| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 0_2_074E0040 | 0_2_074E0040 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 0_2_074EE67A | 0_2_074EE67A |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 0_2_074E0006 | 0_2_074E0006 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 0_2_074EEEE0 | 0_2_074EEEE0 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 0_2_074EEEF0 | 0_2_074EEEF0 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 0_2_074EEAA8 | 0_2_074EEAA8 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 0_2_074EEAB8 | 0_2_074EEAB8 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 1_2_012D6108 | 1_2_012D6108 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 1_2_012DC190 | 1_2_012DC190 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 1_2_012DF007 | 1_2_012DF007 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 1_2_012DC470 | 1_2_012DC470 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 1_2_012DB4A0 | 1_2_012DB4A0 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 1_2_012D6730 | 1_2_012D6730 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 1_2_012DC751 | 1_2_012DC751 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 1_2_012D9858 | 1_2_012D9858 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 1_2_012DBBD3 | 1_2_012DBBD3 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 1_2_012DCA31 | 1_2_012DCA31 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 1_2_012D4AD9 | 1_2_012D4AD9 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 1_2_012DBEB0 | 1_2_012DBEB0 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 1_2_012DE528 | 1_2_012DE528 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 1_2_012DE517 | 1_2_012DE517 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 1_2_012D3570 | 1_2_012D3570 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 1_2_012DB4F3 | 1_2_012DB4F3 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 1_2_058BC9D8 | 1_2_058BC9D8 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 1_2_058BBD38 | 1_2_058BBD38 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 1_2_058BB0A0 | 1_2_058BB0A0 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 1_2_058BA408 | 1_2_058BA408 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 1_2_058BD028 | 1_2_058BD028 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 1_2_058BC388 | 1_2_058BC388 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 1_2_058B8B58 | 1_2_058B8B58 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 1_2_058BB6E8 | 1_2_058BB6E8 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 1_2_058B8608 | 1_2_058B8608 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 1_2_058BAA58 | 1_2_058BAA58 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 1_2_058BD670 | 1_2_058BD670 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 1_2_058B518A | 1_2_058B518A |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 1_2_058B5198 | 1_2_058B5198 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 1_2_058B1191 | 1_2_058B1191 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 1_2_058B11A0 | 1_2_058B11A0 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 1_2_058B81A0 | 1_2_058B81A0 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 1_2_058B81B0 | 1_2_058B81B0 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 1_2_058BC9C8 | 1_2_058BC9C8 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 1_2_058B85FC | 1_2_058B85FC |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 1_2_058B7900 | 1_2_058B7900 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 1_2_058BBD28 | 1_2_058BBD28 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 1_2_058B0D39 | 1_2_058B0D39 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 1_2_058B0D48 | 1_2_058B0D48 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 1_2_058B7D48 | 1_2_058B7D48 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 1_2_058B7D58 | 1_2_058B7D58 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 1_2_058B0488 | 1_2_058B0488 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 1_2_058BB08F | 1_2_058BB08F |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 1_2_058B0498 | 1_2_058B0498 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 1_2_058B7497 | 1_2_058B7497 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 1_2_058B74A8 | 1_2_058B74A8 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 1_2_058B28B0 | 1_2_058B28B0 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 1_2_058B08E0 | 1_2_058B08E0 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 1_2_058B08F0 | 1_2_058B08F0 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 1_2_058B78F0 | 1_2_058B78F0 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 1_2_058B2809 | 1_2_058B2809 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 1_2_058B2807 | 1_2_058B2807 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 1_2_058B0006 | 1_2_058B0006 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 1_2_058BD018 | 1_2_058BD018 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 1_2_058B4430 | 1_2_058B4430 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 1_2_058B0040 | 1_2_058B0040 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 1_2_058B7040 | 1_2_058B7040 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 1_2_058B7050 | 1_2_058B7050 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 1_2_058B33A8 | 1_2_058B33A8 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 1_2_058B33B8 | 1_2_058B33B8 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 1_2_058B6BC1 | 1_2_058B6BC1 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 1_2_058B6BD0 | 1_2_058B6BD0 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 1_2_058BA3F8 | 1_2_058BA3F8 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 1_2_058B6312 | 1_2_058B6312 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 1_2_058B6320 | 1_2_058B6320 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 1_2_058B3730 | 1_2_058B3730 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 1_2_058B676A | 1_2_058B676A |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 1_2_058B6778 | 1_2_058B6778 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 1_2_058BC378 | 1_2_058BC378 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 1_2_058B8B76 | 1_2_058B8B76 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 1_2_058B5EB8 | 1_2_058B5EB8 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 1_2_058B5EC8 | 1_2_058B5EC8 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 1_2_058BB6D9 | 1_2_058BB6D9 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 1_2_058B560A | 1_2_058B560A |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 1_2_058B5618 | 1_2_058B5618 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 1_2_058BAA48 | 1_2_058BAA48 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 1_2_058BD663 | 1_2_058BD663 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 1_2_058B5A60 | 1_2_058B5A60 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Code function: 1_2_058B5A70 | 1_2_058B5A70 |
| Source: 0.2.SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe.3682330.3.unpack, type: UNPACKEDPE | Matched rule: Windows_Trojan_SnakeKeylogger_af3faa65 os = windows, severity = x86, creation_date = 2021-04-06, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.SnakeKeylogger, fingerprint = 15f4ef2a03c6f5c6284ea6a9013007e4ea7dc90a1ba9c81a53a1c7407d85890d, id = af3faa65-b19d-4267-ac02-1a3b50cdc700, last_modified = 2021-08-23 |
| Source: 0.2.SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe.3682330.3.unpack, type: UNPACKEDPE | Matched rule: MAL_Envrial_Jan18_1 date = 2018-01-21, hash2 = 9edd8f0e22340ecc45c5f09e449aa85d196f3f506ff3f44275367df924b95c5d, hash1 = 9ae3aa2c61f7895ba6b1a3f85fbe36c8697287dc7477c5a03d32cf994fdbce85, author = Florian Roth, description = Detects Encrial credential stealer malware, reference = https://twitter.com/malwrhunterteam/status/953313514629853184, license = https://creativecommons.org/licenses/by-nc/4.0/ |
| Source: 0.2.SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe.3682330.3.unpack, type: UNPACKEDPE | Matched rule: INDICATOR_SUSPICIOUS_EXE_DotNetProcHook author = ditekSHen, description = Detects executables with potential process hoocking |
| Source: 0.2.SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe.3682330.3.unpack, type: UNPACKEDPE | Matched rule: MALWARE_Win_SnakeKeylogger author = ditekSHen, description = Detects Snake Keylogger, clamav_sig = MALWARE.Win.Trojan.SnakeKeylogger |
| Source: 1.2.SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe.400000.0.unpack, type: UNPACKEDPE | Matched rule: Windows_Trojan_SnakeKeylogger_af3faa65 os = windows, severity = x86, creation_date = 2021-04-06, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.SnakeKeylogger, fingerprint = 15f4ef2a03c6f5c6284ea6a9013007e4ea7dc90a1ba9c81a53a1c7407d85890d, id = af3faa65-b19d-4267-ac02-1a3b50cdc700, last_modified = 2021-08-23 |
| Source: 1.2.SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe.400000.0.unpack, type: UNPACKEDPE | Matched rule: MAL_Envrial_Jan18_1 date = 2018-01-21, hash2 = 9edd8f0e22340ecc45c5f09e449aa85d196f3f506ff3f44275367df924b95c5d, hash1 = 9ae3aa2c61f7895ba6b1a3f85fbe36c8697287dc7477c5a03d32cf994fdbce85, author = Florian Roth, description = Detects Encrial credential stealer malware, reference = https://twitter.com/malwrhunterteam/status/953313514629853184, license = https://creativecommons.org/licenses/by-nc/4.0/ |
| Source: 1.2.SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe.400000.0.unpack, type: UNPACKEDPE | Matched rule: INDICATOR_SUSPICIOUS_EXE_DotNetProcHook author = ditekSHen, description = Detects executables with potential process hoocking |
| Source: 1.2.SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe.400000.0.unpack, type: UNPACKEDPE | Matched rule: MALWARE_Win_SnakeKeylogger author = ditekSHen, description = Detects Snake Keylogger, clamav_sig = MALWARE.Win.Trojan.SnakeKeylogger |
| Source: 0.2.SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe.3661910.2.unpack, type: UNPACKEDPE | Matched rule: Windows_Trojan_SnakeKeylogger_af3faa65 os = windows, severity = x86, creation_date = 2021-04-06, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.SnakeKeylogger, fingerprint = 15f4ef2a03c6f5c6284ea6a9013007e4ea7dc90a1ba9c81a53a1c7407d85890d, id = af3faa65-b19d-4267-ac02-1a3b50cdc700, last_modified = 2021-08-23 |
| Source: 0.2.SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe.3661910.2.unpack, type: UNPACKEDPE | Matched rule: MAL_Envrial_Jan18_1 date = 2018-01-21, hash2 = 9edd8f0e22340ecc45c5f09e449aa85d196f3f506ff3f44275367df924b95c5d, hash1 = 9ae3aa2c61f7895ba6b1a3f85fbe36c8697287dc7477c5a03d32cf994fdbce85, author = Florian Roth, description = Detects Encrial credential stealer malware, reference = https://twitter.com/malwrhunterteam/status/953313514629853184, license = https://creativecommons.org/licenses/by-nc/4.0/ |
| Source: 0.2.SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe.3661910.2.unpack, type: UNPACKEDPE | Matched rule: INDICATOR_SUSPICIOUS_EXE_DotNetProcHook author = ditekSHen, description = Detects executables with potential process hoocking |
| Source: 0.2.SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe.3661910.2.unpack, type: UNPACKEDPE | Matched rule: MALWARE_Win_SnakeKeylogger author = ditekSHen, description = Detects Snake Keylogger, clamav_sig = MALWARE.Win.Trojan.SnakeKeylogger |
| Source: 0.2.SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe.3682330.3.raw.unpack, type: UNPACKEDPE | Matched rule: Windows_Trojan_SnakeKeylogger_af3faa65 os = windows, severity = x86, creation_date = 2021-04-06, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.SnakeKeylogger, fingerprint = 15f4ef2a03c6f5c6284ea6a9013007e4ea7dc90a1ba9c81a53a1c7407d85890d, id = af3faa65-b19d-4267-ac02-1a3b50cdc700, last_modified = 2021-08-23 |
| Source: 0.2.SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe.3682330.3.raw.unpack, type: UNPACKEDPE | Matched rule: INDICATOR_SUSPICIOUS_EXE_DotNetProcHook author = ditekSHen, description = Detects executables with potential process hoocking |
| Source: 0.2.SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe.3682330.3.raw.unpack, type: UNPACKEDPE | Matched rule: MALWARE_Win_SnakeKeylogger author = ditekSHen, description = Detects Snake Keylogger, clamav_sig = MALWARE.Win.Trojan.SnakeKeylogger |
| Source: 0.2.SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe.3661910.2.raw.unpack, type: UNPACKEDPE | Matched rule: Windows_Trojan_SnakeKeylogger_af3faa65 os = windows, severity = x86, creation_date = 2021-04-06, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.SnakeKeylogger, fingerprint = 15f4ef2a03c6f5c6284ea6a9013007e4ea7dc90a1ba9c81a53a1c7407d85890d, id = af3faa65-b19d-4267-ac02-1a3b50cdc700, last_modified = 2021-08-23 |
| Source: 0.2.SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe.3661910.2.raw.unpack, type: UNPACKEDPE | Matched rule: INDICATOR_SUSPICIOUS_EXE_DotNetProcHook author = ditekSHen, description = Detects executables with potential process hoocking |
| Source: 0.2.SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe.3661910.2.raw.unpack, type: UNPACKEDPE | Matched rule: MALWARE_Win_SnakeKeylogger author = ditekSHen, description = Detects Snake Keylogger, clamav_sig = MALWARE.Win.Trojan.SnakeKeylogger |
| Source: 00000001.00000002.3600280033.0000000000402000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY | Matched rule: Windows_Trojan_SnakeKeylogger_af3faa65 os = windows, severity = x86, creation_date = 2021-04-06, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.SnakeKeylogger, fingerprint = 15f4ef2a03c6f5c6284ea6a9013007e4ea7dc90a1ba9c81a53a1c7407d85890d, id = af3faa65-b19d-4267-ac02-1a3b50cdc700, last_modified = 2021-08-23 |
| Source: 00000001.00000002.3600280033.0000000000402000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY | Matched rule: MALWARE_Win_SnakeKeylogger author = ditekSHen, description = Detects Snake Keylogger, clamav_sig = MALWARE.Win.Trojan.SnakeKeylogger |
| Source: 00000000.00000002.1162231043.0000000003661000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY | Matched rule: Windows_Trojan_SnakeKeylogger_af3faa65 os = windows, severity = x86, creation_date = 2021-04-06, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.SnakeKeylogger, fingerprint = 15f4ef2a03c6f5c6284ea6a9013007e4ea7dc90a1ba9c81a53a1c7407d85890d, id = af3faa65-b19d-4267-ac02-1a3b50cdc700, last_modified = 2021-08-23 |
| Source: 00000000.00000002.1162231043.0000000003661000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY | Matched rule: MALWARE_Win_SnakeKeylogger author = ditekSHen, description = Detects Snake Keylogger, clamav_sig = MALWARE.Win.Trojan.SnakeKeylogger |
| Source: Process Memory Space: SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe PID: 7784, type: MEMORYSTR | Matched rule: Windows_Trojan_SnakeKeylogger_af3faa65 os = windows, severity = x86, creation_date = 2021-04-06, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.SnakeKeylogger, fingerprint = 15f4ef2a03c6f5c6284ea6a9013007e4ea7dc90a1ba9c81a53a1c7407d85890d, id = af3faa65-b19d-4267-ac02-1a3b50cdc700, last_modified = 2021-08-23 |
| Source: Process Memory Space: SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe PID: 7784, type: MEMORYSTR | Matched rule: MALWARE_Win_SnakeKeylogger author = ditekSHen, description = Detects Snake Keylogger, clamav_sig = MALWARE.Win.Trojan.SnakeKeylogger |
| Source: Process Memory Space: SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe PID: 7876, type: MEMORYSTR | Matched rule: Windows_Trojan_SnakeKeylogger_af3faa65 os = windows, severity = x86, creation_date = 2021-04-06, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.SnakeKeylogger, fingerprint = 15f4ef2a03c6f5c6284ea6a9013007e4ea7dc90a1ba9c81a53a1c7407d85890d, id = af3faa65-b19d-4267-ac02-1a3b50cdc700, last_modified = 2021-08-23 |
| Source: Process Memory Space: SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe PID: 7876, type: MEMORYSTR | Matched rule: MALWARE_Win_SnakeKeylogger author = ditekSHen, description = Detects Snake Keylogger, clamav_sig = MALWARE.Win.Trojan.SnakeKeylogger |
| Source: 0.2.SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe.379a448.5.raw.unpack, e1U4VQQ7acWEeuQfEj.cs | High entropy of concatenated method names: 'P01NmeoquZ', 'i1nNMD6Ovn', 'kORNYlrGYK', 'JZ3NDPkxSp', 'CkENygnak1', 'wZkNwcWP9b', 'S8jNIpuT5I', 'aKVNKrAusD', 'lRENTcOcr5', 'SjcNAWUPPD' |
| Source: 0.2.SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe.379a448.5.raw.unpack, XRQd6OjQcOl3TObGqN.cs | High entropy of concatenated method names: 'Dispose', 'HtVricdUSD', 'tCS6eqrvMM', 'hrlxuMKsXS', 'HhMrfMeWCM', 'Tncrz4itbP', 'ProcessDialogKey', 'pJJ6krZHNF', 'p5J6rXA7KJ', 'UEd66gr4s1' |
| Source: 0.2.SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe.379a448.5.raw.unpack, S4qbZtrrTqTlb9PaCuT.cs | High entropy of concatenated method names: 'njcqfbZ7Em', 'CNsqzMYxjg', 'BxaokwbM4y', 'BiZorm1TP9', 'zIVo6bOeAl', 'K27oBmCbwU', 'xK1oxSBop8', 'AFDoWK7kAj', 'faBo1suI5P', 'e83ojs1MnN' |
| Source: 0.2.SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe.379a448.5.raw.unpack, EyJk559tnEhMxIsMfN.cs | High entropy of concatenated method names: 'TxgBWe327M', 'KZoB1lQ4YC', 'o0LBjKdVrD', 'lg6BG22Sn1', 'QqpB5lIErM', 'd03BVPhGtJ', 'tp8BNVS6gC', 'Y1eB9BnVIG', 'HsCBphMh6G', 'ffNB8pQ2IB' |
| Source: 0.2.SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe.379a448.5.raw.unpack, bCWvHbG4CeRvKZSRlV.cs | High entropy of concatenated method names: 'EditValue', 'GetEditStyle', 'bMt6ieSYgm', 'y8M6fhjTd0', 'BWM6zT6Vk5', 'sMaBklI35k', 'WbxBrOJ0d0', 'QvZB6A4DE8', 'MZgBBM4QkB', 'pbKxfvXjmcVfu6XPtJV' |
| Source: 0.2.SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe.379a448.5.raw.unpack, RocnB2u6C8dIpdLghk.cs | High entropy of concatenated method names: 'jdCVWOkECE', 'BtUVjX1oJy', 'xmJV5SnXlt', 'jkCVNCVXcU', 'QnxV93VOQ9', 'JrF5RlJOET', 'uDM5nRBPwI', 'FUc5C67aHe', 'IHo5ZsIwDf', 'nmn5iuQYWQ' |
| Source: 0.2.SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe.379a448.5.raw.unpack, z7HkQISSUc8fxlNT0x.cs | High entropy of concatenated method names: 'FnDs8axPlF', 'U4ZslSRcgX', 'ToString', 'FE4s1dlYeU', 'gbUsj6RmVQ', 'ssWsGe8a5X', 'hOls5MFQhb', 'yZFsVPykcr', 'zaUsNYkTT3', 'i43s9D8jir' |
| Source: 0.2.SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe.379a448.5.raw.unpack, w3ZuvYCFmLtVcdUSDL.cs | High entropy of concatenated method names: 'ACO2F3wZB8', 'uXT2sFDswQ', 'WIf22Pdvw7', 'C0b2omCkqv', 'nrl2dJdGMG', 'QPK2HA3JA9', 'Dispose', 'SooJ1t1jT0', 'jwvJjxHgsg', 'pIlJGIXytF' |
| Source: 0.2.SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe.379a448.5.raw.unpack, pr4s13fQXspK0cwc1I.cs | High entropy of concatenated method names: 't39qGFMsFp', 'kjjq5Y7Pvp', 'yPBqVWqLyg', 'kkKqNDZdqV', 'rfmq2p7QQ7', 'Yuoq9SIi5d', 'Next', 'Next', 'Next', 'NextBytes' |
| Source: 0.2.SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe.379a448.5.raw.unpack, qrZHNFig5JXA7KJREd.cs | High entropy of concatenated method names: 'WKn2ulCoZK', 'SSI2eHgmRL', 'Usx2L0OiOk', 'U5h20bYHGf', 'WBR23Ln1M3', 'QN22Ocxq2i', 'eOT2EU9xAm', 'KkU2UrjOsA', 'I8X2QVA5f9', 'RA52XVhgyO' |
| Source: 0.2.SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe.379a448.5.raw.unpack, fcADGoPOgv7XtLc1lr.cs | High entropy of concatenated method names: 'ToString', 'U8Hgctc4oH', 'NfygeaN4Nh', 'OTtgLhBlAg', 'TZJg0aJ6qm', 'Lo1g3RRTrS', 'a4DgOwbd3y', 'zC5gEjSMvK', 's30gUsIQx0', 'cpTgQUaKWY' |
| Source: 0.2.SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe.379a448.5.raw.unpack, fUtiR375gvAFZ0s7oX.cs | High entropy of concatenated method names: 'lLm4KWvhAf', 'RpQ4TBIqA8', 'BcB4ucjpC1', 'ac54eoWPGQ', 'URZ403OIR4', 'lUP43wQvFn', 'J224E3341q', 'epI4UexKy9', 'TD14Xi7FpI', 'ad64coTohs' |
| Source: 0.2.SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe.379a448.5.raw.unpack, OyoJ5qrk9TMoyInOpOI.cs | High entropy of concatenated method names: 'CanConvertFrom', 'ConvertFrom', 'ConvertTo', 'eOuqcWIdd2', 'M6OqaUpIyw', 'gW2q7KaoRt', 'Ygkqh7OiCY', 'A3Iqt69qqI', 'FHEqPoCqF7', 'fBVqSGWpKj' |
| Source: 0.2.SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe.379a448.5.raw.unpack, gHNKGQTwPXojjZtPg1.cs | High entropy of concatenated method names: 'iVPGDq6Ho4', 'WsyGwrFVO6', 'seMGK8o6y7', 'x0XGTrhy82', 'qChGF1HbYd', 'R3sGg9gE16', 'iyjGsaGrky', 'dZJGJ8TDX6', 'EFOG2PFJwx', 'ociGq5dQV5' |
| Source: 0.2.SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe.379a448.5.raw.unpack, PeRObGEbsmxBxW0AqV.cs | High entropy of concatenated method names: 'OyNN1hCBL7', 'oCtNGF2Rsj', 'E2nNVJ1C5R', 'xuNVfQaP1J', 'UAqVzy0JNT', 'AImNkodmDF', 'Id6NrHa1El', 'vMjN6VjuI5', 'rsMNBAe4fK', 'dD3NxisHBu' |
| Source: 0.2.SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe.379a448.5.raw.unpack, boxq7on20nxSOc1pYB.cs | High entropy of concatenated method names: 'H3CsZrRSMF', 'VCxsfQpu9q', 'qs2JkArA25', 'vA0Jrv1Zfy', 'y4FscRI5jE', 'aiKsah08gf', 'b5ss7wCspt', 'Djrshn4TLU', 'lcystgJCaq', 'rOisPISEp9' |
| Source: 0.2.SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe.379a448.5.raw.unpack, KRNngrUKXnqM1Klq8d.cs | High entropy of concatenated method names: 'ISKNsxDoCT', 'ac7N2mgoRl', 'CBDNgK5fav', 'rRWykrMJPYhfE8satsL', 'FMLjQoMy0JdH9im2peK', 'dEXOhoMFvwr1TcUqkry' |
| Source: 0.2.SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe.379a448.5.raw.unpack, xjuciJKCOIPdtRI75L.cs | High entropy of concatenated method names: 'MIJjhEMlKS', 'q7JjtkhU2H', 'z1sjPVLVwm', 'wMbjScV40B', 'CydjRdZaEv', 'psJjnVSTAS', 'KLwjCorqUj', 'HAyjZ44REx', 'PONjiVZ4AM', 'NMPjfAQhiJ' |
| Source: 0.2.SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe.379a448.5.raw.unpack, AK3Fh9AHBPMI9DMtJn.cs | High entropy of concatenated method names: 'Cgw5yG8Cx1', 'fAb5Ix9UGQ', 'g0sGLiOB4k', 'HksG0S5e8C', 'cjsG3Sjs6m', 'wZUGO1br3M', 'VxGGEr3edb', 'tfLGUuBq2c', 'V1oGQfidFf', 'z2tGXCF21p' |
| Source: 0.2.SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe.379a448.5.raw.unpack, RJaaji63qW95FhffxD.cs | High entropy of concatenated method names: 'UtfYCr8Jg', 'NmXDCDgSl', 'xQ8wsEZZG', 'XXCIdZh8l', 'uBMTBtUjl', 'uScA09hCe', 'JjVgk2P0gqd9OpBDvg', 'XmhkRtKjHEa5suBvZ8', 'h7gJnQ2at', 'XaNqPEXWp' |
| Source: 0.2.SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe.379a448.5.raw.unpack, RWedmCzgLalRtVO9k4.cs | High entropy of concatenated method names: 'JC1qwAnUkA', 'ILcqKMcmyJ', 'mxYqTuHZUT', 'JFlqu3cr0Q', 'Nt8qe2Xckw', 'OgBq0VwgLm', 'fhGq3j9lOw', 'beCqHdMT0h', 'ajyqmmcjgC', 'DjGqM4K5wj' |
| Source: 0.2.SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe.379a448.5.raw.unpack, OtiHIKxaCIp5HFqLh8.cs | High entropy of concatenated method names: 'hwHrNjuciJ', 'VOIr9PdtRI', 'MwPr8XojjZ', 'RPgrl1yK3F', 'AMtrFJntoc', 'VB2rg6C8dI', 'EuPjhV7P38V1pB5C9S', 'BvgqOuvOAmwReNjbu0', 'xxarrJmvnM', 'dH8rBYVCZl' |
| Source: 0.2.SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe.7a90000.8.raw.unpack, e1U4VQQ7acWEeuQfEj.cs | High entropy of concatenated method names: 'P01NmeoquZ', 'i1nNMD6Ovn', 'kORNYlrGYK', 'JZ3NDPkxSp', 'CkENygnak1', 'wZkNwcWP9b', 'S8jNIpuT5I', 'aKVNKrAusD', 'lRENTcOcr5', 'SjcNAWUPPD' |
| Source: 0.2.SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe.7a90000.8.raw.unpack, XRQd6OjQcOl3TObGqN.cs | High entropy of concatenated method names: 'Dispose', 'HtVricdUSD', 'tCS6eqrvMM', 'hrlxuMKsXS', 'HhMrfMeWCM', 'Tncrz4itbP', 'ProcessDialogKey', 'pJJ6krZHNF', 'p5J6rXA7KJ', 'UEd66gr4s1' |
| Source: 0.2.SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe.7a90000.8.raw.unpack, S4qbZtrrTqTlb9PaCuT.cs | High entropy of concatenated method names: 'njcqfbZ7Em', 'CNsqzMYxjg', 'BxaokwbM4y', 'BiZorm1TP9', 'zIVo6bOeAl', 'K27oBmCbwU', 'xK1oxSBop8', 'AFDoWK7kAj', 'faBo1suI5P', 'e83ojs1MnN' |
| Source: 0.2.SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe.7a90000.8.raw.unpack, EyJk559tnEhMxIsMfN.cs | High entropy of concatenated method names: 'TxgBWe327M', 'KZoB1lQ4YC', 'o0LBjKdVrD', 'lg6BG22Sn1', 'QqpB5lIErM', 'd03BVPhGtJ', 'tp8BNVS6gC', 'Y1eB9BnVIG', 'HsCBphMh6G', 'ffNB8pQ2IB' |
| Source: 0.2.SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe.7a90000.8.raw.unpack, bCWvHbG4CeRvKZSRlV.cs | High entropy of concatenated method names: 'EditValue', 'GetEditStyle', 'bMt6ieSYgm', 'y8M6fhjTd0', 'BWM6zT6Vk5', 'sMaBklI35k', 'WbxBrOJ0d0', 'QvZB6A4DE8', 'MZgBBM4QkB', 'pbKxfvXjmcVfu6XPtJV' |
| Source: 0.2.SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe.7a90000.8.raw.unpack, RocnB2u6C8dIpdLghk.cs | High entropy of concatenated method names: 'jdCVWOkECE', 'BtUVjX1oJy', 'xmJV5SnXlt', 'jkCVNCVXcU', 'QnxV93VOQ9', 'JrF5RlJOET', 'uDM5nRBPwI', 'FUc5C67aHe', 'IHo5ZsIwDf', 'nmn5iuQYWQ' |
| Source: 0.2.SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe.7a90000.8.raw.unpack, z7HkQISSUc8fxlNT0x.cs | High entropy of concatenated method names: 'FnDs8axPlF', 'U4ZslSRcgX', 'ToString', 'FE4s1dlYeU', 'gbUsj6RmVQ', 'ssWsGe8a5X', 'hOls5MFQhb', 'yZFsVPykcr', 'zaUsNYkTT3', 'i43s9D8jir' |
| Source: 0.2.SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe.7a90000.8.raw.unpack, w3ZuvYCFmLtVcdUSDL.cs | High entropy of concatenated method names: 'ACO2F3wZB8', 'uXT2sFDswQ', 'WIf22Pdvw7', 'C0b2omCkqv', 'nrl2dJdGMG', 'QPK2HA3JA9', 'Dispose', 'SooJ1t1jT0', 'jwvJjxHgsg', 'pIlJGIXytF' |
| Source: 0.2.SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe.7a90000.8.raw.unpack, pr4s13fQXspK0cwc1I.cs | High entropy of concatenated method names: 't39qGFMsFp', 'kjjq5Y7Pvp', 'yPBqVWqLyg', 'kkKqNDZdqV', 'rfmq2p7QQ7', 'Yuoq9SIi5d', 'Next', 'Next', 'Next', 'NextBytes' |
| Source: 0.2.SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe.7a90000.8.raw.unpack, qrZHNFig5JXA7KJREd.cs | High entropy of concatenated method names: 'WKn2ulCoZK', 'SSI2eHgmRL', 'Usx2L0OiOk', 'U5h20bYHGf', 'WBR23Ln1M3', 'QN22Ocxq2i', 'eOT2EU9xAm', 'KkU2UrjOsA', 'I8X2QVA5f9', 'RA52XVhgyO' |
| Source: 0.2.SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe.7a90000.8.raw.unpack, fcADGoPOgv7XtLc1lr.cs | High entropy of concatenated method names: 'ToString', 'U8Hgctc4oH', 'NfygeaN4Nh', 'OTtgLhBlAg', 'TZJg0aJ6qm', 'Lo1g3RRTrS', 'a4DgOwbd3y', 'zC5gEjSMvK', 's30gUsIQx0', 'cpTgQUaKWY' |
| Source: 0.2.SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe.7a90000.8.raw.unpack, fUtiR375gvAFZ0s7oX.cs | High entropy of concatenated method names: 'lLm4KWvhAf', 'RpQ4TBIqA8', 'BcB4ucjpC1', 'ac54eoWPGQ', 'URZ403OIR4', 'lUP43wQvFn', 'J224E3341q', 'epI4UexKy9', 'TD14Xi7FpI', 'ad64coTohs' |
| Source: 0.2.SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe.7a90000.8.raw.unpack, OyoJ5qrk9TMoyInOpOI.cs | High entropy of concatenated method names: 'CanConvertFrom', 'ConvertFrom', 'ConvertTo', 'eOuqcWIdd2', 'M6OqaUpIyw', 'gW2q7KaoRt', 'Ygkqh7OiCY', 'A3Iqt69qqI', 'FHEqPoCqF7', 'fBVqSGWpKj' |
| Source: 0.2.SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe.7a90000.8.raw.unpack, gHNKGQTwPXojjZtPg1.cs | High entropy of concatenated method names: 'iVPGDq6Ho4', 'WsyGwrFVO6', 'seMGK8o6y7', 'x0XGTrhy82', 'qChGF1HbYd', 'R3sGg9gE16', 'iyjGsaGrky', 'dZJGJ8TDX6', 'EFOG2PFJwx', 'ociGq5dQV5' |
| Source: 0.2.SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe.7a90000.8.raw.unpack, PeRObGEbsmxBxW0AqV.cs | High entropy of concatenated method names: 'OyNN1hCBL7', 'oCtNGF2Rsj', 'E2nNVJ1C5R', 'xuNVfQaP1J', 'UAqVzy0JNT', 'AImNkodmDF', 'Id6NrHa1El', 'vMjN6VjuI5', 'rsMNBAe4fK', 'dD3NxisHBu' |
| Source: 0.2.SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe.7a90000.8.raw.unpack, boxq7on20nxSOc1pYB.cs | High entropy of concatenated method names: 'H3CsZrRSMF', 'VCxsfQpu9q', 'qs2JkArA25', 'vA0Jrv1Zfy', 'y4FscRI5jE', 'aiKsah08gf', 'b5ss7wCspt', 'Djrshn4TLU', 'lcystgJCaq', 'rOisPISEp9' |
| Source: 0.2.SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe.7a90000.8.raw.unpack, KRNngrUKXnqM1Klq8d.cs | High entropy of concatenated method names: 'ISKNsxDoCT', 'ac7N2mgoRl', 'CBDNgK5fav', 'rRWykrMJPYhfE8satsL', 'FMLjQoMy0JdH9im2peK', 'dEXOhoMFvwr1TcUqkry' |
| Source: 0.2.SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe.7a90000.8.raw.unpack, xjuciJKCOIPdtRI75L.cs | High entropy of concatenated method names: 'MIJjhEMlKS', 'q7JjtkhU2H', 'z1sjPVLVwm', 'wMbjScV40B', 'CydjRdZaEv', 'psJjnVSTAS', 'KLwjCorqUj', 'HAyjZ44REx', 'PONjiVZ4AM', 'NMPjfAQhiJ' |
| Source: 0.2.SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe.7a90000.8.raw.unpack, AK3Fh9AHBPMI9DMtJn.cs | High entropy of concatenated method names: 'Cgw5yG8Cx1', 'fAb5Ix9UGQ', 'g0sGLiOB4k', 'HksG0S5e8C', 'cjsG3Sjs6m', 'wZUGO1br3M', 'VxGGEr3edb', 'tfLGUuBq2c', 'V1oGQfidFf', 'z2tGXCF21p' |
| Source: 0.2.SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe.7a90000.8.raw.unpack, RJaaji63qW95FhffxD.cs | High entropy of concatenated method names: 'UtfYCr8Jg', 'NmXDCDgSl', 'xQ8wsEZZG', 'XXCIdZh8l', 'uBMTBtUjl', 'uScA09hCe', 'JjVgk2P0gqd9OpBDvg', 'XmhkRtKjHEa5suBvZ8', 'h7gJnQ2at', 'XaNqPEXWp' |
| Source: 0.2.SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe.7a90000.8.raw.unpack, RWedmCzgLalRtVO9k4.cs | High entropy of concatenated method names: 'JC1qwAnUkA', 'ILcqKMcmyJ', 'mxYqTuHZUT', 'JFlqu3cr0Q', 'Nt8qe2Xckw', 'OgBq0VwgLm', 'fhGq3j9lOw', 'beCqHdMT0h', 'ajyqmmcjgC', 'DjGqM4K5wj' |
| Source: 0.2.SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe.7a90000.8.raw.unpack, OtiHIKxaCIp5HFqLh8.cs | High entropy of concatenated method names: 'hwHrNjuciJ', 'VOIr9PdtRI', 'MwPr8XojjZ', 'RPgrl1yK3F', 'AMtrFJntoc', 'VB2rg6C8dI', 'EuPjhV7P38V1pB5C9S', 'BvgqOuvOAmwReNjbu0', 'xxarrJmvnM', 'dH8rBYVCZl' |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Design\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Design.dll VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\calibriz.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\cambria.ttc VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\cambriai.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\cambriab.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\cambriaz.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\cambria.ttc VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\Candara.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\Candaral.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\Candarai.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\Candarali.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\Candarab.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\Candaraz.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\comic.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\comici.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\comicbd.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\comicz.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\constan.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\constani.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\constanb.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\constanz.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\corbel.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\corbell.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\corbeli.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\corbelli.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\corbelb.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\corbelz.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\cour.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\couri.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\courbd.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\courbi.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\ebrima.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\ebrimabd.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\framd.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\FRADM.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\framdit.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\FRADMIT.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\FRAMDCN.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\FRADMCN.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\FRAHV.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\FRAHVIT.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\Gabriola.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\gadugi.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\gadugib.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\georgia.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\georgiai.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\georgiab.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\georgiaz.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\impact.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\Inkfree.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\javatext.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\LeelawUI.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\LeelUIsl.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\LeelaUIb.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\lucon.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\l_10646.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\himalaya.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\msjhl.ttc VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\msjhbd.ttc VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\msjh.ttc VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\msjhbd.ttc VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\ntailu.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\ntailub.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\phagspa.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\phagspab.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\micross.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\taile.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\msyh.ttc VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\msyhbd.ttc VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\msyi.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\mingliub.ttc VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\mingliub.ttc VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\mingliub.ttc VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\msgothic.ttc VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\msgothic.ttc VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\mvboli.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\mmrtext.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\mmrtextb.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\pala.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\palai.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\palab.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\palabi.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\segoepr.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\segoeprb.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\segoesc.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\segoescb.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\seguihis.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\simsun.ttc VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\simsunb.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\Sitka.ttc VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\SitkaI.ttc VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\SitkaB.ttc VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\SitkaZ.ttc VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\Sitka.ttc VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\SitkaI.ttc VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\SitkaB.ttc VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\SitkaZ.ttc VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\Sitka.ttc VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\SitkaI.ttc VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\SitkaB.ttc VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\SitkaZ.ttc VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\Sitka.ttc VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\SitkaI.ttc VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\SitkaZ.ttc VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\Sitka.ttc VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\sylfaen.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\symbol.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\trebuc.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\trebucit.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\trebucbd.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\trebucbi.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\verdana.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\verdanai.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\verdanaz.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\webdings.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\wingding.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\YuGothM.ttc VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\YuGothL.ttc VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\YuGothB.ttc VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\YuGothM.ttc VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\YuGothR.ttc VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\YuGothL.ttc VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\YuGothB.ttc VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\holomdl2.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\AGENCYR.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\AGENCYB.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\ALGER.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\BKANT.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\ANTQUAI.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\ANTQUAB.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\ANTQUABI.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\ARLRDBD.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\BASKVILL.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\BAUHS93.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\BELL.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\BELLI.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\BELLB.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\BERNHC.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\BOD_R.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\BOD_I.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\BOD_B.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\BOD_BI.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\BOD_CR.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\BOD_BLAR.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\BOD_CI.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\BOD_CB.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\BOD_BLAI.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\BOD_CBI.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\BOD_PSTC.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\BOOKOS.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\BOOKOSB.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\BOOKOSI.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\BOOKOSBI.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\BRADHITC.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\BRITANIC.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\BRLNSR.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\BRLNSDB.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\BRLNSB.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\BROADW.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\BRUSHSCI.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\BSSYM7.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\CALIFR.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\CALIFI.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\CALIFB.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\CALIST.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\CALISTI.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\CALISTB.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\CALISTBI.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\CASTELAR.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\CENSCBK.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\SCHLBKI.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\SCHLBKB.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\SCHLBKBI.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\CENTAUR.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\CENTURY.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\CHILLER.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\COLONNA.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\COOPBL.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\COPRGTL.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\COPRGTB.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\CURLZ___.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\DUBAI-REGULAR.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\DUBAI-MEDIUM.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\DUBAI-BOLD.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\ELEPHNT.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\ELEPHNTI.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\ENGR.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\ERASMD.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\ERASLGHT.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\ERASDEMI.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\ERASBD.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\FELIXTI.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\FORTE.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\FRABK.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\FRABKIT.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\FREESCPT.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\FRSCRIPT.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\FTLTLT.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\GARA.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\GARAIT.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\GARABD.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\GIGI.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\GIL_____.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\GILI____.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\GILB____.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\GILBI___.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\GILC____.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\GLSNECB.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\GLECB.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\GOTHIC.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\GOTHICI.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\GOTHICB.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\GOTHICBI.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\GOUDOS.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\GOUDOSI.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\GOUDOSB.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\GOUDYSTO.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\HARLOWSI.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\HARNGTON.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\HATTEN.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\HTOWERT.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\HTOWERTI.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\IMPRISHA.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\INFROMAN.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\ITCBLKAD.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\ITCEDSCR.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\ITCKRIST.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\JOKERMAN.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\JUICE___.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\KUNSTLER.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\LATINWD.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\LBRITE.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\LBRITED.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\LBRITEI.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\LBRITEDI.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\LCALLIG.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\LEELAWAD.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\LEELAWDB.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\LFAX.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\LFAXD.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\LFAXI.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\LFAXDI.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\LHANDW.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\LSANS.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\LSANSD.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\LSANSI.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\LSANSDI.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\LTYPE.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\LTYPEO.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\LTYPEB.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\LTYPEBO.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\MAGNETOB.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\MAIAN.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\MATURASC.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\MISTRAL.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\MOD20.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\MSUIGHUR.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\MSUIGHUB.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\MTCORSVA.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\MTEXTRA.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\NIAGENG.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\NIAGSOL.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\OCRAEXT.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\OLDENGL.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\ONYX.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\OUTLOOK.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\PALSCRI.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\PAPYRUS.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\PARCHM.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\PER_____.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\PERI____.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\PERB____.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\PERBI___.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\PERTILI.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\PERTIBD.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\PLAYBILL.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\POORICH.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\PRISTINA.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\RAGE.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\RAVIE.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\REFSAN.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\REFSPCL.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\ROCK.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\ROCKI.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\ROCKB.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\ROCKEB.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\ROCKBI.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\ROCC____.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\ROCCB___.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\SCRIPTBL.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\SHOWG.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\SNAP____.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\STENCIL.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\TCM_____.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\TCMI____.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\TCB_____.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\TCBI____.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\TCCM____.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\TCCB____.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\TCCEB.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\TEMPSITC.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\VINERITC.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\VIVALDII.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\VLADIMIR.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\WINGDNG2.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\WINGDNG3.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\flat_officeFontsPreview.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\OFFSYM.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\OFFSYMSL.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\OFFSYMSB.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\OFFSYMXL.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\OFFSYML.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\OFFSYMB.TTF VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Fonts\micross.ttf VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Extensions\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.Extensions.dll VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll VolumeInformation | Jump to behavior |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll VolumeInformation | Jump to behavior |
Edit tour
SecuriteInfo.com.Win32.SpywareX-gen.21876.23851.exe (PID: 7784 cmdline: 
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet
