Source: rufus-4.4.exe |
Binary or memory string: autorun.inf |
Source: rufus-4.4.exe |
Binary or memory string: %sautorun.inf |
Source: rufus-4.4.exe |
Binary or memory string: kera boot" t MSG_165 "Klik untuk memilih atau memuat turun imej..." t MSG_166 "Klik kotak ini untuk membenarkan paparan label antarabangsa dan menetapkan ikon cakera (akan membuat fail autorun.inf)" t MSG_167 "Memasang MBR yang membenarkan pilihan boot dan |
Source: rufus-4.4.exe |
Binary or memory string: [autorun] icon = autorun.ico label = %s |
Source: rufus-4.4.exe |
Binary or memory string: Check this box to allow the display of international labels and set a device icon (creates an autorun.inf) |
Source: rufus-4.4.exe |
Binary or memory string: autorun.inf |
Source: rufus-4.4.exe |
Binary or memory string: autorun.inf |
Source: rufus-4.4.exe |
Binary or memory string: (autorun.inf )." t MSG_167 " BIOS USB |
Source: rufus-4.4.exe |
Binary or memory string: 164 "Method that will be used to make the drive bootable" t MSG_165 "Click to select or download an image..." t MSG_166 "Check this box to allow the display of international labels " "and set a device icon (creates an autorun.inf)" t MSG_167 "Install an M |
Source: rufus-4.4.exe |
Binary or memory string: t MSG_166 "Centang kotak ini untuk menampilkan label internasional dan menyetel ikon perangkat (membuat autorun.inf)" t MSG_167 "Menginstal MBR memungkinkan untuk boot dan dapat memanipulasi ID perangkat USB di BIOS" t MSG_168 "Mencoba menyamarkan perangka |
Source: rufus-4.4.exe |
Binary or memory string: stellen (maakt een autorun.inf aan)" t MSG_167 "Installeert een MBR die een opstartselectie toestaat en de BIOS USB-drive ID kan verbergen" t MSG_168 "Probeert de eerste opstartbare USB drive (gewoonlijk 0x80) voor te laten doen als een andere schijf.\nDit |
Source: rufus-4.4.exe |
Binary or memory string: ( autorun.inf)" t MSG_167 " Rufus MBR BIOS USB ID" t |
Source: rufus-4.4.exe |
Binary or memory string: Ignoring 'autorun.inf' label for drive %c: No media |
Source: rufus-4.4.exe |
Binary or memory string: Using 'autorun.inf' label for drive %c: '%s' |
Source: rufus-4.4.exe |
Binary or memory string: [autorun]icon = autorun.icolabel = %s |
Source: rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED40A000.00000040.00000001.01000000.00000006.sdmp |
Binary or memory string: "and set a device icon (creates an autorun.inf)" |
Source: rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED40A000.00000040.00000001.01000000.00000006.sdmp |
Binary or memory string: autorun.inf)" |
Source: rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED40A000.00000040.00000001.01000000.00000006.sdmp |
Binary or memory string: t MSG_166 "Potvrdite ovo da dozvolite prikaz internacionalnih oznaka i napravite ikonu (stvara autorun.inf)" |
Source: rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED40A000.00000040.00000001.01000000.00000006.sdmp |
Binary or memory string: m souboru autorun.inf)" |
Source: rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED40A000.00000040.00000001.01000000.00000006.sdmp |
Binary or memory string: lg denne mulighed for at tillade visning af internationale etiketter og skabe et enheds-ikon (opretter en autorun.inf)" |
Source: rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED40A000.00000040.00000001.01000000.00000006.sdmp |
Binary or memory string: t MSG_166 "Aanvinken om weergave van internationale labels toe te laten en een apparaat-pictogram in te stellen (maakt een autorun.inf aan)" |
Source: rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED40A000.00000040.00000001.01000000.00000006.sdmp |
Binary or memory string: misen ja asettaaksesi laitekuvakkeen (luo autorun.inf-tiedoston)" |
Source: rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED40A000.00000040.00000001.01000000.00000006.sdmp |
Binary or memory string: e un fichier autorun.inf)" |
Source: rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED40A000.00000040.00000001.01000000.00000006.sdmp |
Binary or memory string: tesymbol zu erzeugen (autorun.inf)" |
Source: rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED40A000.00000040.00000001.01000000.00000006.sdmp |
Binary or memory string: hoz (egy autorun.inf f |
Source: rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED40A000.00000040.00000001.01000000.00000006.sdmp |
Binary or memory string: t MSG_166 "Centang kotak ini untuk menampilkan label internasional dan menyetel ikon perangkat (membuat autorun.inf)" |
Source: rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED40A000.00000040.00000001.01000000.00000006.sdmp |
Binary or memory string: un file autorun.inf)" |
Source: rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED40A000.00000040.00000001.01000000.00000006.sdmp |
Binary or memory string: autorun.inf |
Source: rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED40A000.00000040.00000001.01000000.00000006.sdmp |
Binary or memory string: (autorun.inf |
Source: rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED40A000.00000040.00000001.01000000.00000006.sdmp |
Binary or memory string: ces ikonas izveidei (tiek izveidots fails autorun.inf)" |
Source: rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED40A000.00000040.00000001.01000000.00000006.sdmp |
Binary or memory string: (sukuria autorun.inf)" |
Source: rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED40A000.00000040.00000001.01000000.00000006.sdmp |
Binary or memory string: t MSG_166 "Klik kotak ini untuk membenarkan paparan label antarabangsa dan menetapkan ikon cakera (akan membuat fail autorun.inf)" |
Source: rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED40A000.00000040.00000001.01000000.00000006.sdmp |
Binary or memory string: tillate visning av internasjonal merkelapp og lage et stasjonsikon (lager en autorun.inf)" |
Source: rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED40A000.00000040.00000001.01000000.00000006.sdmp |
Binary or memory string: autorun.inf" |
Source: rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED40A000.00000040.00000001.01000000.00000006.sdmp |
Binary or memory string: dzenia (tworzy plik autorun.inf)" |
Source: rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED40A000.00000040.00000001.01000000.00000006.sdmp |
Binary or memory string: cone para a unidade (cria um arquivo autorun.inf)" |
Source: rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED40A000.00000040.00000001.01000000.00000006.sdmp |
Binary or memory string: cone para a unidade (cria um ficheiro autorun.inf)" |
Source: rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED40A000.00000040.00000001.01000000.00000006.sdmp |
Binary or memory string: ier autorun.inf)" |
Source: rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED40A000.00000040.00000001.01000000.00000006.sdmp |
Binary or memory string: uje autorun.inf)" |
Source: rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED40A000.00000040.00000001.01000000.00000006.sdmp |
Binary or memory string: boru autorun.inf)" |
Source: rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED40A000.00000040.00000001.01000000.00000006.sdmp |
Binary or memory string: iti prikaz \"mednarodnih\" oznak nosilca in nastaviti ikono za napravo (to ustvari datoteko autorun.inf)." |
Source: rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED40A000.00000040.00000001.01000000.00000006.sdmp |
Binary or memory string: n para permitir que se muestren caracteres internacionales y establecer un icono para la unidad (crea un archivo autorun.inf)" |
Source: rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED40A000.00000040.00000001.01000000.00000006.sdmp |
Binary or memory string: tta en enhetsikon (en autorun.inf skapas)" |
Source: rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED40A000.00000040.00000001.01000000.00000006.sdmp |
Binary or memory string: autorun.inf |
Source: rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED40A000.00000040.00000001.01000000.00000006.sdmp |
Binary or memory string: t simgesini belirleyin (autorun.inf olu |
Source: rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED40A000.00000040.00000001.01000000.00000006.sdmp |
Binary or memory string: o autorun.inf)" |
Source: rufus-4.4.exe, 0000000B.00000002.68343560865.0000026DEC0C5000.00000004.00000020.00020000.00000000.sdmp |
Binary or memory string: Check this box to allow the display of international labels and set a device icon (creates an autorun.inf) |
Source: rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED2E1000.00000040.00000001.01000000.00000006.sdmp |
Binary or memory string: Ignoring 'autorun.inf' label for drive %c: No media |
Source: rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED2E1000.00000040.00000001.01000000.00000006.sdmp |
Binary or memory string: Using 'autorun.inf' label for drive %c: '%s' |
Source: rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED2E1000.00000040.00000001.01000000.00000006.sdmp |
Binary or memory string: Unable to load '%S.dll': %sNtQueryVolumeInformationFileGetLogicalDriveStrings failed: %sGetLogicalDriveStrings: Buffer too small (required %lu vs. %zu)\\.\%c:Warning: Time-out while trying to query drive %cFailed to get a drive letterNo drive letter was assigned...ABORTED: Cannot use an image that is located on the target drive!Failed to delete mountpoint %s: %sNO_LABELlabelIgnoring 'autorun.inf' label for drive %c: No mediaUsing 'autorun.inf' label for drive %c: '%s'%s does not have a Boot Marker%s has a %s Master Boot Record%s has an unknown Master Boot RecordPartition Boot RecordVolume does not have an x86 %sDrive has a %s %sVolume has an unknown FAT16 or FAT32 %sVolume has an unknown %sCould not get layout for drive 0x%02x: %s(Unrecognized)UDFISO9660APFSHFS/HFS+extext2ext3ext4CD001NXSBBEA01exFATNTFSReFSFATFAT12FAT16FAT32Could not unmount drive: %sCould not mount %s as %c:%s was successfully mounted as %c:%s is already mounted, but volume GUID could not be checked: %s%s is mounted, but volume GUID doesn't match: |
Source: rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED2E1000.00000040.00000001.01000000.00000006.sdmp |
Binary or memory string: %sautorun.inf |
Source: rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED2E1000.00000040.00000001.01000000.00000006.sdmp |
Binary or memory string: ?iconUnable to create icon '%s': %s.Could not write icon header: %s.Could not write ICONDIRENTRY[%d]: %s.Could not write ICONDIRENTRY[%d] offset: %s.Could not write icon data #%d: %s.Created: %s%sautorun.infr%s already exists - keeping itw, ccs=UTF-16LEUnable to create %sNOTE: This may be caused by a poorly designed security solution. See https://goo.gl/QTobxX.; Created by %s |
Source: rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED2E1000.00000040.00000001.01000000.00000006.sdmp |
Binary or memory string: [autorun] |
Source: rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED2E1000.00000040.00000001.01000000.00000006.sdmp |
Binary or memory string: autorun.inf |
Source: rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED2E1000.00000040.00000001.01000000.00000006.sdmp |
Binary or memory string: Error allocating file name%s%s/%sRufus%s/syslinux-%s/%s Replaced with local version %s Could not replace file: %s File name sanitized to '%s' Unable to create file: %sautorun.inf NOTE: This is usually caused by a poorly designed security solution. See https://bit.ly/40qDtyF. |
Source: rufus-4.4.exe, 0000000B.00000002.68343762638.0000026DEDBDF000.00000004.00000020.00020000.00000000.sdmp |
Binary or memory string: Check this box to allow the display of international labels and set a device icon (creates an autorun.inf)Y*V |
Source: rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED3EA000.00000040.00000001.01000000.00000006.sdmp |
Binary or memory string: Check this box to allow the display of international labels and set a device icon (creates an autorun.inf) |
Source: rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED3EA000.00000040.00000001.01000000.00000006.sdmp |
Binary or memory string: Download ISO Image use the "slow" format methodMethod that will be used to make the drive bootableClick to select or download an image...Check this box to allow the display of international labels and set a device icon (creates an autorun.inf)Install an MBR that allows boot selection and can masquerade the BIOS USB drive IDTry to masquerade first bootable USB drive (usually 0x80) as a different disk. |
Source: RufA552.tmp.11.dr |
Binary or memory string: "and set a device icon (creates an autorun.inf)" |
Source: RufA552.tmp.11.dr |
Binary or memory string: autorun.inf)" |
Source: RufA552.tmp.11.dr |
Binary or memory string: t MSG_166 "Potvrdite ovo da dozvolite prikaz internacionalnih oznaka i napravite ikonu (stvara autorun.inf)" |
Source: RufA552.tmp.11.dr |
Binary or memory string: m souboru autorun.inf)" |
Source: RufA552.tmp.11.dr |
Binary or memory string: lg denne mulighed for at tillade visning af internationale etiketter og skabe et enheds-ikon (opretter en autorun.inf)" |
Source: RufA552.tmp.11.dr |
Binary or memory string: t MSG_166 "Aanvinken om weergave van internationale labels toe te laten en een apparaat-pictogram in te stellen (maakt een autorun.inf aan)" |
Source: RufA552.tmp.11.dr |
Binary or memory string: misen ja asettaaksesi laitekuvakkeen (luo autorun.inf-tiedoston)" |
Source: RufA552.tmp.11.dr |
Binary or memory string: e un fichier autorun.inf)" |
Source: RufA552.tmp.11.dr |
Binary or memory string: tesymbol zu erzeugen (autorun.inf)" |
Source: RufA552.tmp.11.dr |
Binary or memory string: hoz (egy autorun.inf f |
Source: RufA552.tmp.11.dr |
Binary or memory string: t MSG_166 "Centang kotak ini untuk menampilkan label internasional dan menyetel ikon perangkat (membuat autorun.inf)" |
Source: RufA552.tmp.11.dr |
Binary or memory string: un file autorun.inf)" |
Source: RufA552.tmp.11.dr |
Binary or memory string: autorun.inf |
Source: RufA552.tmp.11.dr |
Binary or memory string: (autorun.inf |
Source: RufA552.tmp.11.dr |
Binary or memory string: ces ikonas izveidei (tiek izveidots fails autorun.inf)" |
Source: RufA552.tmp.11.dr |
Binary or memory string: (sukuria autorun.inf)" |
Source: RufA552.tmp.11.dr |
Binary or memory string: t MSG_166 "Klik kotak ini untuk membenarkan paparan label antarabangsa dan menetapkan ikon cakera (akan membuat fail autorun.inf)" |
Source: RufA552.tmp.11.dr |
Binary or memory string: tillate visning av internasjonal merkelapp og lage et stasjonsikon (lager en autorun.inf)" |
Source: RufA552.tmp.11.dr |
Binary or memory string: autorun.inf" |
Source: RufA552.tmp.11.dr |
Binary or memory string: dzenia (tworzy plik autorun.inf)" |
Source: RufA552.tmp.11.dr |
Binary or memory string: cone para a unidade (cria um arquivo autorun.inf)" |
Source: RufA552.tmp.11.dr |
Binary or memory string: cone para a unidade (cria um ficheiro autorun.inf)" |
Source: RufA552.tmp.11.dr |
Binary or memory string: ier autorun.inf)" |
Source: RufA552.tmp.11.dr |
Binary or memory string: uje autorun.inf)" |
Source: RufA552.tmp.11.dr |
Binary or memory string: boru autorun.inf)" |
Source: RufA552.tmp.11.dr |
Binary or memory string: iti prikaz \"mednarodnih\" oznak nosilca in nastaviti ikono za napravo (to ustvari datoteko autorun.inf)." |
Source: RufA552.tmp.11.dr |
Binary or memory string: n para permitir que se muestren caracteres internacionales y establecer un icono para la unidad (crea un archivo autorun.inf)" |
Source: RufA552.tmp.11.dr |
Binary or memory string: tta en enhetsikon (en autorun.inf skapas)" |
Source: RufA552.tmp.11.dr |
Binary or memory string: autorun.inf |
Source: RufA552.tmp.11.dr |
Binary or memory string: t simgesini belirleyin (autorun.inf olu |
Source: RufA552.tmp.11.dr |
Binary or memory string: o autorun.inf)" |
Source: rufus-4.4.exe, 0000000B.00000002.68342609287.0000026DEBE97000.00000004.00000020.00020000.00000000.sdmp, Unconfirmed 379648.crdownload.0.dr |
String found in binary or memory: http://crl.comodoca.com/AAACertificateServices.crl04 |
Source: rufus-4.4.exe, 0000000B.00000002.68342609287.0000026DEBE97000.00000004.00000020.00020000.00000000.sdmp, Unconfirmed 379648.crdownload.0.dr |
String found in binary or memory: http://crl.sectigo.com/SectigoPublicCodeSigningCAEVR36.crl0 |
Source: rufus-4.4.exe, 0000000B.00000002.68342609287.0000026DEBE97000.00000004.00000020.00020000.00000000.sdmp, Unconfirmed 379648.crdownload.0.dr |
String found in binary or memory: http://crl.sectigo.com/SectigoPublicCodeSigningRootR46.crl0 |
Source: rufus-4.4.exe, 0000000B.00000002.68342609287.0000026DEBE97000.00000004.00000020.00020000.00000000.sdmp, Unconfirmed 379648.crdownload.0.dr |
String found in binary or memory: http://crt.sectigo.com/SectigoPublicCodeSigningCAEVR36.crt0# |
Source: rufus-4.4.exe, 0000000B.00000002.68342609287.0000026DEBE97000.00000004.00000020.00020000.00000000.sdmp, Unconfirmed 379648.crdownload.0.dr |
String found in binary or memory: http://crt.sectigo.com/SectigoPublicCodeSigningRootR46.p7c0# |
Source: rufus-4.4.exe, rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED2E1000.00000040.00000001.01000000.00000006.sdmp |
String found in binary or memory: http://e2fsprogs.sourceforge.net/ |
Source: rufus-4.4.exe, rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED40A000.00000040.00000001.01000000.00000006.sdmp |
String found in binary or memory: http://freedos.sourceforge.net/freecom |
Source: rufus-4.4.exe, rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED2E1000.00000040.00000001.01000000.00000006.sdmp |
String found in binary or memory: http://fsf.org/ |
Source: rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED40A000.00000040.00000001.01000000.00000006.sdmp, RufA552.tmp.11.dr |
String found in binary or memory: http://halamix2.pl |
Source: rufus-4.4.exe, rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED2E1000.00000040.00000001.01000000.00000006.sdmp |
String found in binary or memory: http://ms-sys.sourceforge.net/ |
Source: rufus-4.4.exe, 0000000B.00000002.68342609287.0000026DEBE97000.00000004.00000020.00020000.00000000.sdmp, Unconfirmed 379648.crdownload.0.dr |
String found in binary or memory: http://ocsp.comodoca.com0 |
Source: rufus-4.4.exe, 0000000B.00000002.68342609287.0000026DEBE97000.00000004.00000020.00020000.00000000.sdmp, Unconfirmed 379648.crdownload.0.dr |
String found in binary or memory: http://ocsp.sectigo.com0 |
Source: rufus-4.4.exe, 0000000B.00000002.68342609287.0000026DEBE97000.00000004.00000020.00020000.00000000.sdmp, Unconfirmed 379648.crdownload.0.dr |
String found in binary or memory: http://ocsp.sectigo.com0$ |
Source: rufus-4.4.exe, 0000000B.00000002.68342609287.0000026DEBE97000.00000004.00000020.00020000.00000000.sdmp, Unconfirmed 379648.crdownload.0.dr |
String found in binary or memory: http://s.symcb.com/universal-root.crl0 |
Source: rufus-4.4.exe, 0000000B.00000002.68342609287.0000026DEBE97000.00000004.00000020.00020000.00000000.sdmp, Unconfirmed 379648.crdownload.0.dr |
String found in binary or memory: http://s.symcd.com06 |
Source: rufus-4.4.exe, 0000000B.00000002.68342609287.0000026DEBE97000.00000004.00000020.00020000.00000000.sdmp, Unconfirmed 379648.crdownload.0.dr |
String found in binary or memory: http://ts-aia.ws.symantec.com/sha256-tss-ca.cer0( |
Source: rufus-4.4.exe, 0000000B.00000002.68342609287.0000026DEBE97000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: http://ts-crl.ws.symantec.com/sha256-tss-ca |
Source: rufus-4.4.exe, 0000000B.00000002.68342609287.0000026DEBE97000.00000004.00000020.00020000.00000000.sdmp, Unconfirmed 379648.crdownload.0.dr |
String found in binary or memory: http://ts-crl.ws.symantec.com/sha256-tss-ca.crl0 |
Source: rufus-4.4.exe, 0000000B.00000002.68342609287.0000026DEBE97000.00000004.00000020.00020000.00000000.sdmp, Unconfirmed 379648.crdownload.0.dr |
String found in binary or memory: http://ts-ocsp.ws.symantec.com0; |
Source: rufus-4.4.exe, rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED2E1000.00000040.00000001.01000000.00000006.sdmp |
String found in binary or memory: http://www.ridgecrop.demon.co.uk/index.htm?fat32format.htm |
Source: rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED2E1000.00000040.00000001.01000000.00000006.sdmp |
String found in binary or memory: https://7-zip.org/ |
Source: rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED2E1000.00000040.00000001.01000000.00000006.sdmp |
String found in binary or memory: https://7-zip.org/openESPWarning: |
Source: rufus-4.4.exe, rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED2E1000.00000040.00000001.01000000.00000006.sdmp |
String found in binary or memory: https://axialis.com/ |
Source: rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED2E1000.00000040.00000001.01000000.00000006.sdmp |
String found in binary or memory: https://bit.ly/40qDtyF. |
Source: rufus-4.4.exe, 0000000B.00000002.68342609287.0000026DEBE97000.00000004.00000020.00020000.00000000.sdmp, Unconfirmed 379648.crdownload.0.dr |
String found in binary or memory: https://d.symcb.com/cps0% |
Source: rufus-4.4.exe, 0000000B.00000002.68342609287.0000026DEBE97000.00000004.00000020.00020000.00000000.sdmp, Unconfirmed 379648.crdownload.0.dr |
String found in binary or memory: https://d.symcb.com/rpa0 |
Source: rufus-4.4.exe, 0000000B.00000002.68342609287.0000026DEBE97000.00000004.00000020.00020000.00000000.sdmp, Unconfirmed 379648.crdownload.0.dr |
String found in binary or memory: https://d.symcb.com/rpa0. |
Source: rufus-4.4.exe, rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED2E1000.00000040.00000001.01000000.00000006.sdmp |
String found in binary or memory: https://gist.github.com/mattifestation/92e545bf1ee5b68eeb71d254cec2f78e |
Source: rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED40A000.00000040.00000001.01000000.00000006.sdmp, RufA552.tmp.11.dr |
String found in binary or memory: https://github.com/Chocobo1 |
Source: rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED40A000.00000040.00000001.01000000.00000006.sdmp, RufA552.tmp.11.dr |
String found in binary or memory: https://github.com/SiderealArt |
Source: rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED2E1000.00000040.00000001.01000000.00000006.sdmp |
String found in binary or memory: https://github.com/chenall/grub4dos |
Source: rufus-4.4.exe, rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED40A000.00000040.00000001.01000000.00000006.sdmp, RufA552.tmp.11.dr |
String found in binary or memory: https://github.com/cupofocha |
Source: rufus-4.4.exe, rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED2E1000.00000040.00000001.01000000.00000006.sdmp |
String found in binary or memory: https://github.com/kokke/tiny-regex-c |
Source: rufus-4.4.exe, rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED2E1000.00000040.00000001.01000000.00000006.sdmp |
String found in binary or memory: https://github.com/libtom/libtomcrypt |
Source: rufus-4.4.exe, rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED2E1000.00000040.00000001.01000000.00000006.sdmp |
String found in binary or memory: https://github.com/pbatard/Fido |
Source: rufus-4.4.exe, rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED2E1000.00000040.00000001.01000000.00000006.sdmp |
String found in binary or memory: https://github.com/pbatard/bled |
Source: rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED2E1000.00000040.00000001.01000000.00000006.sdmp |
String found in binary or memory: https://github.com/pbatard/rufus/blob/master/res/loc/ChangeLog.txt |
Source: rufus-4.4.exe, rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED2E1000.00000040.00000001.01000000.00000006.sdmp |
String found in binary or memory: https://github.com/pbatard/rufus/issues |
Source: rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED2E1000.00000040.00000001.01000000.00000006.sdmp |
String found in binary or memory: https://github.com/pbatard/rufus/wiki/FAQ#bsods-with-windows-to-go-drives-created-from-windows-10-18 |
Source: rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED5DD000.00000040.00000001.01000000.00000006.sdmp |
String found in binary or memory: https://github.com/pbatard/uefi-ntfs. |
Source: rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED2E1000.00000040.00000001.01000000.00000006.sdmp |
String found in binary or memory: https://github.com/u-boot/u-boot |
Source: rufus-4.4.exe, rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED2E1000.00000040.00000001.01000000.00000006.sdmp |
String found in binary or memory: https://github.com/weidai11/cryptopp/ |
Source: rufus-4.4.exe, rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED2E1000.00000040.00000001.01000000.00000006.sdmp |
String found in binary or memory: https://goo.gl/QTobxX. |
Source: rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED2E1000.00000040.00000001.01000000.00000006.sdmp |
String found in binary or memory: https://goo.gl/QTobxX.; |
Source: rufus-4.4.exe, rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED2E1000.00000040.00000001.01000000.00000006.sdmp |
String found in binary or memory: https://kolibrios.org/ |
Source: rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED2E1000.00000040.00000001.01000000.00000006.sdmp, Unconfirmed 379648.crdownload.0.dr |
String found in binary or memory: https://rufus.ie |
Source: rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED5DD000.00000040.00000001.01000000.00000006.sdmp |
String found in binary or memory: https://rufus.ie). |
Source: rufus-4.4.exe, rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED2E1000.00000040.00000001.01000000.00000006.sdmp |
String found in binary or memory: https://rufus.ie/ |
Source: rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED2E1000.00000040.00000001.01000000.00000006.sdmp |
String found in binary or memory: https://rufus.ie/CheckForBetashttps://rufus.ieUsing |
Source: rufus-4.4.exe, rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED2E1000.00000040.00000001.01000000.00000006.sdmp |
String found in binary or memory: https://rufus.ie/Fido.ver |
Source: rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED2E1000.00000040.00000001.01000000.00000006.sdmp |
String found in binary or memory: https://rufus.ie/Fido.verz1https://github.com/pbatard/FidoWARNING: |
Source: rufus-4.4.exe, rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED2E1000.00000040.00000001.01000000.00000006.sdmp |
String found in binary or memory: https://rufus.ie/files |
Source: rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED2E1000.00000040.00000001.01000000.00000006.sdmp |
String found in binary or memory: https://rufus.ie/files%s/%s-%s/%sGrub2%s |
Source: rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED2E1000.00000040.00000001.01000000.00000006.sdmp |
String found in binary or memory: https://rufus.ieRufusRunning |
Source: rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED2E1000.00000040.00000001.01000000.00000006.sdmp |
String found in binary or memory: https://rufus.ieopen321Failed |
Source: rufus-4.4.exe, 0000000B.00000002.68342609287.0000026DEBE97000.00000004.00000020.00020000.00000000.sdmp, Unconfirmed 379648.crdownload.0.dr |
String found in binary or memory: https://sectigo.com/CPS0 |
Source: rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED2E1000.00000040.00000001.01000000.00000006.sdmp |
String found in binary or memory: https://sourceforge.net/projects/smartmontools |
Source: rufus-4.4.exe, rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED2E1000.00000040.00000001.01000000.00000006.sdmp |
String found in binary or memory: https://svn.reactos.org/reactos/trunk |
Source: rufus-4.4.exe, rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED2E1000.00000040.00000001.01000000.00000006.sdmp |
String found in binary or memory: https://svn.reactos.org/reactos/trunk/reactos/dll/win32/fmifs |
Source: rufus-4.4.exe, rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED2E1000.00000040.00000001.01000000.00000006.sdmp |
String found in binary or memory: https://syslinux.org/ |
Source: rufus-4.4.exe, rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED2E1000.00000040.00000001.01000000.00000006.sdmp |
String found in binary or memory: https://systeminformer.sourceforge.io/ |
Source: rufus-4.4.exe, rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED2E1000.00000040.00000001.01000000.00000006.sdmp |
String found in binary or memory: https://tortoisegit.org/ |
Source: rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED2E1000.00000040.00000001.01000000.00000006.sdmp |
String found in binary or memory: https://tortoisesvn.net/ |
Source: rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED5B4000.00000040.00000001.01000000.00000006.sdmp |
String found in binary or memory: https://un.akeo.ie |
Source: rufus-4.4.exe, rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED2E1000.00000040.00000001.01000000.00000006.sdmp |
String found in binary or memory: https://winscp.net/ |
Source: rufus-4.4.exe, rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED2E1000.00000040.00000001.01000000.00000006.sdmp |
String found in binary or memory: https://www.busybox.net/ |
Source: rufus-4.4.exe, rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED2E1000.00000040.00000001.01000000.00000006.sdmp |
String found in binary or memory: https://www.codeguru.com/forum/showthread.php?p=1951973 |
Source: rufus-4.4.exe, rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED2E1000.00000040.00000001.01000000.00000006.sdmp |
String found in binary or memory: https://www.freedos.org/ |
Source: rufus-4.4.exe, 0000000B.00000002.68346458769.00007FF6ED6B4000.00000004.00000001.01000000.00000006.sdmp, rufus-4.4.exe, 0000000B.00000000.68277865502.00007FF6ED6B4000.00000008.00000001.01000000.00000006.sdmp, Unconfirmed 379648.crdownload.0.dr |
String found in binary or memory: https://www.gnu.org/licenses/gpl-3.0.htmlD |
Source: rufus-4.4.exe, rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED2E1000.00000040.00000001.01000000.00000006.sdmp |
String found in binary or memory: https://www.gnu.org/software/fdisk |
Source: rufus-4.4.exe, rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED2E1000.00000040.00000001.01000000.00000006.sdmp |
String found in binary or memory: https://www.gnu.org/software/grub |
Source: rufus-4.4.exe, rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED2E1000.00000040.00000001.01000000.00000006.sdmp |
String found in binary or memory: https://www.gnu.org/software/libcdio |
Source: rufus-4.4.exe, rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED2E1000.00000040.00000001.01000000.00000006.sdmp |
String found in binary or memory: https://www.gnu.org/software/wget |
Source: rufus-4.4.exe, rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED2E1000.00000040.00000001.01000000.00000006.sdmp |
String found in binary or memory: https://www.gnupg.org/ |
Source: rufus-4.4.exe, rufus-4.4.exe, 0000000B.00000002.68344712855.00007FF6ED2E1000.00000040.00000001.01000000.00000006.sdmp |
String found in binary or memory: https://www.reactos.org/ |
Source: C:\Users\user\Downloads\rufus-4.4.exe |
Code function: 11_2_00007FF6ED2E309E |
11_2_00007FF6ED2E309E |
Source: C:\Users\user\Downloads\rufus-4.4.exe |
Code function: 11_2_00007FF6ED2E2B39 |
11_2_00007FF6ED2E2B39 |
Source: C:\Users\user\Downloads\rufus-4.4.exe |
Code function: 11_2_00007FF6ED2E7E71 |
11_2_00007FF6ED2E7E71 |
Source: C:\Users\user\Downloads\rufus-4.4.exe |
Code function: 11_2_00007FF6ED2E266D |
11_2_00007FF6ED2E266D |
Source: C:\Users\user\Downloads\rufus-4.4.exe |
Code function: 11_2_00007FF6ED2ED664 |
11_2_00007FF6ED2ED664 |
Source: C:\Users\user\Downloads\rufus-4.4.exe |
Code function: 11_2_00007FF6ED2FC662 |
11_2_00007FF6ED2FC662 |
Source: C:\Users\user\Downloads\rufus-4.4.exe |
Code function: 11_2_00007FF6ED32770E |
11_2_00007FF6ED32770E |
Source: C:\Users\user\Downloads\rufus-4.4.exe |
Code function: 11_2_00007FF6ED2EBF05 |
11_2_00007FF6ED2EBF05 |
Source: C:\Users\user\Downloads\rufus-4.4.exe |
Code function: 11_2_00007FF6ED2E6D50 |
11_2_00007FF6ED2E6D50 |
Source: C:\Users\user\Downloads\rufus-4.4.exe |
Code function: 11_2_00007FF6ED325DE4 |
11_2_00007FF6ED325DE4 |
Source: C:\Users\user\Downloads\rufus-4.4.exe |
Code function: 11_2_00007FF6ED329DEC |
11_2_00007FF6ED329DEC |
Source: C:\Users\user\Downloads\rufus-4.4.exe |
Code function: 11_2_00007FF6ED328092 |
11_2_00007FF6ED328092 |
Source: C:\Users\user\Downloads\rufus-4.4.exe |
Code function: 11_2_00007FF6ED2EA055 |
11_2_00007FF6ED2EA055 |
Source: C:\Users\user\Downloads\rufus-4.4.exe |
Code function: 11_2_00007FF6ED2FC041 |
11_2_00007FF6ED2FC041 |
Source: C:\Users\user\Downloads\rufus-4.4.exe |
Code function: 11_2_00007FF6ED3040AC |
11_2_00007FF6ED3040AC |
Source: C:\Users\user\Downloads\rufus-4.4.exe |
Code function: 11_2_00007FF6ED2F88A0 |
11_2_00007FF6ED2F88A0 |
Source: C:\Users\user\Downloads\rufus-4.4.exe |
Code function: 11_2_00007FF6ED2EB09D |
11_2_00007FF6ED2EB09D |
Source: C:\Users\user\Downloads\rufus-4.4.exe |
Code function: 11_2_00007FF6ED3250DA |
11_2_00007FF6ED3250DA |
Source: C:\Users\user\Downloads\rufus-4.4.exe |
Code function: 11_2_00007FF6ED2E98FE |
11_2_00007FF6ED2E98FE |
Source: C:\Users\user\Downloads\rufus-4.4.exe |
Code function: 11_2_00007FF6ED3278EC |
11_2_00007FF6ED3278EC |
Source: C:\Users\user\Downloads\rufus-4.4.exe |
Code function: 11_2_00007FF6ED2E7748 |
11_2_00007FF6ED2E7748 |
Source: C:\Users\user\Downloads\rufus-4.4.exe |
Code function: 11_2_00007FF6ED2FB828 |
11_2_00007FF6ED2FB828 |
Source: C:\Users\user\Downloads\rufus-4.4.exe |
Code function: 11_2_00007FF6ED3FB7C8 |
11_2_00007FF6ED3FB7C8 |
Source: C:\Users\user\Downloads\rufus-4.4.exe |
Code function: 11_2_00007FF6ED2E1A5D |
11_2_00007FF6ED2E1A5D |
Source: C:\Users\user\Downloads\rufus-4.4.exe |
Code function: 11_2_00007FF6ED32B17D |
11_2_00007FF6ED32B17D |
Source: C:\Users\user\Downloads\rufus-4.4.exe |
Code function: 11_2_00007FF6ED2EA96E |
11_2_00007FF6ED2EA96E |
Source: C:\Users\user\Downloads\rufus-4.4.exe |
Code function: 11_2_00007FF6ED2E397C |
11_2_00007FF6ED2E397C |
Source: C:\Users\user\Downloads\rufus-4.4.exe |
Code function: 11_2_00007FF6ED317223 |
11_2_00007FF6ED317223 |
Source: C:\Users\user\Downloads\rufus-4.4.exe |
Code function: 11_2_00007FF6ED347235 |
11_2_00007FF6ED347235 |
Source: C:\Users\user\Downloads\rufus-4.4.exe |
Code function: 11_2_00007FF6ED2E9230 |
11_2_00007FF6ED2E9230 |
Source: C:\Users\user\Downloads\rufus-4.4.exe |
Code function: 11_2_00007FF6ED303CE5 |
11_2_00007FF6ED303CE5 |
Source: C:\Users\user\Downloads\rufus-4.4.exe |
Code function: 11_2_00007FF6ED3034FB |
11_2_00007FF6ED3034FB |
Source: C:\Users\user\Downloads\rufus-4.4.exe |
Code function: 11_2_00007FF6ED2FBB98 |
11_2_00007FF6ED2FBB98 |
Source: unknown |
Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" |
|
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1676,4732492817931774946,1826627398002605485,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2028 /prefetch:8 |
|
Source: unknown |
Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://therufus.org/download.php" |
|
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1676,4732492817931774946,1826627398002605485,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=3444 /prefetch:8 |
|
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1676,4732492817931774946,1826627398002605485,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=2948 /prefetch:8 |
|
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1676,4732492817931774946,1826627398002605485,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6924 /prefetch:8 |
|
Source: unknown |
Process created: C:\Users\user\Downloads\rufus-4.4.exe "C:\Users\user\Downloads\rufus-4.4.exe" |
|
Source: unknown |
Process created: C:\Windows\System32\vdsldr.exe C:\Windows\System32\vdsldr.exe -Embedding |
|
Source: unknown |
Process created: C:\Windows\System32\vds.exe C:\Windows\System32\vds.exe |
|
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1676,4732492817931774946,1826627398002605485,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2028 /prefetch:8 |
Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1676,4732492817931774946,1826627398002605485,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=3444 /prefetch:8 |
Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1676,4732492817931774946,1826627398002605485,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=2948 /prefetch:8 |
Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://therufus.org/download.php" |
Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1676,4732492817931774946,1826627398002605485,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6924 /prefetch:8 |
Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Jump to behavior |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
Process created: unknown unknown |
Jump to behavior |
Source: C:\Users\user\Downloads\rufus-4.4.exe |
Section loaded: edgegdi.dll |
Jump to behavior |
Source: C:\Users\user\Downloads\rufus-4.4.exe |
Section loaded: sspicli.dll |
Jump to behavior |
Source: C:\Users\user\Downloads\rufus-4.4.exe |
Section loaded: windows.storage.dll |
Jump to behavior |
Source: C:\Users\user\Downloads\rufus-4.4.exe |
Section loaded: wldp.dll |
Jump to behavior |
Source: C:\Users\user\Downloads\rufus-4.4.exe |
Section loaded: profapi.dll |
Jump to behavior |
Source: C:\Users\user\Downloads\rufus-4.4.exe |
Section loaded: msasn1.dll |
Jump to behavior |
Source: C:\Users\user\Downloads\rufus-4.4.exe |
Section loaded: cryptsp.dll |
Jump to behavior |
Source: C:\Users\user\Downloads\rufus-4.4.exe |
Section loaded: rsaenh.dll |
Jump to behavior |
Source: C:\Users\user\Downloads\rufus-4.4.exe |
Section loaded: cryptbase.dll |
Jump to behavior |
Source: C:\Users\user\Downloads\rufus-4.4.exe |
Section loaded: kernel.appcore.dll |
Jump to behavior |
Source: C:\Users\user\Downloads\rufus-4.4.exe |
Section loaded: uxtheme.dll |
Jump to behavior |
Source: C:\Users\user\Downloads\rufus-4.4.exe |
Section loaded: vds_ps.dll |
Jump to behavior |
Source: C:\Users\user\Downloads\rufus-4.4.exe |
Section loaded: riched20.dll |
Jump to behavior |
Source: C:\Users\user\Downloads\rufus-4.4.exe |
Section loaded: usp10.dll |
Jump to behavior |
Source: C:\Users\user\Downloads\rufus-4.4.exe |
Section loaded: msls31.dll |
Jump to behavior |
Source: C:\Users\user\Downloads\rufus-4.4.exe |
Section loaded: gpedit.dll |
Jump to behavior |
Source: C:\Users\user\Downloads\rufus-4.4.exe |
Section loaded: gpapi.dll |
Jump to behavior |
Source: C:\Users\user\Downloads\rufus-4.4.exe |
Section loaded: activeds.dll |
Jump to behavior |
Source: C:\Users\user\Downloads\rufus-4.4.exe |
Section loaded: dssec.dll |
Jump to behavior |
Source: C:\Users\user\Downloads\rufus-4.4.exe |
Section loaded: dsuiext.dll |
Jump to behavior |
Source: C:\Users\user\Downloads\rufus-4.4.exe |
Section loaded: framedynos.dll |
Jump to behavior |
Source: C:\Users\user\Downloads\rufus-4.4.exe |
Section loaded: adsldpc.dll |
Jump to behavior |
Source: C:\Users\user\Downloads\rufus-4.4.exe |
Section loaded: dsrole.dll |
Jump to behavior |
Source: C:\Users\user\Downloads\rufus-4.4.exe |
Section loaded: logoncli.dll |
Jump to behavior |
Source: C:\Users\user\Downloads\rufus-4.4.exe |
Section loaded: mpr.dll |
Jump to behavior |
Source: C:\Users\user\Downloads\rufus-4.4.exe |
Section loaded: authz.dll |
Jump to behavior |
Source: C:\Users\user\Downloads\rufus-4.4.exe |
Section loaded: netutils.dll |
Jump to behavior |
Source: C:\Users\user\Downloads\rufus-4.4.exe |
Section loaded: ntdsapi.dll |
Jump to behavior |
Source: C:\Users\user\Downloads\rufus-4.4.exe |
Section loaded: textinputframework.dll |
Jump to behavior |
Source: C:\Users\user\Downloads\rufus-4.4.exe |
Section loaded: coreuicomponents.dll |
Jump to behavior |
Source: C:\Users\user\Downloads\rufus-4.4.exe |
Section loaded: coremessaging.dll |
Jump to behavior |
Source: C:\Users\user\Downloads\rufus-4.4.exe |
Section loaded: ntmarta.dll |
Jump to behavior |
Source: C:\Users\user\Downloads\rufus-4.4.exe |
Section loaded: wintypes.dll |
Jump to behavior |
Source: C:\Users\user\Downloads\rufus-4.4.exe |
Section loaded: wintypes.dll |
Jump to behavior |
Source: C:\Users\user\Downloads\rufus-4.4.exe |
Section loaded: wintypes.dll |
Jump to behavior |
Source: C:\Users\user\Downloads\rufus-4.4.exe |
Section loaded: textshaping.dll |
Jump to behavior |
Source: C:\Users\user\Downloads\rufus-4.4.exe |
Section loaded: windowscodecs.dll |
Jump to behavior |
Source: C:\Users\user\Downloads\rufus-4.4.exe |
Section loaded: iconcodecservice.dll |
Jump to behavior |
Source: C:\Users\user\Downloads\rufus-4.4.exe |
Section loaded: oleacc.dll |
Jump to behavior |
Source: C:\Users\user\Downloads\rufus-4.4.exe |
Section loaded: explorerframe.dll |
Jump to behavior |
Source: C:\Users\user\Downloads\rufus-4.4.exe |
Section loaded: devobj.dll |
Jump to behavior |
Source: C:\Users\user\Downloads\rufus-4.4.exe |
Section loaded: wininet.dll |
Jump to behavior |
Source: C:\Windows\System32\vdsldr.exe |
Section loaded: atl.dll |
Jump to behavior |
Source: C:\Windows\System32\vdsldr.exe |
Section loaded: vdsutil.dll |
Jump to behavior |
Source: C:\Windows\System32\vdsldr.exe |
Section loaded: bcd.dll |
Jump to behavior |
Source: C:\Windows\System32\vdsldr.exe |
Section loaded: edgegdi.dll |
Jump to behavior |
Source: C:\Windows\System32\vdsldr.exe |
Section loaded: kernel.appcore.dll |
Jump to behavior |
Source: C:\Windows\System32\vdsldr.exe |
Section loaded: vds_ps.dll |
Jump to behavior |
Source: C:\Windows\System32\vds.exe |
Section loaded: atl.dll |
Jump to behavior |
Source: C:\Windows\System32\vds.exe |
Section loaded: osuninst.dll |
Jump to behavior |
Source: C:\Windows\System32\vds.exe |
Section loaded: vdsutil.dll |
Jump to behavior |
Source: C:\Windows\System32\vds.exe |
Section loaded: atl.dll |
Jump to behavior |
Source: C:\Windows\System32\vds.exe |
Section loaded: bcd.dll |
Jump to behavior |
Source: C:\Windows\System32\vds.exe |
Section loaded: edgegdi.dll |
Jump to behavior |
Source: C:\Windows\System32\vds.exe |
Section loaded: uexfat.dll |
Jump to behavior |
Source: C:\Windows\System32\vds.exe |
Section loaded: ulib.dll |
Jump to behavior |
Source: C:\Windows\System32\vds.exe |
Section loaded: ifsutil.dll |
Jump to behavior |
Source: C:\Windows\System32\vds.exe |
Section loaded: devobj.dll |
Jump to behavior |
Source: C:\Windows\System32\vds.exe |
Section loaded: uudf.dll |
Jump to behavior |
Source: C:\Windows\System32\vds.exe |
Section loaded: untfs.dll |
Jump to behavior |
Source: C:\Windows\System32\vds.exe |
Section loaded: ufat.dll |
Jump to behavior |
Source: C:\Windows\System32\vds.exe |
Section loaded: fmifs.dll |
Jump to behavior |
Source: C:\Windows\System32\vds.exe |
Section loaded: kernel.appcore.dll |
Jump to behavior |
Source: C:\Windows\System32\vds.exe |
Section loaded: vds_ps.dll |
Jump to behavior |