Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
cmxX3lu85W.exe

Overview

General Information

Sample name:cmxX3lu85W.exe
Analysis ID:1584585
MD5:4f481037138109f314141b4fede21f87
SHA1:e28504f330d3d8586d36e3ff270fdfc0821e0cc2
SHA256:f65d5f51c5b69891d73c3799b4ed4d53fea665a6ef5b3d0cce8cae1e96c0e785
Infos:

Detection

DBatLoader
Score:76
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Found detection on Joe Sandbox Cloud Basic
Found malware configuration
Multi AV Scanner detection for submitted file
Yara detected DBatLoader
Allocates many large memory junks
C2 URLs / IPs found in malware configuration
Machine Learning detection for sample
Checks if the current process is being debugged
Tries to resolve domain names, but no domain seems valid (expired dropper behavior)
Uses 32bit PE files

Classification

  • System is w10x64native
  • cmxX3lu85W.exe (PID: 5564 cmdline: "C:\Users\user\Desktop\cmxX3lu85W.exe" MD5: 4F481037138109F314141B4FEDE21F87)
  • cleanup
{"Download Url": ["https://fodoknotel.za.com/233_Pumyophnrer"]}
SourceRuleDescriptionAuthorStrings
00000000.00000003.34567853340.000000007FCD0000.00000004.00001000.00020000.00000000.sdmpJoeSecurity_DBatLoaderYara detected DBatLoaderJoe Security
    00000000.00000002.39641984705.0000000002586000.00000004.00001000.00020000.00000000.sdmpJoeSecurity_DBatLoaderYara detected DBatLoaderJoe Security
      No Sigma rule has matched
      No Suricata rule has matched

      Click to jump to signature section

      Show All Signature Results

      AV Detection

      barindex
      Source: cmxX3lu85W.exeMalware Configuration Extractor: DBatLoader {"Download Url": ["https://fodoknotel.za.com/233_Pumyophnrer"]}
      Source: cmxX3lu85W.exeReversingLabs: Detection: 78%
      Source: cmxX3lu85W.exeJoe Sandbox ML: detected
      Source: cmxX3lu85W.exeStatic PE information: EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, BYTES_REVERSED_LO, 32BIT_MACHINE, BYTES_REVERSED_HI

      Networking

      barindex
      Source: Malware configuration extractorURLs: https://fodoknotel.za.com/233_Pumyophnrer
      Source: unknownDNS traffic detected: query: fodoknotel.za.com replaycode: Server failure (2)
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 9.9.9.9
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 9.9.9.9
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 9.9.9.9
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 9.9.9.9
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 9.9.9.9
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 9.9.9.9
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 9.9.9.9
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 9.9.9.9
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 9.9.9.9
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 9.9.9.9
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 9.9.9.9
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 9.9.9.9
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 9.9.9.9
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 9.9.9.9
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 9.9.9.9
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 9.9.9.9
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 9.9.9.9
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 9.9.9.9
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 9.9.9.9
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 9.9.9.9
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 9.9.9.9
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 9.9.9.9
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 9.9.9.9
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 9.9.9.9
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 9.9.9.9
      Source: global trafficDNS traffic detected: DNS query: fodoknotel.za.com
      Source: cmxX3lu85W.exe, 00000000.00000002.39649504951.0000000020D5D000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://fodoknotel.za.com/233_Pumyophnre
      Source: cmxX3lu85W.exe, 00000000.00000002.39649504951.0000000020D73000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://fodoknotel.za.com/233_Pumyophnrer

      System Summary

      barindex
      Source: cmxX3lu85W.exeJoe Sandbox Cloud Basic: Detection: malicious Score: 100 Threat Name: DBatLoader, PureLog Stealer, Snake Keylo Analyzer: w10x64Perma Link
      Source: cmxX3lu85W.exeStatic PE information: EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, BYTES_REVERSED_LO, 32BIT_MACHINE, BYTES_REVERSED_HI
      Source: cmxX3lu85W.exeBinary or memory string: oW.Sln
      Source: classification engineClassification label: mal76.troj.evad.winEXE@1/0@100/0
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeKey opened: HKEY_CURRENT_USER\Software\Borland\Delphi\LocalesJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeKey opened: HKEY_CURRENT_USER\Software\Borland\Delphi\LocalesJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
      Source: cmxX3lu85W.exeReversingLabs: Detection: 78%
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeFile read: C:\Users\user\Desktop\cmxX3lu85W.exeJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: apphelp.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: version.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: edgegdi.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: uxtheme.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: url.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: ieframe.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: iertutil.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: netapi32.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: userenv.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: winhttp.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: wkscli.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: netutils.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: amsi.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: smartscreenps.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: kernel.appcore.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: winmm.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: wininet.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: sspicli.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: windows.storage.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: wldp.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: profapi.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: mswsock.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: ieproxy.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: iphlpapi.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: winnsi.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: ieproxy.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: ieproxy.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: mssip32.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: mssip32.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: mssip32.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: dnsapi.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: rasadhlp.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: ieproxy.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: ieproxy.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: ieproxy.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: mssip32.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: mssip32.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: mssip32.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: ieproxy.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: ieproxy.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: ieproxy.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: mssip32.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: mssip32.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: mssip32.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: ieproxy.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: ieproxy.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: ieproxy.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: mssip32.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: mssip32.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: mssip32.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: ieproxy.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: ieproxy.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: ieproxy.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: mssip32.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: mssip32.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: mssip32.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: ieproxy.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: ieproxy.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: ieproxy.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: mssip32.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: mssip32.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: mssip32.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: ieproxy.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: ieproxy.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: ieproxy.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: mssip32.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: mssip32.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: mssip32.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: ieproxy.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: ieproxy.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: ieproxy.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: mssip32.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: mssip32.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: mssip32.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: ieproxy.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: ieproxy.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: ieproxy.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: mssip32.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: mssip32.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: mssip32.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: ieproxy.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: ieproxy.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: ieproxy.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: mssip32.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: mssip32.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: mssip32.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: ieproxy.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: ieproxy.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: ieproxy.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: mssip32.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: mssip32.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: mssip32.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: ieproxy.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: ieproxy.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: ieproxy.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: mssip32.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: mssip32.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: mssip32.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: ieproxy.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: ieproxy.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: ieproxy.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: mssip32.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: mssip32.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: mssip32.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: ieproxy.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: ieproxy.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: ieproxy.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\cmxX3lu85W.exeSection loaded: msasn1.dll