Source: DHL Shipping documents 0020398484995500.exe, 00000003.00000002.4517263503.0000000002EBC000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://concaribe.com |
Source: DHL Shipping documents 0020398484995500.exe, 00000003.00000002.4517263503.0000000002EBC000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://ftp.concaribe.com |
Source: DHL Shipping documents 0020398484995500.exe, 00000003.00000002.4517263503.0000000002E41000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name |
Source: DHL Shipping documents 0020398484995500.exe, 00000000.00000002.2050716658.0000000003FD9000.00000004.00000800.00020000.00000000.sdmp, DHL Shipping documents 0020398484995500.exe, 00000003.00000002.4513145018.0000000000402000.00000040.00000400.00020000.00000000.sdmp |
String found in binary or memory: https://account.dyn.com/ |
Source: DHL Shipping documents 0020398484995500.exe, 00000000.00000002.2050716658.0000000003FD9000.00000004.00000800.00020000.00000000.sdmp, DHL Shipping documents 0020398484995500.exe, 00000003.00000002.4517263503.0000000002E41000.00000004.00000800.00020000.00000000.sdmp, DHL Shipping documents 0020398484995500.exe, 00000003.00000002.4513145018.0000000000402000.00000040.00000400.00020000.00000000.sdmp |
String found in binary or memory: https://api.ipify.org |
Source: DHL Shipping documents 0020398484995500.exe, 00000003.00000002.4517263503.0000000002E41000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: https://api.ipify.org/ |
Source: DHL Shipping documents 0020398484995500.exe, 00000003.00000002.4517263503.0000000002E41000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: https://api.ipify.org/t |
Source: DHL Shipping documents 0020398484995500.exe |
String found in binary or memory: https://github.com/dnSpy/dnSpy/wiki/Debugging-Unity-Games |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Code function: 0_2_0149E00C |
0_2_0149E00C |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Code function: 3_2_00FDA228 |
3_2_00FDA228 |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Code function: 3_2_00FDE770 |
3_2_00FDE770 |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Code function: 3_2_00FDAAB0 |
3_2_00FDAAB0 |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Code function: 3_2_00FD4A58 |
3_2_00FD4A58 |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Code function: 3_2_00FD3E40 |
3_2_00FD3E40 |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Code function: 3_2_00FD4188 |
3_2_00FD4188 |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Code function: 3_2_06A7A8B4 |
3_2_06A7A8B4 |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Code function: 3_2_06A7A598 |
3_2_06A7A598 |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Code function: 3_2_06A7BDF0 |
3_2_06A7BDF0 |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Code function: 3_2_06A7DBF0 |
3_2_06A7DBF0 |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Code function: 3_2_06A956A0 |
3_2_06A956A0 |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Code function: 3_2_06A966C0 |
3_2_06A966C0 |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Code function: 3_2_06A9C240 |
3_2_06A9C240 |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Code function: 3_2_06A92380 |
3_2_06A92380 |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Code function: 3_2_06A9B300 |
3_2_06A9B300 |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Code function: 3_2_06A97E40 |
3_2_06A97E40 |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Code function: 3_2_06A97760 |
3_2_06A97760 |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Code function: 3_2_06A9E468 |
3_2_06A9E468 |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Code function: 3_2_06A90040 |
3_2_06A90040 |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Code function: 3_2_06A95DC8 |
3_2_06A95DC8 |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Code function: 3_2_06A90006 |
3_2_06A90006 |
Source: DHL Shipping documents 0020398484995500.exe, 00000000.00000002.2050716658.0000000003FD9000.00000004.00000800.00020000.00000000.sdmp |
Binary or memory string: OriginalFilenameSoftwareGame.dll: vs DHL Shipping documents 0020398484995500.exe |
Source: DHL Shipping documents 0020398484995500.exe, 00000000.00000002.2050716658.0000000003FD9000.00000004.00000800.00020000.00000000.sdmp |
Binary or memory string: OriginalFilenameb6643012-12fd-45a5-9ab2-ac7e7ee5488b.exe4 vs DHL Shipping documents 0020398484995500.exe |
Source: DHL Shipping documents 0020398484995500.exe, 00000000.00000002.2049391209.000000000116E000.00000004.00000020.00020000.00000000.sdmp |
Binary or memory string: OriginalFilenameclr.dllT vs DHL Shipping documents 0020398484995500.exe |
Source: DHL Shipping documents 0020398484995500.exe, 00000000.00000002.2050654227.0000000002FD1000.00000004.00000800.00020000.00000000.sdmp |
Binary or memory string: OriginalFilenameb6643012-12fd-45a5-9ab2-ac7e7ee5488b.exe4 vs DHL Shipping documents 0020398484995500.exe |
Source: DHL Shipping documents 0020398484995500.exe, 00000000.00000000.2044424346.0000000000BB2000.00000002.00000001.01000000.00000003.sdmp |
Binary or memory string: OriginalFilenamepoiliu.exe. vs DHL Shipping documents 0020398484995500.exe |
Source: DHL Shipping documents 0020398484995500.exe, 00000003.00000002.4513950685.0000000000EF8000.00000004.00000010.00020000.00000000.sdmp |
Binary or memory string: OriginalFilenameUNKNOWN_FILET vs DHL Shipping documents 0020398484995500.exe |
Source: DHL Shipping documents 0020398484995500.exe, 00000003.00000002.4513145018.000000000043E000.00000040.00000400.00020000.00000000.sdmp |
Binary or memory string: OriginalFilenameb6643012-12fd-45a5-9ab2-ac7e7ee5488b.exe4 vs DHL Shipping documents 0020398484995500.exe |
Source: DHL Shipping documents 0020398484995500.exe |
Binary or memory string: OriginalFilenamepoiliu.exe. vs DHL Shipping documents 0020398484995500.exe |
Source: 3.2.DHL Shipping documents 0020398484995500.exe.400000.0.unpack, type: UNPACKEDPE |
Matched rule: INDICATOR_SUSPICIOUS_EXE_VaultSchemaGUID author = ditekSHen, description = Detects executables referencing Windows vault credential objects. Observed in infostealers |
Source: 3.2.DHL Shipping documents 0020398484995500.exe.400000.0.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_AgentTeslaV2 author = ditekSHen, description = AgenetTesla Type 2 Keylogger payload |
Source: 0.2.DHL Shipping documents 0020398484995500.exe.405c9b0.1.raw.unpack, type: UNPACKEDPE |
Matched rule: INDICATOR_SUSPICIOUS_EXE_VaultSchemaGUID author = ditekSHen, description = Detects executables referencing Windows vault credential objects. Observed in infostealers |
Source: 0.2.DHL Shipping documents 0020398484995500.exe.405c9b0.1.raw.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_AgentTeslaV2 author = ditekSHen, description = AgenetTesla Type 2 Keylogger payload |
Source: 0.2.DHL Shipping documents 0020398484995500.exe.401af80.0.raw.unpack, type: UNPACKEDPE |
Matched rule: INDICATOR_SUSPICIOUS_EXE_VaultSchemaGUID author = ditekSHen, description = Detects executables referencing Windows vault credential objects. Observed in infostealers |
Source: 0.2.DHL Shipping documents 0020398484995500.exe.401af80.0.raw.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_AgentTeslaV2 author = ditekSHen, description = AgenetTesla Type 2 Keylogger payload |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Section loaded: mscoree.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Section loaded: apphelp.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Section loaded: kernel.appcore.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Section loaded: version.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Section loaded: vcruntime140_clr0400.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Section loaded: ucrtbase_clr0400.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Section loaded: uxtheme.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Section loaded: windows.storage.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Section loaded: wldp.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Section loaded: profapi.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Section loaded: cryptsp.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Section loaded: rsaenh.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Section loaded: cryptbase.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Section loaded: amsi.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Section loaded: userenv.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Section loaded: msasn1.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Section loaded: gpapi.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Section loaded: dwrite.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Section loaded: mscoree.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Section loaded: kernel.appcore.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Section loaded: version.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Section loaded: vcruntime140_clr0400.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Section loaded: ucrtbase_clr0400.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Section loaded: ucrtbase_clr0400.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Section loaded: uxtheme.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Section loaded: windows.storage.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Section loaded: wldp.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Section loaded: profapi.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Section loaded: cryptsp.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Section loaded: rsaenh.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Section loaded: cryptbase.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Section loaded: wbemcomn.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Section loaded: amsi.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Section loaded: userenv.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Section loaded: sspicli.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Section loaded: rasapi32.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Section loaded: rasman.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Section loaded: rtutils.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Section loaded: mswsock.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Section loaded: winhttp.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Section loaded: ondemandconnroutehelper.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Section loaded: iphlpapi.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Section loaded: dhcpcsvc6.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Section loaded: dhcpcsvc.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Section loaded: dnsapi.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Section loaded: winnsi.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Section loaded: rasadhlp.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Section loaded: fwpuclnt.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Section loaded: secur32.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Section loaded: schannel.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Section loaded: mskeyprotect.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Section loaded: ntasn1.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Section loaded: ncrypt.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Section loaded: ncryptsslp.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Section loaded: msasn1.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Section loaded: gpapi.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Section loaded: vaultcli.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Section loaded: wintypes.dll |
Jump to behavior |
Source: 0.2.DHL Shipping documents 0020398484995500.exe.405c9b0.1.raw.unpack, Form1.cs |
High entropy of concatenated method names: 'oxycobaltammine', 'fringier', 'unchorded', 'wAhRr7CKv', 'Dispose', 'lVOGV1721', 'ULHqFVpPeqZbNsBNpV', 'TchE2TMnA4CKf52ZUf', 'f0mq9hQrUpsqOwSyGd', 'nTd0Zl0tx6BYOWEqZW' |
Source: 0.2.DHL Shipping documents 0020398484995500.exe.405c9b0.1.raw.unpack, QJDLGErGwGLnDsDTGnUfx.cs |
High entropy of concatenated method names: 'pwiMsJJwOLAUrsrsiLrJk', 'vkJkyBAyMrJJZpZnJUUsB', 'pBDTEixOwwhDhOiywipLh', 'wZnEyxixGJZZTGvwQsrMDAvGiTwBJLT', 'erhT', 'aerhTteS46w', 'LvfQyBLvviAnvZJBUkfipTGCDTvQDxU', 'F6WFViyxW', 'TE3wDwuNS', 'MyGetProcAddressWrapper' |
Source: 0.2.DHL Shipping documents 0020398484995500.exe.401af80.0.raw.unpack, Form1.cs |
High entropy of concatenated method names: 'oxycobaltammine', 'fringier', 'unchorded', 'wAhRr7CKv', 'Dispose', 'lVOGV1721', 'ULHqFVpPeqZbNsBNpV', 'TchE2TMnA4CKf52ZUf', 'f0mq9hQrUpsqOwSyGd', 'nTd0Zl0tx6BYOWEqZW' |
Source: 0.2.DHL Shipping documents 0020398484995500.exe.401af80.0.raw.unpack, QJDLGErGwGLnDsDTGnUfx.cs |
High entropy of concatenated method names: 'pwiMsJJwOLAUrsrsiLrJk', 'vkJkyBAyMrJJZpZnJUUsB', 'pBDTEixOwwhDhOiywipLh', 'wZnEyxixGJZZTGvwQsrMDAvGiTwBJLT', 'erhT', 'aerhTteS46w', 'LvfQyBLvviAnvZJBUkfipTGCDTvQDxU', 'F6WFViyxW', 'TE3wDwuNS', 'MyGetProcAddressWrapper' |
Source: 0.2.DHL Shipping documents 0020398484995500.exe.57d0000.2.raw.unpack, Form1.cs |
High entropy of concatenated method names: 'oxycobaltammine', 'fringier', 'unchorded', 'wAhRr7CKv', 'Dispose', 'lVOGV1721', 'ULHqFVpPeqZbNsBNpV', 'TchE2TMnA4CKf52ZUf', 'f0mq9hQrUpsqOwSyGd', 'nTd0Zl0tx6BYOWEqZW' |
Source: 0.2.DHL Shipping documents 0020398484995500.exe.57d0000.2.raw.unpack, QJDLGErGwGLnDsDTGnUfx.cs |
High entropy of concatenated method names: 'pwiMsJJwOLAUrsrsiLrJk', 'vkJkyBAyMrJJZpZnJUUsB', 'pBDTEixOwwhDhOiywipLh', 'wZnEyxixGJZZTGvwQsrMDAvGiTwBJLT', 'erhT', 'aerhTteS46w', 'LvfQyBLvviAnvZJBUkfipTGCDTvQDxU', 'F6WFViyxW', 'TE3wDwuNS', 'MyGetProcAddressWrapper' |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 922337203685477 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 600000 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 599890 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 599777 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 599672 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 599562 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 599453 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 599343 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 599234 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 599125 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 599015 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 598906 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 598796 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 598687 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 598578 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 598468 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 598359 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 598250 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 598058 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 597947 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 597835 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 597718 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 597609 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 597500 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 597390 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 597281 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 597172 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 597062 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 596953 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 596843 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 596734 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 596625 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 596515 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 596406 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 596297 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 596187 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 596078 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 595968 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 595859 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 595750 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 595640 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 595526 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 595422 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 595312 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 595203 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 595093 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 594984 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 594874 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 594765 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 594656 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 594547 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 594437 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe TID: 1088 |
Thread sleep count: 36 > 30 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe TID: 1088 |
Thread sleep time: -33204139332677172s >= -30000s |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe TID: 1088 |
Thread sleep time: -600000s >= -30000s |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe TID: 940 |
Thread sleep count: 2108 > 30 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe TID: 1088 |
Thread sleep time: -599890s >= -30000s |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe TID: 940 |
Thread sleep count: 7747 > 30 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe TID: 1088 |
Thread sleep time: -599777s >= -30000s |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe TID: 1088 |
Thread sleep time: -599672s >= -30000s |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe TID: 1088 |
Thread sleep time: -599562s >= -30000s |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe TID: 1088 |
Thread sleep time: -599453s >= -30000s |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe TID: 1088 |
Thread sleep time: -599343s >= -30000s |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe TID: 1088 |
Thread sleep time: -599234s >= -30000s |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe TID: 1088 |
Thread sleep time: -599125s >= -30000s |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe TID: 1088 |
Thread sleep time: -599015s >= -30000s |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe TID: 1088 |
Thread sleep time: -598906s >= -30000s |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe TID: 1088 |
Thread sleep time: -598796s >= -30000s |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe TID: 1088 |
Thread sleep time: -598687s >= -30000s |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe TID: 1088 |
Thread sleep time: -598578s >= -30000s |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe TID: 1088 |
Thread sleep time: -598468s >= -30000s |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe TID: 1088 |
Thread sleep time: -598359s >= -30000s |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe TID: 1088 |
Thread sleep time: -598250s >= -30000s |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe TID: 1088 |
Thread sleep time: -598058s >= -30000s |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe TID: 1088 |
Thread sleep time: -597947s >= -30000s |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe TID: 1088 |
Thread sleep time: -597835s >= -30000s |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe TID: 1088 |
Thread sleep time: -597718s >= -30000s |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe TID: 1088 |
Thread sleep time: -597609s >= -30000s |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe TID: 1088 |
Thread sleep time: -597500s >= -30000s |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe TID: 1088 |
Thread sleep time: -597390s >= -30000s |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe TID: 1088 |
Thread sleep time: -597281s >= -30000s |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe TID: 1088 |
Thread sleep time: -597172s >= -30000s |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe TID: 1088 |
Thread sleep time: -597062s >= -30000s |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe TID: 1088 |
Thread sleep time: -596953s >= -30000s |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe TID: 1088 |
Thread sleep time: -596843s >= -30000s |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe TID: 1088 |
Thread sleep time: -596734s >= -30000s |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe TID: 1088 |
Thread sleep time: -596625s >= -30000s |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe TID: 1088 |
Thread sleep time: -596515s >= -30000s |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe TID: 1088 |
Thread sleep time: -596406s >= -30000s |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe TID: 1088 |
Thread sleep time: -596297s >= -30000s |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe TID: 1088 |
Thread sleep time: -596187s >= -30000s |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe TID: 1088 |
Thread sleep time: -596078s >= -30000s |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe TID: 1088 |
Thread sleep time: -595968s >= -30000s |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe TID: 1088 |
Thread sleep time: -595859s >= -30000s |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe TID: 1088 |
Thread sleep time: -595750s >= -30000s |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe TID: 1088 |
Thread sleep time: -595640s >= -30000s |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe TID: 1088 |
Thread sleep time: -595526s >= -30000s |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe TID: 1088 |
Thread sleep time: -595422s >= -30000s |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe TID: 1088 |
Thread sleep time: -595312s >= -30000s |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe TID: 1088 |
Thread sleep time: -595203s >= -30000s |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe TID: 1088 |
Thread sleep time: -595093s >= -30000s |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe TID: 1088 |
Thread sleep time: -594984s >= -30000s |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe TID: 1088 |
Thread sleep time: -594874s >= -30000s |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe TID: 1088 |
Thread sleep time: -594765s >= -30000s |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe TID: 1088 |
Thread sleep time: -594656s >= -30000s |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe TID: 1088 |
Thread sleep time: -594547s >= -30000s |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe TID: 1088 |
Thread sleep time: -594437s >= -30000s |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 922337203685477 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 600000 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 599890 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 599777 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 599672 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 599562 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 599453 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 599343 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 599234 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 599125 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 599015 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 598906 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 598796 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 598687 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 598578 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 598468 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 598359 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 598250 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 598058 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 597947 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 597835 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 597718 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 597609 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 597500 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 597390 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 597281 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 597172 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 597062 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 596953 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 596843 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 596734 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 596625 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 596515 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 596406 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 596297 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 596187 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 596078 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 595968 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 595859 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 595750 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 595640 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 595526 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 595422 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 595312 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 595203 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 595093 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 594984 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 594874 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 594765 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 594656 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 594547 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Thread delayed: delay time: 594437 |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Queries volume information: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Queries volume information: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe |
Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll VolumeInformation |
Jump to behavior |