| Source: C:\Program Files (x86)\SteadyMouse\SteadyMouse.exe |
Code function: 30_2_7C016C52 _stat64,_mbspbrk,_errno,__doserrno,_errno,__doserrno,_mbctolower,_getdrive,FindFirstFileA,_mbspbrk,_fullpath,strlen,GetDriveTypeA,_errno,__doserrno,FileTimeToLocalFileTime,FileTimeToSystemTime,FileTimeToLocalFileTime,FileTimeToSystemTime,FileTimeToLocalFileTime,FileTimeToSystemTime,FindClose,GetLastError,FindClose, |
30_2_7C016C52 |
| Source: C:\Program Files (x86)\SteadyMouse\SteadyMouse.exe |
Code function: 30_2_7C009D87 malloc,FindClose,FindFirstFileW,FindNextFileW,FindClose, |
30_2_7C009D87 |
| Source: C:\Program Files (x86)\SteadyMouse\SteadyMouse.exe |
Code function: 30_2_7C015DA9 _wfindfirst,FindFirstFileW,GetLastError,_errno,_errno,_errno,wcscpy, |
30_2_7C015DA9 |
| Source: C:\Program Files (x86)\SteadyMouse\SteadyMouse.exe |
Code function: 30_2_7C017E1B _wstati64,wcspbrk,_errno,__doserrno,_errno,__doserrno,towlower,_getdrive,FindFirstFileW,wcspbrk,_wfullpath,wcslen,GetDriveTypeW,_errno,__doserrno,FileTimeToLocalFileTime,FileTimeToSystemTime,FileTimeToLocalFileTime,FileTimeToSystemTime,FileTimeToLocalFileTime,FileTimeToSystemTime,FindClose,GetLastError,FindClose, |
30_2_7C017E1B |
| Source: C:\Program Files (x86)\SteadyMouse\SteadyMouse.exe |
Code function: 30_2_7C015F6A _wfindfirst64,FindFirstFileW,GetLastError,_errno,_errno,_errno,wcscpy, |
30_2_7C015F6A |
| Source: C:\Program Files (x86)\SteadyMouse\SteadyMouse.exe |
Code function: 30_2_7C016F7D _stati64,_mbspbrk,_errno,__doserrno,_errno,__doserrno,_mbctolower,_getdrive,FindFirstFileA,_mbspbrk,_fullpath,strlen,GetDriveTypeA,_errno,__doserrno,FileTimeToLocalFileTime,FileTimeToSystemTime,FileTimeToLocalFileTime,FileTimeToSystemTime,FileTimeToLocalFileTime,FileTimeToSystemTime,FindClose,GetLastError,FindClose, |
30_2_7C016F7D |
| Source: C:\Program Files (x86)\SteadyMouse\SteadyMouse.exe |
Code function: 30_2_7C009899 malloc,FindClose,FindFirstFileA,FindNextFileA,FindClose, |
30_2_7C009899 |
| Source: C:\Program Files (x86)\SteadyMouse\SteadyMouse.exe |
Code function: 30_2_7C016901 _stat,_mbspbrk,_errno,__doserrno,_errno,__doserrno,_mbctolower,_getdrive,FindFirstFileA,_mbspbrk,_fullpath,strlen,GetDriveTypeA,_errno,__doserrno,FileTimeToLocalFileTime,FileTimeToSystemTime,FileTimeToLocalFileTime,FileTimeToSystemTime,FileTimeToLocalFileTime,FileTimeToSystemTime,FindClose,GetLastError,FindClose, |
30_2_7C016901 |
| Source: C:\Program Files (x86)\SteadyMouse\SteadyMouse.exe |
Code function: 30_2_7C01592E _findfirst64,FindFirstFileA,GetLastError,_errno,_errno,_errno,strcpy, |
30_2_7C01592E |
| Source: C:\Program Files (x86)\SteadyMouse\SteadyMouse.exe |
Code function: 30_2_7C017A60 _wstat64,wcspbrk,_errno,__doserrno,_errno,__doserrno,towlower,_getdrive,FindFirstFileW,wcspbrk,_wfullpath,wcslen,GetDriveTypeW,_errno,__doserrno,FileTimeToLocalFileTime,FileTimeToSystemTime,FileTimeToLocalFileTime,FileTimeToSystemTime,FileTimeToLocalFileTime,FileTimeToSystemTime,FindClose,GetLastError,FindClose, |
30_2_7C017A60 |
| Source: C:\Program Files (x86)\SteadyMouse\SteadyMouse.exe |
Code function: 30_2_7C015B43 _findfirsti64,FindFirstFileA,GetLastError,_errno,_errno,_errno,strcpy, |
30_2_7C015B43 |
| Source: C:\Program Files (x86)\SteadyMouse\SteadyMouse.exe |
Code function: 30_2_7C015707 _findfirst,FindFirstFileA,GetLastError,_errno,_errno,_errno,strcpy, |
30_2_7C015707 |
| Source: C:\Program Files (x86)\SteadyMouse\SteadyMouse.exe |
Code function: 30_2_7C017777 _wstat,wcspbrk,_errno,__doserrno,_errno,__doserrno,towlower,_getdrive,FindFirstFileW,wcspbrk,_wfullpath,wcslen,GetDriveTypeW,_errno,__doserrno,FileTimeToLocalFileTime,FileTimeToSystemTime,FileTimeToLocalFileTime,FileTimeToSystemTime,FileTimeToLocalFileTime,FileTimeToSystemTime,FindClose,GetLastError,FindClose, |
30_2_7C017777 |
| Source: C:\Program Files (x86)\SteadyMouse\SteadyMouse.exe |
Code function: 30_2_7C01617F _wfindfirsti64,FindFirstFileW,GetLastError,_errno,_errno,_errno,wcscpy, |
30_2_7C01617F |
| Source: SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.exe, 00000000.00000003.1138830761.0000000002550000.00000004.00001000.00020000.00000000.sdmp, SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.exe, 00000000.00000003.1369733416.0000000002888000.00000004.00001000.00020000.00000000.sdmp, SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp, 00000001.00000003.1141581852.0000000003360000.00000004.00001000.00020000.00000000.sdmp, SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp, 00000001.00000003.1364769379.000000000365D000.00000004.00001000.00020000.00000000.sdmp |
String found in binary or memory: http://counter-strike.com.ua/ |
| Source: SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.exe, is-MDLV9.tmp.1.dr, is-I44SO.tmp.1.dr, is-3HOGA.tmp.1.dr, is-DIJ9B.tmp.1.dr, SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp.0.dr |
String found in binary or memory: http://crl.comodoca.com/COMODORSACertificationAuthority.crl0q |
| Source: SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.exe, is-MDLV9.tmp.1.dr, is-I44SO.tmp.1.dr, is-3HOGA.tmp.1.dr, is-DIJ9B.tmp.1.dr, SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp.0.dr |
String found in binary or memory: http://crl.comodoca.com/COMODORSACodeSigningCA.crl0t |
| Source: SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp.0.dr |
String found in binary or memory: http://ocsp.comodoca.com0 |
| Source: SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.exe, 00000000.00000003.1370199338.0000000002293000.00000004.00001000.00020000.00000000.sdmp, SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.exe, 00000000.00000003.1138830761.0000000002550000.00000004.00001000.00020000.00000000.sdmp, SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp, 00000001.00000003.1141581852.0000000003360000.00000004.00001000.00020000.00000000.sdmp, SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp, 00000001.00000003.1364769379.000000000365D000.00000004.00001000.00020000.00000000.sdmp |
String found in binary or memory: http://www.dk-soft.org/ |
| Source: SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.exe, 00000000.00000003.1370199338.0000000002293000.00000004.00001000.00020000.00000000.sdmp, SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.exe, 00000000.00000003.1138830761.0000000002550000.00000004.00001000.00020000.00000000.sdmp, SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp, 00000001.00000003.1365559029.0000000002330000.00000004.00001000.00020000.00000000.sdmp, SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp, 00000001.00000003.1141581852.0000000003360000.00000004.00001000.00020000.00000000.sdmp |
String found in binary or memory: http://www.haysoft.org%1-k |
| Source: SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.exe, 00000000.00000003.1139734999.000000007FCC0000.00000004.00001000.00020000.00000000.sdmp, SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.exe, 00000000.00000003.1139457880.0000000002550000.00000004.00001000.00020000.00000000.sdmp, SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp, 00000001.00000000.1140656079.0000000000401000.00000020.00000001.01000000.00000004.sdmp, is-3HOGA.tmp.1.dr, SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp.0.dr |
String found in binary or memory: http://www.innosetup.com/ |
| Source: SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.exe |
String found in binary or memory: http://www.jrsoftware.org/ishelp/index.php?topic=setupcmdlineSetupU |
| Source: SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.exe, 00000000.00000003.1370199338.0000000002293000.00000004.00001000.00020000.00000000.sdmp, SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.exe, 00000000.00000003.1138830761.0000000002550000.00000004.00001000.00020000.00000000.sdmp, SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp, 00000001.00000003.1365559029.0000000002330000.00000004.00001000.00020000.00000000.sdmp, SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp, 00000001.00000003.1141581852.0000000003360000.00000004.00001000.00020000.00000000.sdmp |
String found in binary or memory: http://www.palkornel.hu/innosetup%1 |
| Source: SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.exe, 00000000.00000003.1139734999.000000007FCC0000.00000004.00001000.00020000.00000000.sdmp, SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.exe, 00000000.00000003.1139457880.0000000002550000.00000004.00001000.00020000.00000000.sdmp, SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp, 00000001.00000000.1140656079.0000000000401000.00000020.00000001.01000000.00000004.sdmp, is-3HOGA.tmp.1.dr, SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp.0.dr |
String found in binary or memory: http://www.remobjects.com/ps |
| Source: is-MDLV9.tmp.1.dr |
String found in binary or memory: http://www.steadymouse.com/donations/ |
| Source: SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp, 00000001.00000003.1365559029.000000000245A000.00000004.00001000.00020000.00000000.sdmp, SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp, 00000001.00000003.1364769379.0000000003637000.00000004.00001000.00020000.00000000.sdmp, SteadyMouse on Keybase.url.1.dr |
String found in binary or memory: https://keybase.io/steadymouse |
| Source: SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp, 00000001.00000003.1141581852.0000000003360000.00000004.00001000.00020000.00000000.sdmp |
String found in binary or memory: https://keybase.io/steadymouse( |
| Source: SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp, 00000001.00000003.1365559029.000000000245A000.00000004.00001000.00020000.00000000.sdmp, SteadyMouse on Twitter.url.1.dr |
String found in binary or memory: https://twitter.com/steadymouse |
| Source: SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp, 00000001.00000003.1141581852.0000000003360000.00000004.00001000.00020000.00000000.sdmp |
String found in binary or memory: https://twitter.com/steadymouse( |
| Source: SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp, 00000001.00000003.1365559029.000000000244C000.00000004.00001000.00020000.00000000.sdmp, SteadyMouse on Instagram.url.1.dr |
String found in binary or memory: https://www.instagram.com/steadymouse/ |
| Source: SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp, 00000001.00000003.1141581852.0000000003360000.00000004.00001000.00020000.00000000.sdmp |
String found in binary or memory: https://www.instagram.com/steadymouse/( |
| Source: SteadyMouse on Product Hunt.url.1.dr |
String found in binary or memory: https://www.producthunt.com/posts/steadymouse |
| Source: SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp, 00000001.00000003.1141581852.0000000003360000.00000004.00001000.00020000.00000000.sdmp |
String found in binary or memory: https://www.producthunt.com/posts/steadymouse( |
| Source: SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp, 00000001.00000003.1365559029.00000000023F5000.00000004.00001000.00020000.00000000.sdmp |
String found in binary or memory: https://www.producthunt.com/posts/steadymouseq |
| Source: SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp, 00000001.00000003.1365559029.000000000244C000.00000004.00001000.00020000.00000000.sdmp, SteadyMouse on Reddit.url.1.dr |
String found in binary or memory: https://www.reddit.com/r/steadymouse/ |
| Source: SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp, 00000001.00000003.1141581852.0000000003360000.00000004.00001000.00020000.00000000.sdmp |
String found in binary or memory: https://www.reddit.com/r/steadymouse/( |
| Source: SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.exe, 00000000.00000003.1138830761.0000000002550000.00000004.00001000.00020000.00000000.sdmp, SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.exe, 00000000.00000003.1370199338.0000000002343000.00000004.00001000.00020000.00000000.sdmp, SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp, 00000001.00000003.1141581852.0000000003360000.00000004.00001000.00020000.00000000.sdmp, SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp, 00000001.00000003.1360715363.0000000006CE6000.00000004.00001000.00020000.00000000.sdmp, SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp, 00000001.00000003.1365559029.00000000023AC000.00000004.00001000.00020000.00000000.sdmp, SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp, 00000001.00000003.1364769379.00000000035D6000.00000004.00001000.00020000.00000000.sdmp, SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp, 00000001.00000003.1366558728.0000000000828000.00000004.00000020.00020000.00000000.sdmp, SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp, 00000001.00000002.1367404811.000000000018E000.00000004.00000010.00020000.00000000.sdmp, notepad.exe, 0000001D.00000002.2390484285.0000000000798000.00000004.00000020.00020000.00000000.sdmp, is-M4DE7.tmp.1.dr |
String found in binary or memory: https://www.steadymouse.com |
| Source: SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp, 00000001.00000003.1365559029.000000000245A000.00000004.00001000.00020000.00000000.sdmp, View Website.url.1.dr |
String found in binary or memory: https://www.steadymouse.com/ |
| Source: SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp, 00000001.00000003.1141581852.0000000003360000.00000004.00001000.00020000.00000000.sdmp |
String found in binary or memory: https://www.steadymouse.com/( |
| Source: SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.exe, 00000000.00000003.1138830761.0000000002550000.00000004.00001000.00020000.00000000.sdmp, SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp, 00000001.00000003.1141581852.0000000003360000.00000004.00001000.00020000.00000000.sdmp |
String found in binary or memory: https://www.steadymouse.com/8https://www.steadymouse.com/8https://www.steadymouse.com/ |
| Source: SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.exe, 00000000.00000003.1138830761.0000000002550000.00000004.00001000.00020000.00000000.sdmp, SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.exe, 00000000.00000003.1370199338.0000000002343000.00000004.00001000.00020000.00000000.sdmp, SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp, 00000001.00000003.1141581852.0000000003360000.00000004.00001000.00020000.00000000.sdmp, SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp, 00000001.00000003.1365559029.00000000023AC000.00000004.00001000.00020000.00000000.sdmp, SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp, 00000001.00000003.1364769379.00000000035D6000.00000004.00001000.00020000.00000000.sdmp, SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp, 00000001.00000003.1366558728.0000000000828000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://www.steadymouse.com/purchase/ |
| Source: SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp, 00000001.00000003.1365559029.00000000023F5000.00000004.00001000.00020000.00000000.sdmp, Purchase Full Version.url.1.dr |
String found in binary or memory: https://www.steadymouse.com/purchase/#buynow |
| Source: SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp, 00000001.00000003.1141581852.0000000003360000.00000004.00001000.00020000.00000000.sdmp |
String found in binary or memory: https://www.steadymouse.com/purchase/#buynow( |
| Source: SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.exe, 00000000.00000003.1370199338.00000000023BA000.00000004.00001000.00020000.00000000.sdmp, SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp, 00000001.00000003.1365559029.000000000245A000.00000004.00001000.00020000.00000000.sdmp |
String found in binary or memory: https://www.steadymouse.com/q |
| Source: SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.exe, 00000000.00000003.1138830761.0000000002550000.00000004.00001000.00020000.00000000.sdmp, SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.exe, 00000000.00000003.1370199338.0000000002343000.00000004.00001000.00020000.00000000.sdmp, SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp, 00000001.00000003.1141581852.0000000003360000.00000004.00001000.00020000.00000000.sdmp, SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp, 00000001.00000003.1365559029.00000000023AC000.00000004.00001000.00020000.00000000.sdmp, SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp, 00000001.00000003.1364769379.00000000035D6000.00000004.00001000.00020000.00000000.sdmp, SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp, 00000001.00000003.1366558728.0000000000828000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://www.steadymouse.com/troubleshooting/ |
| Source: C:\Windows\SysWOW64\taskkill.exe |
WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process WHERE ( Caption = "SteadyMouse.exe") |
| Source: C:\Windows\SysWOW64\taskkill.exe |
WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process WHERE ( Caption = "SteadyMouse.exe") |
| Source: C:\Windows\SysWOW64\taskkill.exe |
WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process WHERE ( Caption = "SteadyMouse.exe") |
| Source: C:\Windows\SysWOW64\taskkill.exe |
WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process WHERE ( Caption = "SteadyMouse.exe") |
| Source: C:\Windows\SysWOW64\taskkill.exe |
WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process WHERE ( Caption = "SteadyMouse.exe") |
| Source: C:\Windows\SysWOW64\taskkill.exe |
WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process WHERE ( Caption = "SteadyMouse.exe") |
| Source: C:\Windows\SysWOW64\taskkill.exe |
WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process WHERE ( Caption = "SteadyMouse.exe") |
| Source: C:\Windows\SysWOW64\taskkill.exe |
WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process WHERE ( Caption = "SteadyMouse.exe") |
| Source: unknown |
Process created: C:\Users\user\Desktop\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.exe "C:\Users\user\Desktop\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.exe" |
|
| Source: C:\Users\user\Desktop\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.exe |
Process created: C:\Users\user\AppData\Local\Temp\is-03N37.tmp\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp "C:\Users\user\AppData\Local\Temp\is-03N37.tmp\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp" /SL5="$30324,2152528,535552,C:\Users\user\Desktop\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.exe" |
|
| Source: C:\Users\user\AppData\Local\Temp\is-03N37.tmp\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp |
Process created: C:\Windows\SysWOW64\taskkill.exe "C:\Windows\System32\taskkill.exe" /f /im SteadyMouse.exe |
|
| Source: C:\Windows\SysWOW64\taskkill.exe |
Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 |
|
| Source: C:\Users\user\AppData\Local\Temp\is-03N37.tmp\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp |
Process created: C:\Windows\SysWOW64\taskkill.exe "C:\Windows\System32\taskkill.exe" /f /im SteadyMouse.exe |
|
| Source: C:\Windows\SysWOW64\taskkill.exe |
Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 |
|
| Source: C:\Users\user\AppData\Local\Temp\is-03N37.tmp\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp |
Process created: C:\Windows\SysWOW64\taskkill.exe "C:\Windows\system32\taskkill.exe" /f /im SteadyMouse.exe |
|
| Source: C:\Windows\SysWOW64\taskkill.exe |
Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 |
|
| Source: C:\Users\user\AppData\Local\Temp\is-03N37.tmp\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp |
Process created: C:\Windows\SysWOW64\taskkill.exe "C:\Windows\system32\taskkill.exe" /f /im SteadyMouse.exe |
|
| Source: C:\Windows\SysWOW64\taskkill.exe |
Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 |
|
| Source: C:\Users\user\AppData\Local\Temp\is-03N37.tmp\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp |
Process created: C:\Windows\SysWOW64\taskkill.exe "C:\Windows\system32\taskkill.exe" /f /im SteadyMouse.exe |
|
| Source: C:\Windows\SysWOW64\taskkill.exe |
Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 |
|
| Source: C:\Users\user\AppData\Local\Temp\is-03N37.tmp\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp |
Process created: C:\Windows\SysWOW64\taskkill.exe "C:\Windows\system32\taskkill.exe" /f /im SteadyMouse.exe |
|
| Source: C:\Windows\SysWOW64\taskkill.exe |
Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 |
|
| Source: C:\Users\user\AppData\Local\Temp\is-03N37.tmp\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp |
Process created: C:\Windows\SysWOW64\taskkill.exe "C:\Windows\system32\taskkill.exe" /f /im SteadyMouse.exe |
|
| Source: C:\Windows\SysWOW64\taskkill.exe |
Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 |
|
| Source: C:\Users\user\AppData\Local\Temp\is-03N37.tmp\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp |
Process created: C:\Windows\SysWOW64\taskkill.exe "C:\Windows\system32\taskkill.exe" /f /im SteadyMouse.exe |
|
| Source: C:\Windows\SysWOW64\taskkill.exe |
Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 |
|
| Source: C:\Users\user\AppData\Local\Temp\is-03N37.tmp\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp |
Process created: C:\Windows\SysWOW64\notepad.exe "C:\Windows\system32\NOTEPAD.EXE" C:\Program Files (x86)\SteadyMouse\README.txt |
|
| Source: C:\Users\user\AppData\Local\Temp\is-03N37.tmp\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp |
Process created: C:\Program Files (x86)\SteadyMouse\SteadyMouse.exe "C:\Program Files (x86)\SteadyMouse\SteadyMouse.exe" |
|
| Source: C:\Users\user\Desktop\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.exe |
Process created: C:\Users\user\AppData\Local\Temp\is-03N37.tmp\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp "C:\Users\user\AppData\Local\Temp\is-03N37.tmp\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp" /SL5="$30324,2152528,535552,C:\Users\user\Desktop\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.exe" |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-03N37.tmp\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp |
Process created: C:\Windows\SysWOW64\taskkill.exe "C:\Windows\System32\taskkill.exe" /f /im SteadyMouse.exe |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-03N37.tmp\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp |
Process created: C:\Windows\SysWOW64\taskkill.exe "C:\Windows\System32\taskkill.exe" /f /im SteadyMouse.exe |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-03N37.tmp\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp |
Process created: C:\Windows\SysWOW64\taskkill.exe "C:\Windows\system32\taskkill.exe" /f /im SteadyMouse.exe |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-03N37.tmp\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp |
Process created: C:\Windows\SysWOW64\taskkill.exe "C:\Windows\system32\taskkill.exe" /f /im SteadyMouse.exe |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-03N37.tmp\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp |
Process created: C:\Windows\SysWOW64\taskkill.exe "C:\Windows\system32\taskkill.exe" /f /im SteadyMouse.exe |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-03N37.tmp\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp |
Process created: C:\Windows\SysWOW64\taskkill.exe "C:\Windows\system32\taskkill.exe" /f /im SteadyMouse.exe |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-03N37.tmp\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp |
Process created: C:\Windows\SysWOW64\taskkill.exe "C:\Windows\system32\taskkill.exe" /f /im SteadyMouse.exe |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-03N37.tmp\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp |
Process created: C:\Windows\SysWOW64\taskkill.exe "C:\Windows\system32\taskkill.exe" /f /im SteadyMouse.exe |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-03N37.tmp\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp |
Process created: C:\Windows\SysWOW64\notepad.exe "C:\Windows\system32\NOTEPAD.EXE" C:\Program Files (x86)\SteadyMouse\README.txt |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-03N37.tmp\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp |
Process created: C:\Program Files (x86)\SteadyMouse\SteadyMouse.exe "C:\Program Files (x86)\SteadyMouse\SteadyMouse.exe" |
Jump to behavior |
| Source: C:\Users\user\Desktop\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.exe |
Section loaded: uxtheme.dll |
Jump to behavior |
| Source: C:\Users\user\Desktop\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.exe |
Section loaded: apphelp.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-03N37.tmp\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp |
Section loaded: msimg32.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-03N37.tmp\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp |
Section loaded: version.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-03N37.tmp\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp |
Section loaded: mpr.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-03N37.tmp\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp |
Section loaded: uxtheme.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-03N37.tmp\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp |
Section loaded: kernel.appcore.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-03N37.tmp\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp |
Section loaded: textinputframework.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-03N37.tmp\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp |
Section loaded: coreuicomponents.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-03N37.tmp\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp |
Section loaded: coremessaging.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-03N37.tmp\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp |
Section loaded: ntmarta.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-03N37.tmp\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp |
Section loaded: wintypes.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-03N37.tmp\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp |
Section loaded: wintypes.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-03N37.tmp\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp |
Section loaded: wintypes.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-03N37.tmp\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp |
Section loaded: textshaping.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-03N37.tmp\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp |
Section loaded: dwmapi.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-03N37.tmp\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp |
Section loaded: windows.storage.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-03N37.tmp\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp |
Section loaded: wldp.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-03N37.tmp\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp |
Section loaded: profapi.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-03N37.tmp\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp |
Section loaded: shfolder.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-03N37.tmp\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp |
Section loaded: rstrtmgr.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-03N37.tmp\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp |
Section loaded: ncrypt.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-03N37.tmp\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp |
Section loaded: ntasn1.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-03N37.tmp\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp |
Section loaded: propsys.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-03N37.tmp\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp |
Section loaded: edputil.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-03N37.tmp\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp |
Section loaded: urlmon.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-03N37.tmp\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp |
Section loaded: iertutil.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-03N37.tmp\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp |
Section loaded: srvcli.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-03N37.tmp\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp |
Section loaded: netutils.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-03N37.tmp\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp |
Section loaded: windows.staterepositoryps.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-03N37.tmp\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp |
Section loaded: sspicli.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-03N37.tmp\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp |
Section loaded: appresolver.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-03N37.tmp\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp |
Section loaded: bcp47langs.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-03N37.tmp\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp |
Section loaded: slc.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-03N37.tmp\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp |
Section loaded: userenv.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-03N37.tmp\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp |
Section loaded: sppc.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-03N37.tmp\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp |
Section loaded: onecorecommonproxystub.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-03N37.tmp\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp |
Section loaded: onecoreuapcommonproxystub.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-03N37.tmp\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp |
Section loaded: msftedit.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-03N37.tmp\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp |
Section loaded: windows.globalization.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-03N37.tmp\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp |
Section loaded: bcp47mrm.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-03N37.tmp\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp |
Section loaded: globinputhost.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-03N37.tmp\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp |
Section loaded: windows.ui.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-03N37.tmp\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp |
Section loaded: windowmanagementapi.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-03N37.tmp\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp |
Section loaded: inputhost.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-03N37.tmp\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp |
Section loaded: twinapi.appcore.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-03N37.tmp\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp |
Section loaded: twinapi.appcore.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-03N37.tmp\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp |
Section loaded: explorerframe.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-03N37.tmp\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp |
Section loaded: sfc.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-03N37.tmp\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp |
Section loaded: sfc_os.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-03N37.tmp\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp |
Section loaded: linkinfo.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-03N37.tmp\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp |
Section loaded: ntshrui.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-03N37.tmp\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp |
Section loaded: cscapi.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-03N37.tmp\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp |
Section loaded: policymanager.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-03N37.tmp\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp |
Section loaded: msvcp110_win.dll |
Jump to behavior |
| Source: C:\Users\user\AppData\Local\Temp\is-03N37.tmp\SetupSteadyMouse1.3_ObsoleteFreeVersionRepackaged.tmp |
Section loaded: apphelp.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: version.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: mpr.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: framedynos.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: dbghelp.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: sspicli.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: srvcli.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: netutils.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: sspicli.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: kernel.appcore.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: wbemcomn.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: winsta.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: amsi.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: userenv.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: profapi.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: version.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: mpr.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: framedynos.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: dbghelp.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: sspicli.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: srvcli.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: netutils.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: kernel.appcore.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: wbemcomn.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: winsta.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: amsi.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: userenv.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: profapi.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: version.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: mpr.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: framedynos.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: dbghelp.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: sspicli.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: srvcli.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: netutils.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: sspicli.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: kernel.appcore.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: wbemcomn.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: winsta.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: amsi.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: userenv.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: profapi.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: version.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: mpr.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: framedynos.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: dbghelp.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: sspicli.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: sspicli.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: srvcli.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: netutils.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: kernel.appcore.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: wbemcomn.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: winsta.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: amsi.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: userenv.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: profapi.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: version.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: mpr.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: framedynos.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: dbghelp.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: sspicli.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: srvcli.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: netutils.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: sspicli.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: kernel.appcore.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: wbemcomn.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: winsta.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: amsi.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: userenv.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: profapi.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: version.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: mpr.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: framedynos.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: dbghelp.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: sspicli.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: srvcli.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: netutils.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: sspicli.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: kernel.appcore.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: wbemcomn.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: winsta.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: amsi.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: userenv.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: profapi.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: version.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: mpr.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: framedynos.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: dbghelp.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: sspicli.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: srvcli.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: netutils.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: sspicli.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: kernel.appcore.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: wbemcomn.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: winsta.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: amsi.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: userenv.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: profapi.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: version.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: mpr.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: framedynos.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: dbghelp.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: sspicli.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: srvcli.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: netutils.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: sspicli.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: kernel.appcore.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: wbemcomn.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: winsta.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: amsi.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: userenv.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\taskkill.exe |
Section loaded: profapi.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\notepad.exe |
Section loaded: kernel.appcore.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\notepad.exe |
Section loaded: uxtheme.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\notepad.exe |
Section loaded: mrmcorer.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\notepad.exe |
Section loaded: windows.storage.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\notepad.exe |
Section loaded: wldp.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\notepad.exe |
Section loaded: textshaping.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\notepad.exe |
Section loaded: efswrt.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\notepad.exe |
Section loaded: mpr.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\notepad.exe |
Section loaded: wintypes.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\notepad.exe |
Section loaded: twinapi.appcore.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\notepad.exe |
Section loaded: oleacc.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\notepad.exe |
Section loaded: textinputframework.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\notepad.exe |
Section loaded: coreuicomponents.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\notepad.exe |
Section loaded: coremessaging.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\notepad.exe |
Section loaded: ntmarta.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\notepad.exe |
Section loaded: urlmon.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\notepad.exe |
Section loaded: iertutil.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\notepad.exe |
Section loaded: srvcli.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\notepad.exe |
Section loaded: netutils.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\notepad.exe |
Section loaded: propsys.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\notepad.exe |
Section loaded: policymanager.dll |
Jump to behavior |
| Source: C:\Windows\SysWOW64\notepad.exe |
Section loaded: msvcp110_win.dll |
Jump to behavior |
| Source: C:\Program Files (x86)\SteadyMouse\SteadyMouse.exe |
Section loaded: apphelp.dll |
Jump to behavior |
| Source: C:\Program Files (x86)\SteadyMouse\SteadyMouse.exe |
Section loaded: mousehook.dll |
Jump to behavior |
| Source: C:\Program Files (x86)\SteadyMouse\SteadyMouse.exe |
Section loaded: msvcr70.dll |
Jump to behavior |
| Source: C:\Program Files (x86)\SteadyMouse\SteadyMouse.exe |
Section loaded: mfc70.dll |
Jump to behavior |
| Source: C:\Program Files (x86)\SteadyMouse\SteadyMouse.exe |
Section loaded: winmm.dll |
Jump to behavior |
| Source: C:\Program Files (x86)\SteadyMouse\SteadyMouse.exe |
Section loaded: mfc70eng.dll |
Jump to behavior |
| Source: C:\Program Files (x86)\SteadyMouse\SteadyMouse.exe |
Section loaded: mfc70enu.dll |
Jump to behavior |
| Source: C:\Program Files (x86)\SteadyMouse\SteadyMouse.exe |
Section loaded: mfc70eng.dll |
Jump to behavior |
| Source: C:\Program Files (x86)\SteadyMouse\SteadyMouse.exe |
Section loaded: mfc70enu.dll |
Jump to behavior |
| Source: C:\Program Files (x86)\SteadyMouse\SteadyMouse.exe |
Section loaded: mfc70loc.dll |
Jump to behavior |
| Source: C:\Program Files (x86)\SteadyMouse\SteadyMouse.exe |
Section loaded: uxtheme.dll |
Jump to behavior |
| Source: C:\Program Files (x86)\SteadyMouse\SteadyMouse.exe |
Section loaded: windows.storage.dll |
Jump to behavior |
| Source: C:\Program Files (x86)\SteadyMouse\SteadyMouse.exe |
Section loaded: wldp.dll |
Jump to behavior |
| Source: C:\Program Files (x86)\SteadyMouse\SteadyMouse.exe |
Section loaded: profapi.dll |
Jump to behavior |
| Source: C:\Program Files (x86)\SteadyMouse\SteadyMouse.exe |
Section loaded: textshaping.dll |
Jump to behavior |
| Source: C:\Program Files (x86)\SteadyMouse\SteadyMouse.exe |
Section loaded: kernel.appcore.dll |
Jump to behavior |
| Source: C:\Program Files (x86)\SteadyMouse\SteadyMouse.exe |
Section loaded: textinputframework.dll |
Jump to behavior |
| Source: C:\Program Files (x86)\SteadyMouse\SteadyMouse.exe |
Section loaded: coreuicomponents.dll |
Jump to behavior |
| Source: C:\Program Files (x86)\SteadyMouse\SteadyMouse.exe |
Section loaded: coremessaging.dll |
Jump to behavior |
| Source: C:\Program Files (x86)\SteadyMouse\SteadyMouse.exe |
Section loaded: ntmarta.dll |
Jump to behavior |
| Source: C:\Program Files (x86)\SteadyMouse\SteadyMouse.exe |
Section loaded: wintypes.dll |
Jump to behavior |
| Source: C:\Program Files (x86)\SteadyMouse\SteadyMouse.exe |
Section loaded: wintypes.dll |
Jump to behavior |
| Source: C:\Program Files (x86)\SteadyMouse\SteadyMouse.exe |
Section loaded: wintypes.dll |
Jump to behavior |
| Source: C:\Program Files (x86)\SteadyMouse\SteadyMouse.exe |
Code function: 30_2_7C016C52 _stat64,_mbspbrk,_errno,__doserrno,_errno,__doserrno,_mbctolower,_getdrive,FindFirstFileA,_mbspbrk,_fullpath,strlen,GetDriveTypeA,_errno,__doserrno,FileTimeToLocalFileTime,FileTimeToSystemTime,FileTimeToLocalFileTime,FileTimeToSystemTime,FileTimeToLocalFileTime,FileTimeToSystemTime,FindClose,GetLastError,FindClose, |
30_2_7C016C52 |
| Source: C:\Program Files (x86)\SteadyMouse\SteadyMouse.exe |
Code function: 30_2_7C009D87 malloc,FindClose,FindFirstFileW,FindNextFileW,FindClose, |
30_2_7C009D87 |
| Source: C:\Program Files (x86)\SteadyMouse\SteadyMouse.exe |
Code function: 30_2_7C015DA9 _wfindfirst,FindFirstFileW,GetLastError,_errno,_errno,_errno,wcscpy, |
30_2_7C015DA9 |
| Source: C:\Program Files (x86)\SteadyMouse\SteadyMouse.exe |
Code function: 30_2_7C017E1B _wstati64,wcspbrk,_errno,__doserrno,_errno,__doserrno,towlower,_getdrive,FindFirstFileW,wcspbrk,_wfullpath,wcslen,GetDriveTypeW,_errno,__doserrno,FileTimeToLocalFileTime,FileTimeToSystemTime,FileTimeToLocalFileTime,FileTimeToSystemTime,FileTimeToLocalFileTime,FileTimeToSystemTime,FindClose,GetLastError,FindClose, |
30_2_7C017E1B |
| Source: C:\Program Files (x86)\SteadyMouse\SteadyMouse.exe |
Code function: 30_2_7C015F6A _wfindfirst64,FindFirstFileW,GetLastError,_errno,_errno,_errno,wcscpy, |
30_2_7C015F6A |
| Source: C:\Program Files (x86)\SteadyMouse\SteadyMouse.exe |
Code function: 30_2_7C016F7D _stati64,_mbspbrk,_errno,__doserrno,_errno,__doserrno,_mbctolower,_getdrive,FindFirstFileA,_mbspbrk,_fullpath,strlen,GetDriveTypeA,_errno,__doserrno,FileTimeToLocalFileTime,FileTimeToSystemTime,FileTimeToLocalFileTime,FileTimeToSystemTime,FileTimeToLocalFileTime,FileTimeToSystemTime,FindClose,GetLastError,FindClose, |
30_2_7C016F7D |
| Source: C:\Program Files (x86)\SteadyMouse\SteadyMouse.exe |
Code function: 30_2_7C009899 malloc,FindClose,FindFirstFileA,FindNextFileA,FindClose, |
30_2_7C009899 |
| Source: C:\Program Files (x86)\SteadyMouse\SteadyMouse.exe |
Code function: 30_2_7C016901 _stat,_mbspbrk,_errno,__doserrno,_errno,__doserrno,_mbctolower,_getdrive,FindFirstFileA,_mbspbrk,_fullpath,strlen,GetDriveTypeA,_errno,__doserrno,FileTimeToLocalFileTime,FileTimeToSystemTime,FileTimeToLocalFileTime,FileTimeToSystemTime,FileTimeToLocalFileTime,FileTimeToSystemTime,FindClose,GetLastError,FindClose, |
30_2_7C016901 |
| Source: C:\Program Files (x86)\SteadyMouse\SteadyMouse.exe |
Code function: 30_2_7C01592E _findfirst64,FindFirstFileA,GetLastError,_errno,_errno,_errno,strcpy, |
30_2_7C01592E |
| Source: C:\Program Files (x86)\SteadyMouse\SteadyMouse.exe |
Code function: 30_2_7C017A60 _wstat64,wcspbrk,_errno,__doserrno,_errno,__doserrno,towlower,_getdrive,FindFirstFileW,wcspbrk,_wfullpath,wcslen,GetDriveTypeW,_errno,__doserrno,FileTimeToLocalFileTime,FileTimeToSystemTime,FileTimeToLocalFileTime,FileTimeToSystemTime,FileTimeToLocalFileTime,FileTimeToSystemTime,FindClose,GetLastError,FindClose, |
30_2_7C017A60 |
| Source: C:\Program Files (x86)\SteadyMouse\SteadyMouse.exe |
Code function: 30_2_7C015B43 _findfirsti64,FindFirstFileA,GetLastError,_errno,_errno,_errno,strcpy, |
30_2_7C015B43 |
| Source: C:\Program Files (x86)\SteadyMouse\SteadyMouse.exe |
Code function: 30_2_7C015707 _findfirst,FindFirstFileA,GetLastError,_errno,_errno,_errno,strcpy, |
30_2_7C015707 |
| Source: C:\Program Files (x86)\SteadyMouse\SteadyMouse.exe |
Code function: 30_2_7C017777 _wstat,wcspbrk,_errno,__doserrno,_errno,__doserrno,towlower,_getdrive,FindFirstFileW,wcspbrk,_wfullpath,wcslen,GetDriveTypeW,_errno,__doserrno,FileTimeToLocalFileTime,FileTimeToSystemTime,FileTimeToLocalFileTime,FileTimeToSystemTime,FileTimeToLocalFileTime,FileTimeToSystemTime,FindClose,GetLastError,FindClose, |
30_2_7C017777 |
| Source: C:\Program Files (x86)\SteadyMouse\SteadyMouse.exe |
Code function: 30_2_7C01617F _wfindfirsti64,FindFirstFileW,GetLastError,_errno,_errno,_errno,wcscpy, |
30_2_7C01617F |
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet