| Source: PI.exe, PI.exe, 00000007.00000002.706572619.0000000000B42000.00000004.00000001.sdmp |
String found in binary or memory: http://127.0.0.1: |
| Source: PI.exe, 00000002.00000002.944519197.0000000005A20000.00000004.00000001.sdmp |
String found in binary or memory: http://apps.identrust.com/roots/dstrootcax3.p7c0 |
| Source: PI.exe, 00000002.00000002.944519197.0000000005A20000.00000004.00000001.sdmp |
String found in binary or memory: http://cert.int-x3.letsencrypt.org/0 |
| Source: PI.exe, 00000002.00000002.944519197.0000000005A20000.00000004.00000001.sdmp |
String found in binary or memory: http://cps.letsencrypt.org0 |
| Source: PI.exe, 00000002.00000002.944519197.0000000005A20000.00000004.00000001.sdmp |
String found in binary or memory: http://cps.root-x1.letsencrypt.org0 |
| Source: PI.exe, 00000002.00000002.944519197.0000000005A20000.00000004.00000001.sdmp |
String found in binary or memory: http://crl.identrust |
| Source: PI.exe, 00000002.00000002.944519197.0000000005A20000.00000004.00000001.sdmp |
String found in binary or memory: http://crl.identrust.com/DSTROOTCAX3CRL.crl0 |
| Source: PI.exe, 00000002.00000002.944519197.0000000005A20000.00000004.00000001.sdmp |
String found in binary or memory: http://isrg.trustid.ocsp.identrust.com0; |
| Source: PI.exe, 00000002.00000002.944519197.0000000005A20000.00000004.00000001.sdmp |
String found in binary or memory: http://ocsp.int-x3.letsencrypt.org0/ |
| Source: PI.exe, PI.exe, 00000007.00000002.706572619.0000000000B42000.00000004.00000001.sdmp |
String found in binary or memory: https://api.telegram.org/bot%telegramapi%/ |
| Source: PI.exe |
String found in binary or memory: https://www.theonionrouter.com/dist.torproject.org/torbrowser/ |
| Source: PI.exe |
String found in binary or memory: https://www.theonionrouter.com/dist.torproject.org/torbrowser/9.5.3/tor-win32-0.4.3.6.zip |
| Source: PI.exe, 00000000.00000002.681442399.00000000027E5000.00000040.00000001.sdmp, PI.exe, 00000002.00000002.941812642.0000000000402000.00000040.00000001.sdmp, PI.exe, 00000005.00000002.708227438.00000000027D5000.00000040.00000001.sdmp, PI.exe, 00000007.00000002.706572619.0000000000B42000.00000004.00000001.sdmp |
String found in binary or memory: https://www.theonionrouter.com/dist.torproject.org/torbrowser/U |
| Source: PI.exe, 00000002.00000002.943432491.0000000002C69000.00000004.00000001.sdmp, PI.exe, 00000002.00000002.943600197.0000000002D98000.00000004.00000001.sdmp |
String found in binary or memory: https://xmFob4yUwp.org |
| Source: PI.exe, 00000002.00000002.943293284.0000000002B8A000.00000004.00000001.sdmp |
String found in binary or memory: https://xmFob4yUwp.org$ |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 0_2_004547D0 NtdllDefWindowProc_A, |
0_2_004547D0 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 0_2_0042E46C NtdllDefWindowProc_A, |
0_2_0042E46C |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 0_2_00454F4C IsIconic,SetActiveWindow,IsWindowEnabled,SetWindowPos,NtdllDefWindowProc_A, |
0_2_00454F4C |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 0_2_00454FFC IsIconic,SetActiveWindow,IsWindowEnabled,NtdllDefWindowProc_A,SetWindowPos,SetFocus, |
0_2_00454FFC |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 0_2_004493A0 GetSubMenu,SaveDC,RestoreDC,72E7B080,SaveDC,RestoreDC,NtdllDefWindowProc_A, |
0_2_004493A0 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 0_2_00439CA4 NtdllDefWindowProc_A,GetCapture, |
0_2_00439CA4 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 2_2_0046E159 NtCreateSection, |
2_2_0046E159 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 2_2_0233B362 NtQuerySystemInformation, |
2_2_0233B362 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 2_2_0233B331 NtQuerySystemInformation, |
2_2_0233B331 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 3_2_004547D0 NtdllDefWindowProc_A, |
3_2_004547D0 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 3_2_0042E46C NtdllDefWindowProc_A, |
3_2_0042E46C |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 3_2_00454F4C IsIconic,SetActiveWindow,IsWindowEnabled,SetWindowPos,NtdllDefWindowProc_A, |
3_2_00454F4C |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 3_2_00454FFC IsIconic,SetActiveWindow,IsWindowEnabled,NtdllDefWindowProc_A,SetWindowPos,SetFocus, |
3_2_00454FFC |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 3_2_004493A0 GetSubMenu,SaveDC,RestoreDC,GetWindowDC,SaveDC,RestoreDC,NtdllDefWindowProc_A, |
3_2_004493A0 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 3_2_00439CA4 NtdllDefWindowProc_A,GetCapture, |
3_2_00439CA4 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 5_2_004547D0 NtdllDefWindowProc_A, |
5_2_004547D0 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 5_2_0042E46C NtdllDefWindowProc_A, |
5_2_0042E46C |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 5_2_00454F4C IsIconic,SetActiveWindow,IsWindowEnabled,SetWindowPos,NtdllDefWindowProc_A, |
5_2_00454F4C |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 5_2_00454FFC IsIconic,SetActiveWindow,IsWindowEnabled,NtdllDefWindowProc_A,SetWindowPos,SetFocus, |
5_2_00454FFC |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 5_2_004493A0 GetSubMenu,SaveDC,RestoreDC,GetWindowDC,SaveDC,RestoreDC,NtdllDefWindowProc_A, |
5_2_004493A0 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 5_2_00439CA4 NtdllDefWindowProc_A,GetCapture, |
5_2_00439CA4 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 0_2_0044EEA4 |
0_2_0044EEA4 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 0_2_004493A0 |
0_2_004493A0 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 0_2_00471BA8 |
0_2_00471BA8 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 0_2_0046BD44 |
0_2_0046BD44 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 2_2_00467976 |
2_2_00467976 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 2_2_0046D13D |
2_2_0046D13D |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 2_2_02332478 |
2_2_02332478 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 2_2_04E33468 |
2_2_04E33468 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 2_2_04E20007 |
2_2_04E20007 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 2_2_04E39010 |
2_2_04E39010 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 2_2_04E331F8 |
2_2_04E331F8 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 2_2_04E37990 |
2_2_04E37990 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 2_2_04E31568 |
2_2_04E31568 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 2_2_04E31D20 |
2_2_04E31D20 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 2_2_04E3810F |
2_2_04E3810F |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 2_2_04E3B6E8 |
2_2_04E3B6E8 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 2_2_04E3DBB8 |
2_2_04E3DBB8 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 2_2_04E39388 |
2_2_04E39388 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 2_2_04E3CB34 |
2_2_04E3CB34 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 2_2_04E3C8EB |
2_2_04E3C8EB |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 2_2_04E39CFE |
2_2_04E39CFE |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 2_2_04E384B1 |
2_2_04E384B1 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 2_2_04E328B8 |
2_2_04E328B8 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 2_2_04E3C8B8 |
2_2_04E3C8B8 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 2_2_04E348BE |
2_2_04E348BE |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 2_2_04E3C889 |
2_2_04E3C889 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 2_2_04E32099 |
2_2_04E32099 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 2_2_04E3C877 |
2_2_04E3C877 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 2_2_04E36C35 |
2_2_04E36C35 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 2_2_04E39000 |
2_2_04E39000 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 2_2_04E3D5C3 |
2_2_04E3D5C3 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 2_2_04E355D3 |
2_2_04E355D3 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 2_2_04E38998 |
2_2_04E38998 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 2_2_04E31559 |
2_2_04E31559 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 2_2_04E32136 |
2_2_04E32136 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 2_2_04E3553A |
2_2_04E3553A |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 2_2_04E39D03 |
2_2_04E39D03 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 2_2_04E39D08 |
2_2_04E39D08 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 2_2_04E31D10 |
2_2_04E31D10 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 2_2_04E37A98 |
2_2_04E37A98 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 2_2_04E3566C |
2_2_04E3566C |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 2_2_04E36A72 |
2_2_04E36A72 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 2_2_04E37E78 |
2_2_04E37E78 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 2_2_04E33468 |
2_2_04E33468 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 2_2_04E3A3A2 |
2_2_04E3A3A2 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 2_2_04E3DBA9 |
2_2_04E3DBA9 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 2_2_04E357AD |
2_2_04E357AD |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 2_2_04E39378 |
2_2_04E39378 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 2_2_059A59C8 |
2_2_059A59C8 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 2_2_059A07F0 |
2_2_059A07F0 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 2_2_059A0D10 |
2_2_059A0D10 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 2_2_059A7710 |
2_2_059A7710 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 2_2_059A3F22 |
2_2_059A3F22 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 2_2_059A3740 |
2_2_059A3740 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 2_2_059A5370 |
2_2_059A5370 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 2_2_059A1EB0 |
2_2_059A1EB0 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 2_2_059A1CC0 |
2_2_059A1CC0 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 2_2_059A56F3 |
2_2_059A56F3 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 2_2_059A7E08 |
2_2_059A7E08 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 2_2_059A8648 |
2_2_059A8648 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 2_2_059A0788 |
2_2_059A0788 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 2_2_059A0DBB |
2_2_059A0DBB |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 2_2_059A07D3 |
2_2_059A07D3 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 2_2_059A63CC |
2_2_059A63CC |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 2_2_059A0DCD |
2_2_059A0DCD |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 2_2_059A3FC7 |
2_2_059A3FC7 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 2_2_059A7DF8 |
2_2_059A7DF8 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 2_2_059A1115 |
2_2_059A1115 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 2_2_059A7703 |
2_2_059A7703 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 2_2_059A3731 |
2_2_059A3731 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 2_2_059A3F7C |
2_2_059A3F7C |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 2_2_059A0E93 |
2_2_059A0E93 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 2_2_059A7E87 |
2_2_059A7E87 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 2_2_059A72BC |
2_2_059A72BC |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 2_2_059A1CB0 |
2_2_059A1CB0 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 2_2_059A1EA3 |
2_2_059A1EA3 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 2_2_059A08D6 |
2_2_059A08D6 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 2_2_059A0CF2 |
2_2_059A0CF2 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 2_2_059A2414 |
2_2_059A2414 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 2_2_059A0A2A |
2_2_059A0A2A |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 2_2_059A0E6A |
2_2_059A0E6A |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 3_2_0044EEA4 |
3_2_0044EEA4 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 3_2_004493A0 |
3_2_004493A0 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 3_2_00471BA8 |
3_2_00471BA8 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 3_2_0046BD44 |
3_2_0046BD44 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 5_2_0044EEA4 |
5_2_0044EEA4 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 5_2_004493A0 |
5_2_004493A0 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 5_2_00471BA8 |
5_2_00471BA8 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 5_2_0046BD44 |
5_2_0046BD44 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 7_2_00467976 |
7_2_00467976 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 7_2_0046D13D |
7_2_0046D13D |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 0_2_00440F64 push 00440FF1h; ret |
0_2_00440FE9 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 0_2_0040C076 push 0040C0E7h; ret |
0_2_0040C0DF |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 0_2_0040C078 push 0040C0E7h; ret |
0_2_0040C0DF |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 0_2_0040C156 push 0040C184h; ret |
0_2_0040C17C |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 0_2_0040C158 push 0040C184h; ret |
0_2_0040C17C |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 0_2_004421E4 push ecx; mov dword ptr [esp], edx |
0_2_004421E8 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 0_2_004101F0 push 004103F1h; ret |
0_2_004103E9 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 0_2_0041018C push 004101EDh; ret |
0_2_004101E5 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 0_2_004642CC push 004642F8h; ret |
0_2_004642F0 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 0_2_004103F4 push 00410538h; ret |
0_2_00410530 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 0_2_004264A8 push 00426578h; ret |
0_2_00426570 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 0_2_0041050C push 00410538h; ret |
0_2_00410530 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 0_2_0044251C push 00442548h; ret |
0_2_00442540 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 0_2_0040659E push 004065F1h; ret |
0_2_004065E9 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 0_2_004065A0 push 004065F1h; ret |
0_2_004065E9 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 0_2_00460674 push 004606A0h; ret |
0_2_00460698 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 0_2_004306D0 push 0043073Ah; ret |
0_2_00430732 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 0_2_0041C680 push ecx; mov dword ptr [esp], edx |
0_2_0041C685 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 0_2_00426688 push 004266B4h; ret |
0_2_004266AC |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 0_2_00406770 push 0040679Ch; ret |
0_2_00406794 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 0_2_0043073C push 004307A6h; ret |
0_2_0043079E |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 0_2_0040682C push 00406858h; ret |
0_2_00406850 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 0_2_00426940 push 0042696Ch; ret |
0_2_00426964 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 0_2_0041A914 push ecx; mov dword ptr [esp], edx |
0_2_0041A916 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 0_2_0045691C push 00456976h; ret |
0_2_0045696E |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 0_2_004289CC push 004289F8h; ret |
0_2_004289F0 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 0_2_00428980 push 004289C1h; ret |
0_2_004289B9 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 0_2_00428A04 push 00428A3Ch; ret |
0_2_00428A34 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 0_2_00456B34 push ecx; mov dword ptr [esp], edx |
0_2_00456B39 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 0_2_00412BE4 push ecx; mov dword ptr [esp], eax |
0_2_00412BE5 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 0_2_0042EBF4 push 0042EC20h; ret |
0_2_0042EC18 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 0_2_00454858 PostMessageA,PostMessageA,SendMessageA,GetProcAddress,GetLastError,IsWindowEnabled,IsWindowVisible,GetFocus,SetFocus,SetFocus,IsIconic,GetFocus,SetFocus, |
0_2_00454858 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 0_2_0043C504 IsIconic,GetWindowPlacement,GetWindowRect,GetWindowLongA,GetWindowLongA,ScreenToClient,ScreenToClient, |
0_2_0043C504 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 0_2_00454F4C IsIconic,SetActiveWindow,IsWindowEnabled,SetWindowPos,NtdllDefWindowProc_A, |
0_2_00454F4C |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 0_2_00454FFC IsIconic,SetActiveWindow,IsWindowEnabled,NtdllDefWindowProc_A,SetWindowPos,SetFocus, |
0_2_00454FFC |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 0_2_0043B378 IsIconic,GetCapture, |
0_2_0043B378 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 0_2_00427394 IsIconic,GetWindowPlacement,GetWindowRect, |
0_2_00427394 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 0_2_0045194C SendMessageA,ShowWindow,ShowWindow,CallWindowProcA,SendMessageA,ShowWindow,SetWindowPos,GetActiveWindow,IsIconic,SetWindowPos,SetActiveWindow,ShowWindow, |
0_2_0045194C |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 0_2_0043BC20 IsIconic,SetWindowPos,GetWindowPlacement,SetWindowPlacement, |
0_2_0043BC20 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 3_2_00454858 PostMessageA,PostMessageA,SendMessageA,GetProcAddress,GetLastError,IsWindowEnabled,IsWindowVisible,GetFocus,SetFocus,SetFocus,IsIconic,GetFocus,SetFocus, |
3_2_00454858 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 3_2_0043C504 IsIconic,GetWindowPlacement,GetWindowRect,GetWindowLongA,GetWindowLongA,ScreenToClient,ScreenToClient, |
3_2_0043C504 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 3_2_00454F4C IsIconic,SetActiveWindow,IsWindowEnabled,SetWindowPos,NtdllDefWindowProc_A, |
3_2_00454F4C |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 3_2_00454FFC IsIconic,SetActiveWindow,IsWindowEnabled,NtdllDefWindowProc_A,SetWindowPos,SetFocus, |
3_2_00454FFC |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 3_2_0043B378 IsIconic,GetCapture, |
3_2_0043B378 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 3_2_00427394 IsIconic,GetWindowPlacement,GetWindowRect, |
3_2_00427394 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 3_2_0045194C SendMessageA,ShowWindow,ShowWindow,CallWindowProcA,SendMessageA,ShowWindow,SetWindowPos,GetActiveWindow,IsIconic,SetWindowPos,SetActiveWindow,ShowWindow, |
3_2_0045194C |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 3_2_0043BC20 IsIconic,SetWindowPos,GetWindowPlacement,SetWindowPlacement, |
3_2_0043BC20 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 5_2_00454858 PostMessageA,PostMessageA,SendMessageA,GetProcAddress,GetLastError,IsWindowEnabled,IsWindowVisible,GetFocus,SetFocus,SetFocus,IsIconic,GetFocus,SetFocus, |
5_2_00454858 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 5_2_0043C504 IsIconic,GetWindowPlacement,GetWindowRect,GetWindowLongA,GetWindowLongA,ScreenToClient,ScreenToClient, |
5_2_0043C504 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 5_2_00454F4C IsIconic,SetActiveWindow,IsWindowEnabled,SetWindowPos,NtdllDefWindowProc_A, |
5_2_00454F4C |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 5_2_00454FFC IsIconic,SetActiveWindow,IsWindowEnabled,NtdllDefWindowProc_A,SetWindowPos,SetFocus, |
5_2_00454FFC |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 5_2_0043B378 IsIconic,GetCapture, |
5_2_0043B378 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 5_2_00427394 IsIconic,GetWindowPlacement,GetWindowRect, |
5_2_00427394 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 5_2_0045194C SendMessageA,ShowWindow,ShowWindow,CallWindowProcA,SendMessageA,ShowWindow,SetWindowPos,GetActiveWindow,IsIconic,SetWindowPos,SetActiveWindow,ShowWindow, |
5_2_0045194C |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: 5_2_0043BC20 IsIconic,SetWindowPos,GetWindowPlacement,SetWindowPlacement, |
5_2_0043BC20 |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Windows\System32\wscript.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Windows\System32\wscript.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Windows\System32\wscript.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -922337203685477s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -120000s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -118624s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -88641s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -88359s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -117440s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -87330s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -115624s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -115188s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -56906s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -113440s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -113000s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -83718s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -111188s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -110812s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -109440s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -109000s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -108624s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -80109s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -79830s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -79500s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -52720s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -52500s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -78468s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -78141s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -51720s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -76830s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -76500s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -101188s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -49906s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -49720s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -99000s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -73218s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -72891s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -96812s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -96440s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -71250s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -70968s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -69609s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -69330s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -46000s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -45720s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -67968s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -67359s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -44720s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -66330s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -66000s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -43812s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -64359s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -64080s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -41812s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -41594s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -41406s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -82440s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -61080s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -60468s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -60141s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -39594s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -58830s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -58500s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -58218s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -38500s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -57141s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -56859s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -56580s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -55830s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -55500s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -55218s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -54891s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -36094s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -53859s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -35720s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -53250s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -35000s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -52218s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -51891s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -34406s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -51330s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -33906s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -33720s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -50250s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -49641s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -32812s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -32594s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -48609s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -48000s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -31500s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -46968s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -61440s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -45750s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -45000s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -44718s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -42750s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -38859s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -38580s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -37218s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -35580s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -35250s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -89718s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -89391s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -87750s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -86109s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -85830s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -84468s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -54094s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -80580s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -75609s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -75330s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -73968s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -73641s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -48000s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -64830s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -63141s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -61500s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -39906s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -39720s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -38594s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -36220s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -35094s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -34000s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -32906s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -31812s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -31594s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -55220s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -52594s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -51500s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -47094s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -46906s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -45812s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -45094s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -43406s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -42312s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6912 |
Thread sleep time: -30906s >= -30000s |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe TID: 6552 |
Thread sleep count: 74 > 30 |
Jump to behavior |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: GetModuleFileNameA,RegOpenKeyExA,RegOpenKeyExA,RegOpenKeyExA,RegOpenKeyExA,RegQueryValueExA,RegQueryValueExA,RegCloseKey,lstrcpyn,GetThreadLocale,GetLocaleInfoA,lstrlen,lstrcpyn,LoadLibraryExA,lstrcpyn,LoadLibraryExA,lstrcpyn,LoadLibraryExA, |
0_2_00405CA0 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: GetLocaleInfoA,GetACP, |
0_2_0040AD2C |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: GetLocaleInfoA, |
0_2_004099FC |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: GetLocaleInfoA, |
0_2_004099B0 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: lstrcpyn,GetThreadLocale,GetLocaleInfoA,lstrlen,lstrcpyn,LoadLibraryExA,lstrcpyn,LoadLibraryExA,lstrcpyn,LoadLibraryExA, |
0_2_00405DAC |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: GetLocaleInfoA, |
2_2_0046CA4A |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: GetModuleFileNameA,RegOpenKeyExA,RegOpenKeyExA,RegOpenKeyExA,RegOpenKeyExA,RegQueryValueExA,RegQueryValueExA,RegCloseKey,lstrcpyn,GetThreadLocale,GetLocaleInfoA,lstrlen,lstrcpyn,LoadLibraryExA,lstrcpyn,LoadLibraryExA,lstrcpyn,LoadLibraryExA, |
3_2_00405CA0 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: GetLocaleInfoA,GetACP, |
3_2_0040AD2C |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: GetLocaleInfoA, |
3_2_004099FC |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: GetLocaleInfoA, |
3_2_004099B0 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: lstrcpyn,GetThreadLocale,GetLocaleInfoA,lstrlen,lstrcpyn,LoadLibraryExA,lstrcpyn,LoadLibraryExA,lstrcpyn,LoadLibraryExA, |
3_2_00405DAC |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: GetModuleFileNameA,RegOpenKeyExA,RegOpenKeyExA,RegOpenKeyExA,RegOpenKeyExA,RegQueryValueExA,RegQueryValueExA,RegCloseKey,lstrcpyn,GetThreadLocale,GetLocaleInfoA,lstrlen,lstrcpyn,LoadLibraryExA,lstrcpyn,LoadLibraryExA,lstrcpyn,LoadLibraryExA, |
5_2_00405CA0 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: GetLocaleInfoA,GetACP, |
5_2_0040AD2C |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: GetLocaleInfoA, |
5_2_004099FC |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: GetLocaleInfoA, |
5_2_004099B0 |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: lstrcpyn,GetThreadLocale,GetLocaleInfoA,lstrlen,lstrcpyn,LoadLibraryExA,lstrcpyn,LoadLibraryExA,lstrcpyn,LoadLibraryExA, |
5_2_00405DAC |
| Source: C:\Users\user\Desktop\PI.exe |
Code function: GetLocaleInfoA, |
7_2_0046CA4A |
| Source: Yara match |
File source: 00000002.00000002.941812642.0000000000402000.00000040.00000001.sdmp, type: MEMORY |
| Source: Yara match |
File source: 00000002.00000002.941872630.0000000000475000.00000040.00000001.sdmp, type: MEMORY |
| Source: Yara match |
File source: 00000002.00000002.942359260.0000000002180000.00000004.00000001.sdmp, type: MEMORY |
| Source: Yara match |
File source: 00000002.00000002.942468067.0000000002252000.00000040.00000001.sdmp, type: MEMORY |
| Source: Yara match |
File source: 00000005.00000002.708227438.00000000027D5000.00000040.00000001.sdmp, type: MEMORY |
| Source: Yara match |
File source: 00000007.00000002.706572619.0000000000B42000.00000004.00000001.sdmp, type: MEMORY |
| Source: Yara match |
File source: 00000000.00000002.681442399.00000000027E5000.00000040.00000001.sdmp, type: MEMORY |
| Source: Yara match |
File source: 00000002.00000002.943139633.0000000002AC1000.00000004.00000001.sdmp, type: MEMORY |
| Source: Yara match |
File source: 00000007.00000002.705557320.0000000000475000.00000040.00000001.sdmp, type: MEMORY |
| Source: Yara match |
File source: 00000000.00000002.681329227.0000000002772000.00000040.00000001.sdmp, type: MEMORY |
| Source: Yara match |
File source: 00000007.00000002.706213393.0000000000790000.00000004.00000001.sdmp, type: MEMORY |
| Source: Yara match |
File source: 00000007.00000002.707115774.0000000000BB2000.00000040.00000001.sdmp, type: MEMORY |
| Source: Yara match |
File source: 00000007.00000001.705125363.0000000000499000.00000040.00020000.sdmp, type: MEMORY |
| Source: Yara match |
File source: 00000002.00000002.943293284.0000000002B8A000.00000004.00000001.sdmp, type: MEMORY |
| Source: Yara match |
File source: 00000002.00000002.942414784.00000000021E2000.00000004.00000001.sdmp, type: MEMORY |
| Source: Yara match |
File source: 00000002.00000002.943432491.0000000002C69000.00000004.00000001.sdmp, type: MEMORY |
| Source: Yara match |
File source: Process Memory Space: PI.exe PID: 6744, type: MEMORY |
| Source: Yara match |
File source: Process Memory Space: PI.exe PID: 6728, type: MEMORY |
| Source: Yara match |
File source: Process Memory Space: PI.exe PID: 6512, type: MEMORY |
| Source: Yara match |
File source: Process Memory Space: PI.exe PID: 5152, type: MEMORY |
| Source: Yara match |
File source: 2.2.PI.exe.2180000.1.raw.unpack, type: UNPACKEDPE |
| Source: Yara match |
File source: 7.2.PI.exe.bb0000.3.unpack, type: UNPACKEDPE |
| Source: Yara match |
File source: 2.2.PI.exe.2180000.1.unpack, type: UNPACKEDPE |
| Source: Yara match |
File source: 7.2.PI.exe.790000.1.raw.unpack, type: UNPACKEDPE |
| Source: Yara match |
File source: 2.2.PI.exe.2250000.3.unpack, type: UNPACKEDPE |
| Source: Yara match |
File source: 7.2.PI.exe.400000.0.unpack, type: UNPACKEDPE |
| Source: Yara match |
File source: 5.2.PI.exe.2760000.3.unpack, type: UNPACKEDPE |
| Source: Yara match |
File source: 7.1.PI.exe.400000.0.unpack, type: UNPACKEDPE |
| Source: Yara match |
File source: 0.2.PI.exe.2770000.3.unpack, type: UNPACKEDPE |
| Source: Yara match |
File source: 7.2.PI.exe.b40000.2.unpack, type: UNPACKEDPE |
| Source: Yara match |
File source: 7.2.PI.exe.790000.1.unpack, type: UNPACKEDPE |
| Source: Yara match |
File source: 2.2.PI.exe.21e0000.2.unpack, type: UNPACKEDPE |
| Source: Yara match |
File source: 2.2.PI.exe.400000.0.unpack, type: UNPACKEDPE |
| Source: Yara match |
File source: 00000002.00000002.941812642.0000000000402000.00000040.00000001.sdmp, type: MEMORY |
| Source: Yara match |
File source: 00000002.00000002.941872630.0000000000475000.00000040.00000001.sdmp, type: MEMORY |
| Source: Yara match |
File source: 00000002.00000002.942359260.0000000002180000.00000004.00000001.sdmp, type: MEMORY |
| Source: Yara match |
File source: 00000002.00000002.942468067.0000000002252000.00000040.00000001.sdmp, type: MEMORY |
| Source: Yara match |
File source: 00000005.00000002.708227438.00000000027D5000.00000040.00000001.sdmp, type: MEMORY |
| Source: Yara match |
File source: 00000007.00000002.706572619.0000000000B42000.00000004.00000001.sdmp, type: MEMORY |
| Source: Yara match |
File source: 00000000.00000002.681442399.00000000027E5000.00000040.00000001.sdmp, type: MEMORY |
| Source: Yara match |
File source: 00000002.00000002.943139633.0000000002AC1000.00000004.00000001.sdmp, type: MEMORY |
| Source: Yara match |
File source: 00000007.00000002.705557320.0000000000475000.00000040.00000001.sdmp, type: MEMORY |
| Source: Yara match |
File source: 00000000.00000002.681329227.0000000002772000.00000040.00000001.sdmp, type: MEMORY |
| Source: Yara match |
File source: 00000007.00000002.706213393.0000000000790000.00000004.00000001.sdmp, type: MEMORY |
| Source: Yara match |
File source: 00000007.00000002.707115774.0000000000BB2000.00000040.00000001.sdmp, type: MEMORY |
| Source: Yara match |
File source: 00000007.00000001.705125363.0000000000499000.00000040.00020000.sdmp, type: MEMORY |
| Source: Yara match |
File source: 00000002.00000002.943293284.0000000002B8A000.00000004.00000001.sdmp, type: MEMORY |
| Source: Yara match |
File source: 00000002.00000002.942414784.00000000021E2000.00000004.00000001.sdmp, type: MEMORY |
| Source: Yara match |
File source: 00000002.00000002.943432491.0000000002C69000.00000004.00000001.sdmp, type: MEMORY |
| Source: Yara match |
File source: Process Memory Space: PI.exe PID: 6744, type: MEMORY |
| Source: Yara match |
File source: Process Memory Space: PI.exe PID: 6728, type: MEMORY |
| Source: Yara match |
File source: Process Memory Space: PI.exe PID: 6512, type: MEMORY |
| Source: Yara match |
File source: Process Memory Space: PI.exe PID: 5152, type: MEMORY |
| Source: Yara match |
File source: 2.2.PI.exe.2180000.1.raw.unpack, type: UNPACKEDPE |
| Source: Yara match |
File source: 7.2.PI.exe.bb0000.3.unpack, type: UNPACKEDPE |
| Source: Yara match |
File source: 2.2.PI.exe.2180000.1.unpack, type: UNPACKEDPE |
| Source: Yara match |
File source: 7.2.PI.exe.790000.1.raw.unpack, type: UNPACKEDPE |
| Source: Yara match |
File source: 2.2.PI.exe.2250000.3.unpack, type: UNPACKEDPE |
| Source: Yara match |
File source: 7.2.PI.exe.400000.0.unpack, type: UNPACKEDPE |
| Source: Yara match |
File source: 5.2.PI.exe.2760000.3.unpack, type: UNPACKEDPE |
| Source: Yara match |
File source: 7.1.PI.exe.400000.0.unpack, type: UNPACKEDPE |
| Source: Yara match |
File source: 0.2.PI.exe.2770000.3.unpack, type: UNPACKEDPE |
| Source: Yara match |
File source: 7.2.PI.exe.b40000.2.unpack, type: UNPACKEDPE |
| Source: Yara match |
File source: 7.2.PI.exe.790000.1.unpack, type: UNPACKEDPE |
| Source: Yara match |
File source: 2.2.PI.exe.21e0000.2.unpack, type: UNPACKEDPE |
| Source: Yara match |
File source: 2.2.PI.exe.400000.0.unpack, type: UNPACKEDPE |
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet