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\fr\ReefMasterSonarViewer.resources.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Windows\Installer\MSI2371.tmp Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMaster.FileHandling.dll Jump to dropped file
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\MSIDEC0.tmp Jump to dropped file
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\MSIDF1F.tmp Jump to dropped file
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_3408\aicustact.dll Jump to dropped file
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\MSI527C.tmp Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\SharpDX.dll Jump to dropped file
Found evasive API chain (date check)
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Evasive API call chain: GetSystemTimeAsFileTime,DecisionNodes
Found large amount of non-executed APIs
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe API coverage: 6.9 %
May sleep (evasive loops) to hinder dynamic analysis
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe TID: 1220 Thread sleep time: -30000s >= -30000s Jump to behavior
Queries sensitive BIOS Information (via WMI, Win32_Bios & Win32_BaseBoard, often done to detect virtual machines)
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe WMI Queries: IWbemServices::ExecQuery - root\cimv2 : Select Name, SerialNumber, SMBIOSBIOSVersion, Manufacturer, Version from Win32_BIOS
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe WMI Queries: IWbemServices::ExecQuery - root\cimv2 : Select Product, Manufacturer from Win32_BaseBoard
Queries sensitive processor information (via WMI, Win32_Processor, often done to detect virtual machines)
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe WMI Queries: IWbemServices::ExecQuery - root\cimv2 : Select ProcessorId, Name, Manufacturer from Win32_Processor
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe File Volume queried: C:\Users\user\AppData\Roaming FullSizeInformation Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe File Volume queried: C:\Users\user\AppData\Roaming\ReefMaster Software\ReefMaster Sonar Viewer 1.1.42.0\install FullSizeInformation Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe File Volume queried: C:\Users\user\AppData\Roaming\ReefMaster Software\ReefMaster Sonar Viewer 1.1.42.0\install FullSizeInformation Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe File Volume queried: C:\ FullSizeInformation Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe File Volume queried: C:\ FullSizeInformation Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe File Volume queried: C:\ FullSizeInformation Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe File Volume queried: C:\ FullSizeInformation Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe File Volume queried: C:\ FullSizeInformation Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe File Volume queried: C:\ FullSizeInformation Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe File Volume queried: C:\Users\user\AppData\Roaming\ReefMaster Software\ReefMaster Sonar Viewer 1.1.42.0\install FullSizeInformation Jump to behavior
Source: C:\Windows\System32\msiexec.exe File Volume queried: C:\ FullSizeInformation Jump to behavior
Source: C:\Windows\System32\msiexec.exe File Volume queried: C:\ FullSizeInformation Jump to behavior
Source: C:\Windows\System32\msiexec.exe File Volume queried: C:\ FullSizeInformation Jump to behavior
Source: C:\Windows\System32\msiexec.exe File Volume queried: C:\ FullSizeInformation Jump to behavior
Source: C:\Windows\System32\msiexec.exe File Volume queried: C:\ FullSizeInformation Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe File Volume queried: C:\ FullSizeInformation Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00E4A3A0 FindFirstFileW,GetLastError,FindClose, 5_2_00E4A3A0
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00E52810 FindFirstFileW,FindClose,FindClose, 5_2_00E52810
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00E67100 ReadFile,FindFirstFileW,FindClose,CloseHandle,CloseHandle,CloseHandle,CreateEventW,CreateThread,WaitForSingleObject,GetExitCodeThread,CloseHandle,CloseHandle,CloseHandle,CloseHandle,CloseHandle,CloseHandle,CloseHandle,DuplicateHandle,CloseHandle, 5_2_00E67100
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00E68080 FindFirstFileW,FindClose, 5_2_00E68080
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00E72050 FindFirstFileW,FindClose, 5_2_00E72050
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00E749E0 FindFirstFileW,FindClose, 5_2_00E749E0
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00E4EE20 FindFirstFileW,FindClose,PathIsUNCW,FindFirstFileW,GetFullPathNameW,GetFullPathNameW,FindClose,SetLastError, 5_2_00E4EE20
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 9_2_00E4A3A0 FindFirstFileW,GetLastError,FindClose, 9_2_00E4A3A0
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD155ED0C0 FindFirstFileExW, 14_2_00007FFD155ED0C0
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00E3ED30 GetLogicalDriveStringsW, 5_2_00E3ED30
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00E3BD00 GetProcAddress,GetCurrentProcess,GetProcAddress,GetNativeSystemInfo,GetSystemInfo, 5_2_00E3BD00
Source: TurboActivate.dll.6.dr Binary or memory string: SHA-512SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\%s\ConnectionPnpInstanceIDWQLroot\wmi OR DeviceName="\\DEVICE\\SELECT InstanceName, DeviceName FROM MSNdis_EnumerateAdapter WHERE DeviceName="\\DEVICE\\DeviceName"SELECT InstanceName, NdisPermanentAddress FROM MSNdis_EthernetPermanentAddress WHERE InstanceName="InstanceNameNdisPermanentAddress OR InstanceName="EnableAddressReturnValueWin32_NetworkAdapter.DeviceID="root\StandardCimv2DisableDeviceIDSELECT DeviceID, PermanentAddress FROM MSFT_NetAdapter WHERE (Virtual = FALSE OR PNPDeviceID LIKE "XEN%\\%" OR PNPDeviceID LIKE "VMBUS\\%") AND (InterfaceType = 6 OR InterfaceType = 71) AND NOT NdisPhysicalMedium = 10SELECT GUID, DeviceID FROM Win32_NetworkAdapter WHERE PhysicalAdapter = TRUE AND (PNPDeviceID LIKE "PCI\\%" OR PNPDeviceID LIKE "USB\\%" OR PNPDeviceID LIKE "SD\\%" OR PNPDeviceID LIKE "XEN%\\%" OR PNPDeviceID LIKE "VMBUS\\%" OR PNPDeviceID LIKE "%BDRV\\%") AND NOT ServiceName LIKE "usbrndis%"PermanentAddressroot\cimv2GUIDSelect Model from Win32_DiskDriveWinmgmtSelect SystemDrive from Win32_OperatingSystemModelASSOCIATORS OF {Win32_LogicalDisk.DeviceID="SystemDriveASSOCIATORS OF {Win32_DiskPartition.DeviceID=""} WHERE AssocClass = Win32_LogicalDiskToPartition KEYSONLYSelect Model, SerialNumber from Win32_DiskDrive WHERE DeviceID=""} WHERE AssocClass = Win32_DiskDriveToDiskPartition KEYSONLYSelect Name, SerialNumber, SMBIOSBIOSVersion, Manufacturer, Version from Win32_BIOSSerialNumberParallelsVMwareSMBIOSBIOSVersionNameManufacturerVirtualBoxVersionXenProductSelect Product, Manufacturer from Win32_BaseBoardProcessorIdSelect ProcessorId, Name, Manufacturer from Win32_ProcessorCapacitySelect Capacity from Win32_PhysicalMemorySbieDll.dll
Source: ReefMasterSonarViewer.exe Binary or memory string: VMware
Source: sonarviewer_updater.exe, 0000000F.00000002.150115965577.0000000000BDD000.00000004.00000020.00020000.00000000.sdmp, sonarviewer_updater.exe, 0000000F.00000002.150115965577.0000000000C12000.00000004.00000020.00020000.00000000.sdmp Binary or memory string: Hyper-V RAW
Source: ReefMasterSonarViewer1.1.42.exe Binary or memory string: 01234567890.0.0.0.%dVMware, Inc.VMware Virtual PlatformVMware7,1innotek GmbHVirtualBoxMicrosoft CorporationVirtual MachineVRTUALACRSYSA M IROOT\CIMV2SELECT * FROM Win32_ComputerSystemSELECT * FROM Win32_BIOSManufacturerModelVersionGetting system informationManufacturer [Model [BIOS [IsWow64Processkernel32Software\Microsoft\Windows NT\CurrentVersionSYSTEM\CurrentControlSet\Control\ProductOptionsCurrentMajorVersionNumberCurrentMinorVersionNumberCurrentVersionCurrentBuildNumberReleaseIdCSDVersionProductTypeProductSuiteWinNTServerNTSmall BusinessEnterpriseBackOfficeCommunicationServerTerminal ServerSmall Business(Restricted)EmbeddedNTDataCenterPersonalBladeEmbedded(Restricted)Security ApplianceStorage ServerCompute Server Failed to create IWbemLocator object. Error code: \\Could not connect to WMI provider. Error code: Failed to initialize security. Error code: Could not set proxy blanket. Error code: WQLWMI Query failed: []. Error code:
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151021160605.000002A45EE60000.00000004.00000020.00020000.00000000.sdmp Binary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll
Source: ReefMasterSonarViewer.exe, 0000000E.00000002.151033527663.00007FFD155FE000.00000002.00000001.01000000.0000000E.sdmp Binary or memory string: SHA-512SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\%s\Connectionroot\wmiWQLPnpInstanceID"DeviceNameSELECT InstanceName, DeviceName FROM MSNdis_EnumerateAdapter WHERE DeviceName="\\DEVICE\\ OR DeviceName="\\DEVICE\\ OR InstanceName="NdisPermanentAddressInstanceNameSELECT InstanceName, NdisPermanentAddress FROM MSNdis_EthernetPermanentAddress WHERE InstanceName="Win32_NetworkAdapter.DeviceID="ReturnValueAddressEnableSELECT DeviceID, PermanentAddress FROM MSFT_NetAdapter WHERE (Virtual = FALSE OR PNPDeviceID LIKE "XEN%\\%" OR PNPDeviceID LIKE "VMBUS\\%") AND (InterfaceType = 6 OR InterfaceType = 71) AND NOT NdisPhysicalMedium = 10DeviceIDDisableroot\StandardCimv2GUIDroot\cimv2PermanentAddressSELECT GUID, DeviceID FROM Win32_NetworkAdapter WHERE PhysicalAdapter = TRUE AND (PNPDeviceID LIKE "PCI\\%" OR PNPDeviceID LIKE "USB\\%" OR PNPDeviceID LIKE "SD\\%" OR PNPDeviceID LIKE "XEN%\\%" OR PNPDeviceID LIKE "VMBUS\\%" OR PNPDeviceID LIKE "%BDRV\\%") AND NOT ServiceName LIKE "usbrndis%"ModelSelect SystemDrive from Win32_OperatingSystemWinmgmtSelect Model from Win32_DiskDrive"} WHERE AssocClass = Win32_LogicalDiskToPartition KEYSONLYASSOCIATORS OF {Win32_DiskPartition.DeviceID="SystemDriveASSOCIATORS OF {Win32_LogicalDisk.DeviceID="SerialNumberSelect Name, SerialNumber, SMBIOSBIOSVersion, Manufacturer, Version from Win32_BIOS"} WHERE AssocClass = Win32_DiskDriveToDiskPartition KEYSONLYSelect Model, SerialNumber from Win32_DiskDrive WHERE DeviceID="NameSMBIOSBIOSVersionVMwareParallelsXenVersionVirtualBoxManufacturerSelect ProcessorId, Name, Manufacturer from Win32_ProcessorProcessorIdSelect Product, Manufacturer from Win32_BaseBoardProductSbieDll.dllSelect Capacity from Win32_PhysicalMemoryCapacity
Source: C:\Windows\System32\msiexec.exe Process information queried: ProcessInformation Jump to behavior
Contains functionality to check if a debugger is running (IsDebuggerPresent)
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00EE2823 IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter, 5_2_00EE2823
Contains functionality to check if a debugger is running (OutputDebugString,GetLastError)
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD155A5AF0 GetLastError,IsDebuggerPresent,OutputDebugStringW, 14_2_00007FFD155A5AF0
Contains functionality to check the parent process ID (often done to detect debuggers and analysis systems)
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00E5A100 GetCurrentProcessId,GetCurrentProcessId,GetCurrentProcessId,CreateToolhelp32Snapshot,CloseHandle,Process32FirstW,Process32NextW,Process32NextW,CloseHandle,CloseHandle, 5_2_00E5A100
Contains functionality to dynamically determine API calls
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00E4DF80 LoadLibraryW,GetProcAddress,GetSystemMetrics,GetSystemMetrics,GetSystemMetrics,LoadImageW,FreeLibrary, 5_2_00E4DF80
Contains functionality to read the PEB
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00EF825A mov eax, dword ptr fs:[00000030h] 5_2_00EF825A
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00EED4DF mov eax, dword ptr fs:[00000030h] 5_2_00EED4DF
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 9_2_00EF825A mov eax, dword ptr fs:[00000030h] 9_2_00EF825A
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 9_2_00EED4DF mov eax, dword ptr fs:[00000030h] 9_2_00EED4DF
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 9_2_00EDBAAD mov esi, dword ptr fs:[00000030h] 9_2_00EDBAAD
Contains functionality which may be used to detect a debugger (GetProcessHeap)
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00EDBB19 GetProcessHeap,HeapAlloc,GetProcessHeap,HeapFree, 5_2_00EDBB19
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00DE08E0 SetUnhandledExceptionFilter, 5_2_00DE08E0
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00E34869 SetUnhandledExceptionFilter,NtdllDefWindowProc_W,KiUserCallbackDispatcher, 5_2_00E34869
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00EDE310 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess, 5_2_00EDE310
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00EE2823 IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter, 5_2_00EE2823
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 9_2_00DE08E0 SetUnhandledExceptionFilter, 9_2_00DE08E0
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 9_2_00EDE310 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess, 9_2_00EDE310
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 9_2_00EE2823 IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter, 9_2_00EE2823
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD15579C70 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess, 14_2_00007FFD15579C70
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD1557A44C IsProcessorFeaturePresent,RtlCaptureContext,RtlLookupFunctionEntry,RtlVirtualUnwind,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter, 14_2_00007FFD1557A44C
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD155D2984 RtlCaptureContext,RtlLookupFunctionEntry,RtlVirtualUnwind,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter, 14_2_00007FFD155D2984
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Memory allocated: page read and write | page guard Jump to behavior
Creates a process in suspended mode (likely to inject code)
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Process created: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe "C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe" /i "C:\Users\user\AppData\Roaming\ReefMaster Software\ReefMaster Sonar Viewer 1.1.42.0\install\ReefMasterSonarViewer1.1.42.msi" AI_EUIMSI=1 SHORTCUTDIR="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ReefMaster Sonar Viewer" APPDIR="C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer" SECONDSEQUENCE="1" CLIENTPROCESSID="3408" CHAINERUIPROCESSID="3408Chainer" ACTION="INSTALL" EXECUTEACTION="INSTALL" CLIENTUILEVEL="0" ADDLOCAL="MainFeature" ALLUSERS="1" PRIMARYFOLDER="APPDIR" ROOTDRIVE="C:\" AI_FOUND_PREREQS=".NET Framework 4.5" AI_DETECTED_DOTNET_VERSION="4.8" AI_SETUPEXEPATH="C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe" SETUPEXEDIR="C:\Users\user\Desktop\" EXE_CMD_LINE="/exenoupdates /forcecleanup /wintime 1714054620 " AI_SETUPEXEPATH_ORIGINAL="C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe" TARGETDIR="C:\" AI_INSTALL="1" Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Process created: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\sonarviewer_updater.exe "C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\sonarviewer_updater.exe" /justcheck Jump to behavior
Very long cmdline option found, this is very uncommon (may be encrypted or packed)
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Process created: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe "c:\users\user\desktop\reefmastersonarviewer1.1.42.exe" /i "c:\users\user\appdata\roaming\reefmaster software\reefmaster sonar viewer 1.1.42.0\install\reefmastersonarviewer1.1.42.msi" ai_euimsi=1 shortcutdir="c:\programdata\microsoft\windows\start menu\programs\reefmaster sonar viewer" appdir="c:\program files (x86)\reefmaster software\reefmaster sonar viewer" secondsequence="1" clientprocessid="3408" chaineruiprocessid="3408chainer" action="install" executeaction="install" clientuilevel="0" addlocal="mainfeature" allusers="1" primaryfolder="appdir" rootdrive="c:\" ai_found_prereqs=".net framework 4.5" ai_detected_dotnet_version="4.8" ai_setupexepath="c:\users\user\desktop\reefmastersonarviewer1.1.42.exe" setupexedir="c:\users\user\desktop\" exe_cmd_line="/exenoupdates /forcecleanup /wintime 1714054620 " ai_setupexepath_original="c:\users\user\desktop\reefmastersonarviewer1.1.42.exe" targetdir="c:\" ai_install="1"
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Process created: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe "c:\users\user\desktop\reefmastersonarviewer1.1.42.exe" /i "c:\users\user\appdata\roaming\reefmaster software\reefmaster sonar viewer 1.1.42.0\install\reefmastersonarviewer1.1.42.msi" ai_euimsi=1 shortcutdir="c:\programdata\microsoft\windows\start menu\programs\reefmaster sonar viewer" appdir="c:\program files (x86)\reefmaster software\reefmaster sonar viewer" secondsequence="1" clientprocessid="3408" chaineruiprocessid="3408chainer" action="install" executeaction="install" clientuilevel="0" addlocal="mainfeature" allusers="1" primaryfolder="appdir" rootdrive="c:\" ai_found_prereqs=".net framework 4.5" ai_detected_dotnet_version="4.8" ai_setupexepath="c:\users\user\desktop\reefmastersonarviewer1.1.42.exe" setupexedir="c:\users\user\desktop\" exe_cmd_line="/exenoupdates /forcecleanup /wintime 1714054620 " ai_setupexepath_original="c:\users\user\desktop\reefmastersonarviewer1.1.42.exe" targetdir="c:\" ai_install="1" Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD155314E4 AllocateAndInitializeSid,SetEntriesInAclW,LocalAlloc,InitializeSecurityDescriptor,SetSecurityDescriptorDacl,CreateDirectoryW,GetLastError,SetFileAttributesW,CreateFileW,GetLastError,CloseHandle,FreeSid,LocalFree,LocalFree, 14_2_00007FFD155314E4
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00E74E80 GetCurrentProcess,OpenProcessToken,GetLastError,GetTokenInformation,GetTokenInformation,GetLastError,GetTokenInformation,AllocateAndInitializeSid,EqualSid,FreeSid,GetLastError,FindCloseChangeNotification, 5_2_00E74E80
Contains functionality to query CPU information (cpuid)
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00EDDE86 cpuid 5_2_00EDDE86
Contains functionality to query locales information (e.g. system language)
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: GetACP,IsValidCodePage,GetLocaleInfoW, 14_2_00007FFD155F1F5C
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: GetLocaleInfoW, 14_2_00007FFD155F265C
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: GetLocaleInfoW,GetLocaleInfoW,GetACP, 14_2_00007FFD155F27B4
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: GetLocaleInfoW, 14_2_00007FFD155E6770
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: EnumSystemLocalesW, 14_2_00007FFD155E61A0
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: EnumSystemLocalesW, 14_2_00007FFD155F2378
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: GetLocaleInfoW,GetLocaleInfoW,GetLocaleInfoW, 14_2_00007FFD155F2410
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: EnumSystemLocalesW, 14_2_00007FFD155F22A8
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: EnumSystemLocalesW,GetUserDefaultLCID,IsValidCodePage,IsValidLocale,GetLocaleInfoW,GetLocaleInfoW, 14_2_00007FFD155F2990
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: GetLocaleInfoW, 14_2_00007FFD155F2864
Queries the volume information (name, serial number etc) of a device
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Queries volume information: C:\ VolumeInformation Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Queries volume information: C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_3408\sys_close_down.bmp VolumeInformation Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Queries volume information: C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_3408\sys_close_hot.bmp VolumeInformation Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Queries volume information: C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_3408\sys_close_normal.bmp VolumeInformation Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Queries volume information: C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_3408\sys_close_inactive.bmp VolumeInformation Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Queries volume information: C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_3408\sys_min_down.bmp VolumeInformation Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Queries volume information: C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_3408\sys_min_hot.bmp VolumeInformation Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Queries volume information: C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_3408\sys_min_normal.bmp VolumeInformation Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Queries volume information: C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_3408\sys_min_inactive.bmp VolumeInformation Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Queries volume information: C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_3408\frame_top_left.bmp VolumeInformation Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Queries volume information: C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_3408\frame_top_left_inactive.bmp VolumeInformation Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Queries volume information: C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_3408\frame_top_mid.bmp VolumeInformation Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Queries volume information: C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_3408\frame_top_mid_inactive.bmp VolumeInformation Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Queries volume information: C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_3408\frame_caption.bmp VolumeInformation Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Queries volume information: C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_3408\frame_caption_inactive.bmp VolumeInformation Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Queries volume information: C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_3408\frame_top_right.bmp VolumeInformation Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Queries volume information: C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_3408\frame_top_right_inactive.bmp VolumeInformation Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Queries volume information: C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_3408\frame_left.bmp VolumeInformation Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Queries volume information: C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_3408\frame_left_inactive.bmp VolumeInformation Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Queries volume information: C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_3408\frame_right.bmp VolumeInformation Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Queries volume information: C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_3408\frame_right_inactive.bmp VolumeInformation Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Queries volume information: C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_3408\frame_bottom_left.bmp VolumeInformation Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Queries volume information: C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_3408\frame_bottom_left_inactive.bmp VolumeInformation Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Queries volume information: C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_3408\frame_bottom_mid.bmp VolumeInformation Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Queries volume information: C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_3408\frame_bottom_mid_inactive.bmp VolumeInformation Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Queries volume information: C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_3408\frame_bottom_right.bmp VolumeInformation Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Queries volume information: C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_3408\frame_bottom_right_inactive.bmp VolumeInformation Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Queries volume information: C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_3408\background VolumeInformation Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Queries volume information: C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_3408\background VolumeInformation Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Queries volume information: C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_3408\background VolumeInformation Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Queries volume information: C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_3408\background VolumeInformation Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Queries volume information: C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_3408\background VolumeInformation Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Queries volume information: C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_3408\background VolumeInformation Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Queries volume information: C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_3408\background VolumeInformation Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Queries volume information: C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_3408\exitbackground VolumeInformation Jump to behavior
Source: C:\Windows\System32\msiexec.exe Queries volume information: C:\ VolumeInformation Jump to behavior
Source: C:\Windows\System32\msiexec.exe Queries volume information: C:\ VolumeInformation Jump to behavior
Source: C:\Windows\System32\msiexec.exe Queries volume information: C:\ VolumeInformation Jump to behavior
Source: C:\Windows\System32\msiexec.exe Queries volume information: C:\ VolumeInformation Jump to behavior
Source: C:\Windows\System32\msiexec.exe Queries volume information: C:\ VolumeInformation Jump to behavior
Source: C:\Windows\System32\msiexec.exe Queries volume information: C:\ VolumeInformation Jump to behavior
Source: C:\Windows\System32\msiexec.exe Queries volume information: C:\ VolumeInformation Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Queries volume information: C:\ VolumeInformation Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Queries volume information: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe VolumeInformation Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Queries volume information: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\SharpDX.dll VolumeInformation Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Queries volume information: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\SharpDX.Direct3D11.dll VolumeInformation Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Queries volume information: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\DevComponents.WPF.Controls.dll VolumeInformation Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Queries volume information: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMaster.Models.dll VolumeInformation Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Queries volume information: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMaster.Core.dll VolumeInformation Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Queries volume information: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\DevComponents.WPF.Metro.dll VolumeInformation Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Queries volume information: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMaster.ViewModels.dll VolumeInformation Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Queries volume information: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\GongSolutions.Wpf.DragDrop.dll VolumeInformation Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Queries volume information: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\SharpDX.DXGI.dll VolumeInformation Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Queries volume information: C:\ProgramData\DIBsection\4c0b9aec54b82b64e042e8.84979931 VolumeInformation Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Queries volume information: C:\ProgramData\win-net\9c0b4aec54b82b64e042e8.84979931 VolumeInformation Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Queries volume information: C:\ProgramData\win-net\9c0b4aec54b82b64e042e8.84979931 VolumeInformation Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Queries volume information: C:\ProgramData\DIBsection\4c0b9aec54b82b64e042e8.84979931 VolumeInformation Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Queries volume information: C:\ProgramData\DIBsection\4c0b9aec54b82b64e042e8.84979931 VolumeInformation Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Queries volume information: C:\Windows\Fonts\segoeui.ttf VolumeInformation Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Queries volume information: C:\Windows\Fonts\seguisb.ttf VolumeInformation Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Queries volume information: C:\Windows\Fonts\seguisb.ttf VolumeInformation Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework-SystemXml\v4.0_4.0.0.0__b77a5c561934e089\PresentationFramework-SystemXml.dll VolumeInformation Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Queries volume information: C:\Windows\Fonts\arialbd.ttf VolumeInformation Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Queries volume information: C:\Windows\Fonts\arialbd.ttf VolumeInformation Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Queries volume information: C:\Windows\Fonts\segoeui.ttf VolumeInformation Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Queries volume information: C:\Windows\Fonts\seguisb.ttf VolumeInformation Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework-SystemCore\v4.0_4.0.0.0__b77a5c561934e089\PresentationFramework-SystemCore.dll VolumeInformation Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Queries volume information: C:\Windows\Fonts\segoeuib.ttf VolumeInformation Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Queries volume information: C:\Windows\Fonts\segoeuib.ttf VolumeInformation Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll VolumeInformation Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll VolumeInformation Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Queries volume information: C:\Windows\Fonts\segoeui.ttf VolumeInformation Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Queries volume information: C:\Windows\Fonts\seguisb.ttf VolumeInformation Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Queries volume information: C:\Windows\Fonts\segoeuib.ttf VolumeInformation Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Queries volume information: C:\Windows\Fonts\seguisb.ttf VolumeInformation Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Queries volume information: C:\Windows\Fonts\arialbd.ttf VolumeInformation Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Queries volume information: C:\Windows\Fonts\segoeui.ttf VolumeInformation Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Queries volume information: C:\Windows\Fonts\seguisb.ttf VolumeInformation Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Queries volume information: C:\Windows\Fonts\seguisb.ttf VolumeInformation Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Queries volume information: C:\Windows\Fonts\seguisb.ttf VolumeInformation Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Queries volume information: C:\Windows\Fonts\segoeui.ttf VolumeInformation Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Queries volume information: C:\ProgramData\DIBsection\4c0b9aec54b82b64e042e8.84979931 VolumeInformation Jump to behavior
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Queries volume information: C:\ProgramData\DIBsection\4c0b9aec54b82b64e042e8.84979931 VolumeInformation Jump to behavior
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00EA2250 CreateNamedPipeW,CreateFileW, 5_2_00EA2250
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00EDEF75 GetSystemTimeAsFileTime,GetCurrentThreadId,GetCurrentProcessId,QueryPerformanceCounter, 5_2_00EDEF75
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Code function: 5_2_00EF00D9 GetTimeZoneInformation, 5_2_00EF00D9
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD155AB850 GetVersionExW, 14_2_00007FFD155AB850
Source: C:\Users\user\Desktop\ReefMasterSonarViewer1.1.42.exe Key value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuid Jump to behavior
Contains functionality to open a port and listen for incoming connection (possibly a backdoor)
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD1558F828 socket,htonl,setsockopt,bind,getsockname,listen,socket,connect,accept,send,recv,closesocket,closesocket,closesocket,closesocket, 14_2_00007FFD1558F828
Source: C:\Program Files (x86)\ReefMaster Software\ReefMaster Sonar Viewer\ReefMasterSonarViewer.exe Code function: 14_2_00007FFD155878F0 htons,htons,htons,bind,htons,bind,getsockname,WSAGetLastError,WSAGetLastError, 14_2_00007FFD155878F0
windows-stand
Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1431860 Sample: ReefMasterSonarViewer1.1.42.exe Startdate: 25/04/2024 Architecture: WINDOWS Score: 36 45 wyday.com 2->45 51 Snort IDS alert for network traffic 2->51 53 Queries sensitive physical memory information (via WMI, Win32_PhysicalMemory, often done to detect virtual machines) 2->53 55 Queries sensitive disk information (via WMI, Win32_DiskDrive, often done to detect virtual machines) 2->55 57 3 other signatures 2->57 7 msiexec.exe 140 88 2->7         started        10 ReefMasterSonarViewer1.1.42.exe 92 2->10         started        13 ReefMasterSonarViewer.exe 8 44 2->13         started        signatures3 process4 dnsIp5 29 C:\...\ReefMasterSonarViewer.exe, PE32 7->29 dropped 31 C:\Windows\Installer\MSI27FB.tmp, PE32 7->31 dropped 33 C:\Windows\Installer\MSI24CD.tmp, PE32 7->33 dropped 41 29 other files (none is malicious) 7->41 dropped 16 msiexec.exe 7->16         started        18 msiexec.exe 7->18         started        35 C:\Users\...\ReefMasterSonarViewer1.1.42.aiui, PE32 10->35 dropped 37 C:\Users\user\AppData\Local\...\shiD7E2.tmp, PE32+ 10->37 dropped 39 C:\Users\user\AppData\Local\...\MSIDF1F.tmp, PE32 10->39 dropped 43 14 other files (none is malicious) 10->43 dropped 59 Found evasive API chain (may stop execution after reading information in the PEB, e.g. number of processors) 10->59 20 ReefMasterSonarViewer1.1.42.exe 11 10->20         started        47 wyday.com 45.33.71.201, 443, 50383 LINODE-APLinodeLLCUS United States 13->47 49 127.0.0.1 unknown unknown 13->49 61 Tries to detect sandboxes and other dynamic analysis tools (process name or module or function) 13->61 23 sonarviewer_updater.exe 13->23         started        file6 signatures7 process8 file9 25 C:\Users\user\AppData\Local\...\shi20F1.tmp, PE32+ 20->25 dropped 27 C:\...\ReefMasterSonarViewer1.1.42.exe, PE32 20->27 dropped
  • No. of IPs < 25%
  • 25% < No. of IPs < 50%
  • 50% < No. of IPs < 75%
  • 75% < No. of IPs

Contacted Public IPs

IP Domain Country Flag ASN ASN Name Malicious
45.33.71.201
 wyday.com United States
63949 LINODE-APLinodeLLCUS false

Private

IP
127.0.0.1

Contacted Domains

Name IP Active
wyday.com 45.33.71.201 true