Analysis Report http://www.videosoftdev.com/services/download.aspx?ProductID=1

Overview

General Information

Sample URL: http://www.videosoftdev.com/services/download.aspx?ProductID=1
Analysis ID: 326343

Most interesting Screenshot:

Detection

Score: 19
Range: 0 - 100
Whitelisted: false
Confidence: 0%

Signatures

Contains capabilities to detect virtual machines
Contains functionality to check if a debugger is running (IsDebuggerPresent)
Contains functionality to check if a window is minimized (may be used to check if an application is visible)
Contains functionality to communicate with device drivers
Contains functionality to detect sandboxes (mouse cursor move detection)
Contains functionality to dynamically determine API calls
Contains functionality to launch a program with higher privileges
Contains functionality to query CPU information (cpuid)
Contains functionality to query locales information (e.g. system language)
Contains functionality to read the PEB
Contains functionality to record screenshots
Contains functionality to retrieve information about pressed keystrokes
Contains functionality to shutdown / reboot the system
Contains functionality which may be used to detect a debugger (GetProcessHeap)
Creates a process in suspended mode (likely to inject code)
Creates files inside the system directory
Deletes files inside the Windows folder
Detected potential crypto function
Drops PE files
Drops PE files to the application program directory (C:\ProgramData)
Drops PE files to the windows directory (C:\Windows)
Found dropped PE file which has not been started or loaded
Found evaded block containing many API calls
Found evasive API chain checking for process token information
Found potential string decryption / allocating functions
Is looking for software installed on the system
Monitors certain registry keys / values for changes (often done to protect autostart functionality)
PE file contains an invalid checksum
PE file contains executable resources (Code or Archives)
PE file contains sections with non-standard names
PE file contains strange resources
Queries keyboard layouts
Queries the volume information (name, serial number etc) of a device
Tries to load missing DLLs
Uses Microsoft's Enhanced Cryptographic Provider
Uses code obfuscation techniques (call, push, ret)
Uses the system / local time for branch decision (may execute only at specific dates)
Very long cmdline option found, this is very uncommon (may be encrypted or packed)

Classification

Cryptography:

barindex
Uses Microsoft's Enhanced Cryptographic Provider
Source: C:\Users\user\AppData\Local\Temp\is-9NTLG.tmp\vcredist_x64.exe Code function: 27_2_00C99EB7 DecryptFileW, 27_2_00C99EB7
Source: C:\Users\user\AppData\Local\Temp\is-9NTLG.tmp\vcredist_x64.exe Code function: 27_2_00CBF961 CryptAcquireContextW,GetLastError,CryptCreateHash,GetLastError,CryptHashData,ReadFile,GetLastError,CryptDestroyHash,CryptReleaseContext,GetLastError,CryptGetHashParam,GetLastError,SetFilePointerEx,GetLastError, 27_2_00CBF961
Source: C:\Users\user\AppData\Local\Temp\is-9NTLG.tmp\vcredist_x64.exe Code function: 27_2_00C99C99 DecryptFileW,DecryptFileW, 27_2_00C99C99
Source: C:\Windows\Temp\{B430B43B-6E75-4804-BCFD-37DBF80ECCF7}\.cr\vcredist_x64.exe Code function: 29_2_00F39EB7 DecryptFileW, 29_2_00F39EB7
Source: C:\Windows\Temp\{B430B43B-6E75-4804-BCFD-37DBF80ECCF7}\.cr\vcredist_x64.exe Code function: 29_2_00F5F961 CryptAcquireContextW,GetLastError,CryptCreateHash,GetLastError,CryptHashData,ReadFile,GetLastError,CryptDestroyHash,CryptReleaseContext,GetLastError,CryptGetHashParam,GetLastError,SetFilePointerEx,GetLastError, 29_2_00F5F961
Source: C:\Windows\Temp\{B430B43B-6E75-4804-BCFD-37DBF80ECCF7}\.cr\vcredist_x64.exe Code function: 29_2_00F39C99 DecryptFileW,DecryptFileW, 29_2_00F39C99
Source: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe Code function: 32_2_0018F961 CryptAcquireContextW,GetLastError,CryptCreateHash,GetLastError,CryptHashData,ReadFile,GetLastError,CryptDestroyHash,CryptReleaseContext,GetLastError,CryptGetHashParam,GetLastError,SetFilePointerEx,GetLastError, 32_2_0018F961
Source: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe Code function: 32_2_00169C99 DecryptFileW,DecryptFileW, 32_2_00169C99
Source: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe Code function: 32_2_00169EB7 DecryptFileW, 32_2_00169EB7
Source: C:\Users\user\Desktop\download\video_editor_x64.exe Code function: 20_2_00405BEC GetModuleHandleW,GetProcAddress,lstrcpynW,lstrcpynW,lstrcpynW,FindFirstFileW,FindClose,lstrlenW,lstrcpynW,lstrlenW,lstrcpynW, 20_2_00405BEC
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Code function: 22_2_004AD294 FindFirstFileW,GetLastError, 22_2_004AD294
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Code function: 22_2_00408174 GetModuleHandleW,GetProcAddress,lstrcpynW,lstrcpynW,lstrcpynW,FindFirstFileW,FindClose,lstrlenW,lstrcpynW,lstrlenW,lstrcpynW, 22_2_00408174
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Code function: 22_2_004C0BC0 SetErrorMode,FindFirstFileW,FindNextFileW,FindClose,SetErrorMode, 22_2_004C0BC0
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Code function: 22_2_004C107C SetErrorMode,FindFirstFileW,FindNextFileW,FindClose,SetErrorMode, 22_2_004C107C
Source: C:\Users\user\AppData\Local\Temp\is-9NTLG.tmp\vcredist_x64.exe Code function: 27_2_00C83BC3 GetFileAttributesW,GetLastError,GetLastError,SetFileAttributesW,GetLastError,GetTempPathW,GetLastError,FindFirstFileW,GetLastError,SetFileAttributesW,DeleteFileW,GetTempFileNameW,MoveFileExW,MoveFileExW,MoveFileExW,FindNextFileW,GetLastError,GetLastError,GetLastError,GetLastError,RemoveDirectoryW,GetLastError,MoveFileExW,GetLastError,FindClose, 27_2_00C83BC3
Source: C:\Users\user\AppData\Local\Temp\is-9NTLG.tmp\vcredist_x64.exe Code function: 27_2_00CC4315 FindFirstFileW,FindClose, 27_2_00CC4315
Source: C:\Users\user\AppData\Local\Temp\is-9NTLG.tmp\vcredist_x64.exe Code function: 27_2_00C9993E FindFirstFileW,lstrlenW,FindNextFileW,FindClose, 27_2_00C9993E
Source: C:\Users\user\AppData\Local\Temp\is-9NTLG.tmp\vcredist_x64.exe Code function: 27_2_00CB7A87 FindFirstFileExW, 27_2_00CB7A87
Source: C:\Windows\Temp\{B430B43B-6E75-4804-BCFD-37DBF80ECCF7}\.cr\vcredist_x64.exe Code function: 29_2_00F3993E FindFirstFileW,lstrlenW,FindNextFileW,FindClose, 29_2_00F3993E
Source: C:\Windows\Temp\{B430B43B-6E75-4804-BCFD-37DBF80ECCF7}\.cr\vcredist_x64.exe Code function: 29_2_00F23BC3 GetFileAttributesW,GetLastError,GetLastError,SetFileAttributesW,GetLastError,GetTempPathW,GetLastError,FindFirstFileW,GetLastError,SetFileAttributesW,DeleteFileW,GetTempFileNameW,MoveFileExW,MoveFileExW,MoveFileExW,FindNextFileW,GetLastError,GetLastError,GetLastError,GetLastError,RemoveDirectoryW,GetLastError,MoveFileExW,GetLastError,FindClose, 29_2_00F23BC3
Source: C:\Windows\Temp\{B430B43B-6E75-4804-BCFD-37DBF80ECCF7}\.cr\vcredist_x64.exe Code function: 29_2_00F64315 FindFirstFileW,FindClose, 29_2_00F64315
Source: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe Code function: 32_2_00194315 FindFirstFileW,FindClose, 32_2_00194315
Source: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe Code function: 32_2_0016993E FindFirstFileW,lstrlenW,FindNextFileW,FindClose, 32_2_0016993E
Source: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe Code function: 32_2_00153BC3 GetFileAttributesW,GetLastError,GetLastError,SetFileAttributesW,GetLastError,GetTempPathW,GetLastError,FindFirstFileW,GetLastError,SetFileAttributesW,DeleteFileW,GetTempFileNameW,MoveFileExW,MoveFileExW,MoveFileExW,FindNextFileW,GetLastError,GetLastError,GetLastError,GetLastError,RemoveDirectoryW,GetLastError,MoveFileExW,GetLastError,FindClose, 32_2_00153BC3
Source: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe Code function: 32_2_00187A87 FindFirstFileExW, 32_2_00187A87
Source: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe File opened: C:\ProgramData\Package Cache\{12578975-C765-4BDF-8DDC-3284BC0E855F}v14.21.27702\packages\vcRuntimeAdditional_amd64\cab1.cab Jump to behavior
Source: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe File opened: C:\ProgramData\Package Cache\{12578975-C765-4BDF-8DDC-3284BC0E855F}v14.21.27702\packages\NULL Jump to behavior
Source: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe File opened: C:\ProgramData\Package Cache\{12578975-C765-4BDF-8DDC-3284BC0E855F}v14.21.27702\NULL Jump to behavior
Source: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe File opened: C:\ProgramData\Package Cache\{12578975-C765-4BDF-8DDC-3284BC0E855F}v14.21.27702\packages\vcRuntimeAdditional_amd64 Jump to behavior
Source: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe File opened: C:\ProgramData\Package Cache\{12578975-C765-4BDF-8DDC-3284BC0E855F}v14.21.27702\packages Jump to behavior
Source: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe File opened: C:\ProgramData\Package Cache\{12578975-C765-4BDF-8DDC-3284BC0E855F}v14.21.27702\packages\vcRuntimeAdditional_amd64\NULL Jump to behavior
Source: video_editor_x64.tmp, 00000016.00000002.673721113.0000000005B3E000.00000004.00000001.sdmp String found in binary or memory: http://www.youtube.com/watch?v=jaA2361wq50 equals www.youtube.com (Youtube)
Source: video_editor_x64.tmp, 00000016.00000002.674987522.0000000005F2E000.00000004.00000001.sdmp String found in binary or memory: . Por ejemplo: http://www.youtube.com/watch?v=jaA2361wq50 equals www.youtube.com (Youtube)
Source: video_editor_x64.tmp, 00000016.00000002.674313336.0000000005DD5000.00000004.00000001.sdmp String found in binary or memory: : http://www.youtube.com/watch?v=jaA2361wq50 equals www.youtube.com (Youtube)
Source: is-GK5DP.tmp.22.dr String found in binary or memory: InformationAhttps://www.youtube.com/watch?v= equals www.youtube.com (Youtube)
Source: video_editor_x64.tmp, 00000016.00000002.673428705.00000000059DF000.00000004.00000001.sdmp String found in binary or memory: Sfoglia..."Lettori e dispositivi multimedialiKInserisci qui l'URL. Ad esempio: http://www.youtube.com/watch?v=jaA2361wq50 equals www.youtube.com (Youtube)
Source: video_editor_x64.tmp, 00000016.00000002.673989945.0000000005C7B000.00000004.00000001.sdmp String found in binary or memory: diaMInserir seu URL aqui. Por exemplo: http://www.youtube.com/watch?v=jaA2361wq50 equals www.youtube.com (Youtube)
Source: video_editor_x64.tmp, 00000016.00000002.670684399.0000000005728000.00000004.00000001.sdmp String found in binary or memory: riquesMCollez votre URL ici. Par exemple: http://www.youtube.com/watch?v=jaA2361wq50 equals www.youtube.com (Youtube)
Source: video_editor_x64.tmp, 00000016.00000002.671162818.0000000005886000.00000004.00000001.sdmp String found in binary or memory: tenQLegen Sie Ihre URL hier. Zum Beispiel: http://www.youtube.com/watch?v=jaA2361wq50 equals www.youtube.com (Youtube)
Source: vcredist_x64.exe, VC_redist.x64.exe String found in binary or memory: http://appsyndication.org/2006/appsyn
Source: vcredist_x64.exe, 0000001B.00000000.544275902.0000000000CCB000.00000002.00020000.sdmp, vcredist_x64.exe, 0000001D.00000000.545735742.0000000000F6B000.00000002.00020000.sdmp, VC_redist.x64.exe, 00000020.00000002.589217485.000000000019B000.00000002.00020000.sdmp, VC_redist.x64.exe, 00000025.00000000.583222248.0000000000ADB000.00000002.00020000.sdmp, VC_redist.x64.exe, 00000026.00000000.584723229.0000000000ADB000.00000002.00020000.sdmp, VC_redist.x64.exe, 00000027.00000002.610680528.0000000000ADB000.00000002.00020000.sdmp, VC_redist.x64.exe.32.dr String found in binary or memory: http://appsyndication.org/2006/appsynapplicationapuputil.cppupgradeexclusivetrueenclosuredigestalgor
Source: video_editor_x64.tmp, 00000016.00000002.668331619.0000000004E60000.00000004.00000001.sdmp String found in binary or memory: http://crl.comodoca.com/COMODORSACertificationAuthority.crl0q
Source: video_editor_x64.tmp, 00000016.00000002.668331619.0000000004E60000.00000004.00000001.sdmp String found in binary or memory: http://crl.comodoca.com/COMODORSACodeSigningCA.crl0t
Source: video_editor_x64.tmp, 00000016.00000002.673721113.0000000005B3E000.00000004.00000001.sdmp, is-DDA4R.tmp.22.dr String found in binary or memory: http://crl.globalsign.com/gs/gstimestampingsha2g2.crl0
Source: video_editor_x64.tmp, 00000016.00000002.673721113.0000000005B3E000.00000004.00000001.sdmp, is-DDA4R.tmp.22.dr String found in binary or memory: http://crl.globalsign.net/root-r3.crl0
Source: wget.exe, 00000002.00000002.340520016.0000000001106000.00000004.00000040.sdmp, video_editor_x64.exe, 00000014.00000003.387281147.0000000002706000.00000004.00000001.sdmp, video_editor_x64.tmp, 00000016.00000002.673721113.0000000005B3E000.00000004.00000001.sdmp, is-DDA4R.tmp.22.dr String found in binary or memory: http://crl.sectigo.com/SectigoRSACodeSigningCA.crl0s
Source: wget.exe, 00000002.00000002.340520016.0000000001106000.00000004.00000040.sdmp, video_editor_x64.exe, 00000014.00000003.387281147.0000000002706000.00000004.00000001.sdmp String found in binary or memory: http://crl.sectigo.com/SectigoRSATimeStampingCA.crl0t
Source: video_editor_x64.tmp, 00000016.00000002.675326646.0000000006170000.00000004.00000001.sdmp String found in binary or memory: http://crl.thawte.com/ThawteTimestampingCA.crl0
Source: video_editor_x64.tmp, 00000016.00000002.675326646.0000000006170000.00000004.00000001.sdmp String found in binary or memory: http://crl.trustwave.com/CSCA2_L1.crl0q
Source: video_editor_x64.tmp, 00000016.00000002.675326646.0000000006170000.00000004.00000001.sdmp String found in binary or memory: http://crl.trustwave.com/STCA.crl0=
Source: wget.exe, 00000002.00000002.340520016.0000000001106000.00000004.00000040.sdmp, video_editor_x64.exe, 00000014.00000003.387281147.0000000002706000.00000004.00000001.sdmp, video_editor_x64.tmp, 00000016.00000002.673721113.0000000005B3E000.00000004.00000001.sdmp, is-DDA4R.tmp.22.dr String found in binary or memory: http://crt.sectigo.com/SectigoRSACodeSigningCA.crt0#
Source: wget.exe, 00000002.00000002.340520016.0000000001106000.00000004.00000040.sdmp, video_editor_x64.exe, 00000014.00000003.387281147.0000000002706000.00000004.00000001.sdmp String found in binary or memory: http://crt.sectigo.com/SectigoRSATimeStampingCA.crt0#
Source: wget.exe, 00000002.00000002.340520016.0000000001106000.00000004.00000040.sdmp String found in binary or memory: http://downloads.videosoftdev.com/video_tools/video_editor_x64.exe
Source: wget.exe, 00000002.00000002.340520016.0000000001106000.00000004.00000040.sdmp String found in binary or memory: http://downloads.videosoftdev.com/video_tools/video_editor_x64.exe3
Source: wget.exe, 00000002.00000002.340520016.0000000001106000.00000004.00000040.sdmp String found in binary or memory: http://downloads.videosoftdev.com/video_tools/video_editor_x64.exetates3
Source: video_editor_x64.tmp, 00000016.00000002.668331619.0000000004E60000.00000004.00000001.sdmp String found in binary or memory: http://ocsp.comodoca.com0
Source: wget.exe, 00000002.00000002.340520016.0000000001106000.00000004.00000040.sdmp, video_editor_x64.exe, 00000014.00000003.387281147.0000000002706000.00000004.00000001.sdmp String found in binary or memory: http://ocsp.sectigo.com0
Source: wget.exe, 00000002.00000002.340520016.0000000001106000.00000004.00000040.sdmp, video_editor_x64.exe, 00000014.00000003.387281147.0000000002706000.00000004.00000001.sdmp, video_editor_x64.tmp, 00000016.00000002.673721113.0000000005B3E000.00000004.00000001.sdmp, is-DDA4R.tmp.22.dr String found in binary or memory: http://ocsp.sectigo.com0#
Source: video_editor_x64.tmp, 00000016.00000002.675326646.0000000006170000.00000004.00000001.sdmp String found in binary or memory: http://ocsp.thawte.com0
Source: video_editor_x64.tmp, 00000016.00000002.675326646.0000000006170000.00000004.00000001.sdmp String found in binary or memory: http://ocsp.trustwave.com/09
Source: video_editor_x64.tmp, 00000016.00000002.675326646.0000000006170000.00000004.00000001.sdmp String found in binary or memory: http://ocsp.trustwave.com05
Source: video_editor_x64.tmp, 00000016.00000002.673721113.0000000005B3E000.00000004.00000001.sdmp, is-DDA4R.tmp.22.dr String found in binary or memory: http://ocsp2.globalsign.com/gstimestampingsha2g20
Source: video_editor_x64.tmp, 00000016.00000002.673721113.0000000005B3E000.00000004.00000001.sdmp, is-DDA4R.tmp.22.dr String found in binary or memory: http://secure.globalsign.com/cacert/gstimestampingsha2g2.crt0
Source: video_editor_x64.tmp, 00000016.00000002.675326646.0000000006170000.00000004.00000001.sdmp String found in binary or memory: http://ssl.trustwave.com/issuers/CSCA2_L1.crt0
Source: video_editor_x64.tmp, 00000016.00000002.675326646.0000000006170000.00000004.00000001.sdmp String found in binary or memory: http://ssl.trustwave.com/issuers/STCA.crt0
Source: video_editor_x64.tmp, 00000016.00000002.675326646.0000000006170000.00000004.00000001.sdmp String found in binary or memory: http://ts-aia.ws.symantec.com/tss-ca-g2.cer0
Source: video_editor_x64.tmp, 00000016.00000002.675326646.0000000006170000.00000004.00000001.sdmp String found in binary or memory: http://ts-crl.ws.symantec.com/tss-ca-g2.crl0(
Source: video_editor_x64.tmp, 00000016.00000002.675326646.0000000006170000.00000004.00000001.sdmp String found in binary or memory: http://ts-ocsp.ws.symantec.com07
Source: VC_redist.x64.exe, 00000027.00000003.608972858.00000000032BA000.00000004.00000001.sdmp, VC_redist.x64.exe, 00000027.00000003.609712314.0000000001060000.00000004.00000040.sdmp String found in binary or memory: http://wixtoolset.org/schemas/thmutil/2010
Source: video_editor_x64.tmp, 00000016.00000002.675326646.0000000006170000.00000004.00000001.sdmp String found in binary or memory: http://www.codejock.com
Source: video_editor_x64.tmp, 00000016.00000002.682043750.0000000006F4B000.00000004.00000001.sdmp String found in binary or memory: http://www.conduit.com/legal/searchprotectdescription
Source: video_editor_x64.tmp, 00000016.00000002.682043750.0000000006F4B000.00000004.00000001.sdmp String found in binary or memory: http://www.delta-search.com/eula.html
Source: video_editor_x64.exe, 00000014.00000003.386914432.00000000024B0000.00000004.00000001.sdmp, video_editor_x64.tmp, 00000016.00000002.653698216.000000000250A000.00000004.00000001.sdmp String found in binary or memory: http://www.dk-soft.org/
Source: video_editor_x64.exe, 00000014.00000003.387425971.000000007FD80000.00000004.00000001.sdmp, video_editor_x64.tmp, video_editor_x64.tmp, 00000016.00000000.388602269.0000000000401000.00000020.00020000.sdmp String found in binary or memory: http://www.innosetup.com/
Source: video_editor_x64.exe String found in binary or memory: http://www.jrsoftware.org/ishelp/index.php?topic=setupcmdline
Source: video_editor_x64.exe, 00000014.00000000.386663597.0000000000401000.00000020.00020000.sdmp String found in binary or memory: http://www.jrsoftware.org/ishelp/index.php?topic=setupcmdlineSetupU
Source: is-SR4CK.tmp.22.dr String found in binary or memory: http://www.realnetworks.com
Source: is-64E3N.tmp.22.dr String found in binary or memory: http://www.realnetworks.com0=1
Source: video_editor_x64.exe, 00000014.00000003.387425971.000000007FD80000.00000004.00000001.sdmp, video_editor_x64.tmp String found in binary or memory: http://www.remobjects.com/ps
Source: video_editor_x64.tmp, 00000016.00000002.652002104.0000000000835000.00000004.00000020.sdmp String found in binary or memory: http://www.videosoftdev.co
Source: video_editor_x64.tmp, 00000016.00000002.653698216.000000000250A000.00000004.00000001.sdmp String found in binary or memory: http://www.videosoftdev.com
Source: wget.exe, 00000002.00000002.340414107.00000000009F0000.00000004.00000020.sdmp String found in binary or memory: http://www.videosoftdev.com/services/download.aspx?ProductID=1
Source: wget.exe, 00000002.00000002.340520016.0000000001106000.00000004.00000040.sdmp String found in binary or memory: http://www.videosoftdev.com/services/download.aspx?ProductID=1.
Source: wget.exe, 00000002.00000002.340511863.0000000001100000.00000004.00000040.sdmp String found in binary or memory: http://www.videosoftdev.com/services/download.aspx?ProductID=19
Source: wget.exe, 00000002.00000002.340511863.0000000001100000.00000004.00000040.sdmp String found in binary or memory: http://www.videosoftdev.com/services/download.aspx?ProductID=1?
Source: video_editor_x64.tmp, 00000016.00000002.682043750.0000000006F4B000.00000004.00000001.sdmp String found in binary or memory: http://www.videosoftdev.com/services/download.aspx?ProductID=x32_1
Source: video_editor_x64.tmp, 00000016.00000002.682043750.0000000006F4B000.00000004.00000001.sdmp String found in binary or memory: http://www.videosoftdev.com/services/download.aspx?ProductID=xp_1
Source: video_editor_x64.tmp, 00000016.00000002.682043750.0000000006F4B000.00000004.00000001.sdmp String found in binary or memory: http://www.videosoftdev.com/services/install.aspx?ProductID=1
Source: video_editor_x64.tmp, 00000016.00000002.658287088.0000000003688000.00000004.00000001.sdmp, video_editor_x64.tmp, 00000016.00000003.389180628.0000000003390000.00000004.00000001.sdmp String found in binary or memory: http://www.videosoftdev.com/services/purchase.aspx?ProductID=1a
Source: video_editor_x64.exe, 00000014.00000003.386914432.00000000024B0000.00000004.00000001.sdmp, video_editor_x64.tmp, 00000016.00000003.389180628.0000000003390000.00000004.00000001.sdmp String found in binary or memory: http://www.videosoftdev.com6http://www.videosoftdev.com6http://www.videosoftdev.com
Source: video_editor_x64.tmp, 00000016.00000002.673721113.0000000005B3E000.00000004.00000001.sdmp, video_editor_x64.tmp, 00000016.00000002.671162818.0000000005886000.00000004.00000001.sdmp, video_editor_x64.tmp, 00000016.00000002.674313336.0000000005DD5000.00000004.00000001.sdmp, video_editor_x64.tmp, 00000016.00000002.673428705.00000000059DF000.00000004.00000001.sdmp, video_editor_x64.tmp, 00000016.00000002.673989945.0000000005C7B000.00000004.00000001.sdmp, video_editor_x64.tmp, 00000016.00000002.674987522.0000000005F2E000.00000004.00000001.sdmp, video_editor_x64.tmp, 00000016.00000002.670684399.0000000005728000.00000004.00000001.sdmp String found in binary or memory: http://www.youtube.com/watch?v=jaA2361wq50
Source: is-GK5DP.tmp.22.dr String found in binary or memory: https://accounts.google.com/o/oauth2/approval
Source: is-GK5DP.tmp.22.dr String found in binary or memory: https://myaccount.google.com
Source: wget.exe, 00000002.00000002.340520016.0000000001106000.00000004.00000040.sdmp, video_editor_x64.exe, 00000014.00000003.387281147.0000000002706000.00000004.00000001.sdmp, video_editor_x64.tmp, 00000016.00000002.673721113.0000000005B3E000.00000004.00000001.sdmp, is-DDA4R.tmp.22.dr String found in binary or memory: https://sectigo.com/CPS0C
Source: wget.exe, 00000002.00000002.340520016.0000000001106000.00000004.00000040.sdmp, video_editor_x64.exe, 00000014.00000003.387281147.0000000002706000.00000004.00000001.sdmp String found in binary or memory: https://sectigo.com/CPS0D
Source: video_editor_x64.tmp, 00000016.00000002.675326646.0000000006170000.00000004.00000001.sdmp String found in binary or memory: https://ssl.trustwave.com/CA06
Source: video_editor_x64.tmp, 00000016.00000002.675326646.0000000006170000.00000004.00000001.sdmp String found in binary or memory: https://ssl.trustwave.com/CA0l
Source: video_editor_x64.tmp, 00000016.00000002.673721113.0000000005B3E000.00000004.00000001.sdmp, is-DDA4R.tmp.22.dr String found in binary or memory: https://www.globalsign.com/repository/0
Source: video_editor_x64.tmp, 00000016.00000002.673721113.0000000005B3E000.00000004.00000001.sdmp, is-DDA4R.tmp.22.dr String found in binary or memory: https://www.globalsign.com/repository/06
Source: is-GK5DP.tmp.22.dr String found in binary or memory: https://www.youtube.com/watch?v=

Key, Mouse, Clipboard, Microphone and Screen Capturing:

barindex
Contains functionality to record screenshots
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Code function: 22_2_00434448 GetObjectW,GetDC,CreateCompatibleDC,CreateBitmap,CreateCompatibleBitmap,GetDeviceCaps,GetDeviceCaps,SelectObject,GetDIBColorTable,GetDIBits,SelectObject,CreateDIBSection,GetDIBits,SelectObject,SelectPalette,RealizePalette,FillRect,SetTextColor,SetBkColor,SetDIBColorTable,PatBlt,CreateCompatibleDC,SelectObject,SelectPalette,RealizePalette,SetTextColor,SetBkColor,BitBlt,SelectPalette,SelectObject,DeleteDC,SelectPalette, 22_2_00434448
Contains functionality to retrieve information about pressed keystrokes
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Code function: 22_2_0045C584 GetKeyboardState, 22_2_0045C584

System Summary:

barindex
Contains functionality to communicate with device drivers
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Code function: 22_2_004808CC: CreateFileW,DeviceIoControl,GetLastError,CloseHandle,SetLastError, 22_2_004808CC
Contains functionality to shutdown / reboot the system
Source: C:\Users\user\Desktop\download\video_editor_x64.exe Code function: 20_2_0040E538 GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,GetLastError,ExitWindowsEx, 20_2_0040E538
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Code function: 22_2_004B00AC GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,GetLastError,ExitWindowsEx, 22_2_004B00AC
Creates files inside the system directory
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Windows\is-JBMK9.tmp Jump to behavior
Deletes files inside the Windows folder
Source: C:\Users\user\AppData\Local\Temp\is-9NTLG.tmp\vcredist_x64.exe File deleted: C:\Windows\Temp\{B430B43B-6E75-4804-BCFD-37DBF80ECCF7}\.cr\vcredist_x64.exe Jump to behavior
Detected potential crypto function
Source: C:\Users\user\Desktop\download\video_editor_x64.exe Code function: 20_2_00402260 20_2_00402260
Source: C:\Users\user\Desktop\download\video_editor_x64.exe Code function: 20_2_0040D33C 20_2_0040D33C
Source: C:\Users\user\Desktop\download\video_editor_x64.exe Code function: 20_2_0041259C 20_2_0041259C
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Code function: 22_2_004E2284 22_2_004E2284
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Code function: 22_2_00488C40 22_2_00488C40
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Code function: 22_2_004E2D99 22_2_004E2D99
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Code function: 22_2_004736F8 22_2_004736F8
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Code function: 22_2_004AC17C 22_2_004AC17C
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Code function: 22_2_0049E118 22_2_0049E118
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Code function: 22_2_004EA1FC 22_2_004EA1FC
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Code function: 22_2_00402474 22_2_00402474
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Code function: 22_2_0044A72C 22_2_0044A72C
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Code function: 22_2_004FCA0C 22_2_004FCA0C
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Code function: 22_2_004C6BD4 22_2_004C6BD4
Source: C:\Users\user\AppData\Local\Temp\is-9NTLG.tmp\vcredist_x64.exe Code function: 27_2_00CAC0FA 27_2_00CAC0FA
Source: C:\Users\user\AppData\Local\Temp\is-9NTLG.tmp\vcredist_x64.exe Code function: 27_2_00C86184 27_2_00C86184
Source: C:\Users\user\AppData\Local\Temp\is-9NTLG.tmp\vcredist_x64.exe Code function: 27_2_00CB022D 27_2_00CB022D
Source: C:\Users\user\AppData\Local\Temp\is-9NTLG.tmp\vcredist_x64.exe Code function: 27_2_00CBA3B0 27_2_00CBA3B0
Source: C:\Users\user\AppData\Local\Temp\is-9NTLG.tmp\vcredist_x64.exe Code function: 27_2_00CB0662 27_2_00CB0662
Source: C:\Users\user\AppData\Local\Temp\is-9NTLG.tmp\vcredist_x64.exe Code function: 27_2_00C8A7EF 27_2_00C8A7EF
Source: C:\Users\user\AppData\Local\Temp\is-9NTLG.tmp\vcredist_x64.exe Code function: 27_2_00CBA85E 27_2_00CBA85E
Source: C:\Users\user\AppData\Local\Temp\is-9NTLG.tmp\vcredist_x64.exe Code function: 27_2_00C969CC 27_2_00C969CC
Source: C:\Users\user\AppData\Local\Temp\is-9NTLG.tmp\vcredist_x64.exe Code function: 27_2_00CAF919 27_2_00CAF919
Source: C:\Users\user\AppData\Local\Temp\is-9NTLG.tmp\vcredist_x64.exe Code function: 27_2_00CB0A97 27_2_00CB0A97
Source: C:\Users\user\AppData\Local\Temp\is-9NTLG.tmp\vcredist_x64.exe Code function: 27_2_00CB2B21 27_2_00CB2B21
Source: C:\Users\user\AppData\Local\Temp\is-9NTLG.tmp\vcredist_x64.exe Code function: 27_2_00CBED4C 27_2_00CBED4C
Source: C:\Users\user\AppData\Local\Temp\is-9NTLG.tmp\vcredist_x64.exe Code function: 27_2_00CB2D50 27_2_00CB2D50
Source: C:\Users\user\AppData\Local\Temp\is-9NTLG.tmp\vcredist_x64.exe Code function: 27_2_00CAFE15 27_2_00CAFE15
Source: C:\Windows\Temp\{B430B43B-6E75-4804-BCFD-37DBF80ECCF7}\.cr\vcredist_x64.exe Code function: 29_2_00F369CC 29_2_00F369CC
Source: C:\Windows\Temp\{B430B43B-6E75-4804-BCFD-37DBF80ECCF7}\.cr\vcredist_x64.exe Code function: 29_2_00F4C0FA 29_2_00F4C0FA
Source: C:\Windows\Temp\{B430B43B-6E75-4804-BCFD-37DBF80ECCF7}\.cr\vcredist_x64.exe Code function: 29_2_00F5A85E 29_2_00F5A85E
Source: C:\Windows\Temp\{B430B43B-6E75-4804-BCFD-37DBF80ECCF7}\.cr\vcredist_x64.exe Code function: 29_2_00F26184 29_2_00F26184
Source: C:\Windows\Temp\{B430B43B-6E75-4804-BCFD-37DBF80ECCF7}\.cr\vcredist_x64.exe Code function: 29_2_00F4F919 29_2_00F4F919
Source: C:\Windows\Temp\{B430B43B-6E75-4804-BCFD-37DBF80ECCF7}\.cr\vcredist_x64.exe Code function: 29_2_00F5A3B0 29_2_00F5A3B0
Source: C:\Windows\Temp\{B430B43B-6E75-4804-BCFD-37DBF80ECCF7}\.cr\vcredist_x64.exe Code function: 29_2_00F52B21 29_2_00F52B21
Source: C:\Windows\Temp\{B430B43B-6E75-4804-BCFD-37DBF80ECCF7}\.cr\vcredist_x64.exe Code function: 29_2_00F52D50 29_2_00F52D50
Source: C:\Windows\Temp\{B430B43B-6E75-4804-BCFD-37DBF80ECCF7}\.cr\vcredist_x64.exe Code function: 29_2_00F5ED4C 29_2_00F5ED4C
Source: C:\Windows\Temp\{B430B43B-6E75-4804-BCFD-37DBF80ECCF7}\.cr\vcredist_x64.exe Code function: 29_2_00F2A7EF 29_2_00F2A7EF
Source: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe Code function: 32_2_0017C0FA 32_2_0017C0FA
Source: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe Code function: 32_2_00156184 32_2_00156184
Source: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe Code function: 32_2_0018022D 32_2_0018022D
Source: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe Code function: 32_2_0018A3B0 32_2_0018A3B0
Source: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe Code function: 32_2_00180662 32_2_00180662
Source: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe Code function: 32_2_0015A7EF 32_2_0015A7EF
Source: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe Code function: 32_2_0018A85E 32_2_0018A85E
Source: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe Code function: 32_2_0017F919 32_2_0017F919
Source: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe Code function: 32_2_001669CC 32_2_001669CC
Source: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe Code function: 32_2_00180A97 32_2_00180A97
Source: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe Code function: 32_2_00182B21 32_2_00182B21
Source: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe Code function: 32_2_00182D50 32_2_00182D50
Source: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe Code function: 32_2_0018ED4C 32_2_0018ED4C
Source: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe Code function: 32_2_0017FE15 32_2_0017FE15
Found potential string decryption / allocating functions
Source: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe Code function: String function: 0019012F appears 678 times
Source: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe Code function: String function: 0019061A appears 34 times
Source: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe Code function: String function: 00151F20 appears 54 times
Source: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe Code function: String function: 001931C7 appears 83 times
Source: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe Code function: String function: 001537D3 appears 496 times
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Code function: String function: 00487C88 appears 39 times
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Code function: String function: 00409620 appears 139 times
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Code function: String function: 00406914 appears 39 times
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Code function: String function: 00406438 appears 41 times
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Code function: String function: 0040C24C appears 32 times
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Code function: String function: 004B2BC8 appears 36 times
Source: C:\Users\user\AppData\Local\Temp\is-9NTLG.tmp\vcredist_x64.exe Code function: String function: 00CC31C7 appears 83 times
Source: C:\Users\user\AppData\Local\Temp\is-9NTLG.tmp\vcredist_x64.exe Code function: String function: 00CC061A appears 34 times
Source: C:\Users\user\AppData\Local\Temp\is-9NTLG.tmp\vcredist_x64.exe Code function: String function: 00CC012F appears 677 times
Source: C:\Users\user\AppData\Local\Temp\is-9NTLG.tmp\vcredist_x64.exe Code function: String function: 00C837D3 appears 496 times
Source: C:\Users\user\AppData\Local\Temp\is-9NTLG.tmp\vcredist_x64.exe Code function: String function: 00C81F20 appears 54 times
Source: C:\Users\user\Desktop\download\video_editor_x64.exe Code function: String function: 00404C88 appears 36 times
Source: C:\Windows\Temp\{B430B43B-6E75-4804-BCFD-37DBF80ECCF7}\.cr\vcredist_x64.exe Code function: String function: 00F631C7 appears 83 times
Source: C:\Windows\Temp\{B430B43B-6E75-4804-BCFD-37DBF80ECCF7}\.cr\vcredist_x64.exe Code function: String function: 00F6012F appears 640 times
Source: C:\Windows\Temp\{B430B43B-6E75-4804-BCFD-37DBF80ECCF7}\.cr\vcredist_x64.exe Code function: String function: 00F21F20 appears 53 times
Source: C:\Windows\Temp\{B430B43B-6E75-4804-BCFD-37DBF80ECCF7}\.cr\vcredist_x64.exe Code function: String function: 00F6061A appears 34 times
Source: C:\Windows\Temp\{B430B43B-6E75-4804-BCFD-37DBF80ECCF7}\.cr\vcredist_x64.exe Code function: String function: 00F237D3 appears 474 times
PE file contains executable resources (Code or Archives)
Source: video_editor_x64.tmp.20.dr Static PE information: Resource name: RT_RCDATA type: PE32+ executable (console) x86-64, for MS Windows
Source: video_editor_x64.tmp.20.dr Static PE information: Resource name: RT_RCDATA type: PE32 executable (DLL) (GUI) Intel 80386 (stripped to external PDB), for MS Windows
Source: is-9I76T.tmp.22.dr Static PE information: Resource name: RT_RCDATA type: PE32+ executable (console) x86-64, for MS Windows
Source: is-9I76T.tmp.22.dr Static PE information: Resource name: RT_RCDATA type: PE32 executable (DLL) (GUI) Intel 80386 (stripped to external PDB), for MS Windows
PE file contains strange resources
Source: video_editor_x64.exe.2.dr Static PE information: Resource name: RT_ICON type: GLS_BINARY_LSB_FIRST
Source: video_editor_x64.exe.2.dr Static PE information: Resource name: RT_ICON type: GLS_BINARY_LSB_FIRST
Source: video_editor_x64.tmp.20.dr Static PE information: Resource name: RT_BITMAP type: GLS_BINARY_LSB_FIRST
Source: video_editor_x64.tmp.20.dr Static PE information: Resource name: RT_ICON type: GLS_BINARY_LSB_FIRST
Source: video_editor_x64.tmp.20.dr Static PE information: Resource name: RT_ICON type: GLS_BINARY_LSB_FIRST
Source: is-9I76T.tmp.22.dr Static PE information: Resource name: RT_BITMAP type: GLS_BINARY_LSB_FIRST
Source: is-9I76T.tmp.22.dr Static PE information: Resource name: RT_ICON type: GLS_BINARY_LSB_FIRST
Source: is-9I76T.tmp.22.dr Static PE information: Resource name: RT_ICON type: GLS_BINARY_LSB_FIRST
Tries to load missing DLLs
Source: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe Section loaded: tsappcmp.dll Jump to behavior
Source: classification engine Classification label: clean19.evad.win@19/873@0/2
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Code function: 22_2_004328A4 GetLastError,FormatMessageW, 22_2_004328A4
Source: C:\Users\user\Desktop\download\video_editor_x64.exe Code function: 20_2_0040E538 GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,GetLastError,ExitWindowsEx, 20_2_0040E538
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Code function: 22_2_004B00AC GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,GetLastError,ExitWindowsEx, 22_2_004B00AC
Source: C:\Users\user\AppData\Local\Temp\is-9NTLG.tmp\vcredist_x64.exe Code function: 27_2_00C844E9 GetCurrentProcess,OpenProcessToken,GetLastError,LookupPrivilegeValueW,GetLastError,AdjustTokenPrivileges,GetLastError,Sleep,InitiateSystemShutdownExW,GetLastError,CloseHandle, 27_2_00C844E9
Source: C:\Windows\Temp\{B430B43B-6E75-4804-BCFD-37DBF80ECCF7}\.cr\vcredist_x64.exe Code function: 29_2_00F244E9 GetCurrentProcess,OpenProcessToken,GetLastError,LookupPrivilegeValueW,GetLastError,AdjustTokenPrivileges,GetLastError,Sleep,InitiateSystemShutdownExW,GetLastError,CloseHandle, 29_2_00F244E9
Source: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe Code function: 32_2_001544E9 GetCurrentProcess,OpenProcessToken,GetLastError,LookupPrivilegeValueW,GetLastError,AdjustTokenPrivileges,GetLastError,Sleep,InitiateSystemShutdownExW,GetLastError,CloseHandle, 32_2_001544E9
Source: C:\Users\user\Desktop\download\video_editor_x64.exe Code function: 20_2_0040805C GetDiskFreeSpaceW, 20_2_0040805C
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Code function: 22_2_004CC238 GetVersion,CoCreateInstance, 22_2_004CC238
Source: C:\Users\user\Desktop\download\video_editor_x64.exe Code function: 20_2_0040EE14 FindResourceW,SizeofResource,LoadResource,LockResource, 20_2_0040EE14
Source: C:\Users\user\AppData\Local\Temp\is-9NTLG.tmp\vcredist_x64.exe Code function: 27_2_00CA6945 ChangeServiceConfigW,GetLastError, 27_2_00CA6945
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\FlashIntegro Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe File created: C:\Users\user\Desktop\cmdline.out Jump to behavior
Source: C:\Windows\System32\conhost.exe Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6660:120:WilError_01
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Mutant created: \Sessions\1\BaseNamedObjects\{E1AE6C64-631C-4B2F-853C-45C1BD634C03}
Source: C:\Users\user\Desktop\download\video_editor_x64.exe File created: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-9NTLG.tmp\vcredist_x64.exe Command line argument: )L 27_2_00C81070
Source: C:\Users\user\AppData\Local\Temp\is-9NTLG.tmp\vcredist_x64.exe Command line argument: cabinet.dll 27_2_00C81070
Source: C:\Users\user\AppData\Local\Temp\is-9NTLG.tmp\vcredist_x64.exe Command line argument: msi.dll 27_2_00C81070
Source: C:\Users\user\AppData\Local\Temp\is-9NTLG.tmp\vcredist_x64.exe Command line argument: version.dll 27_2_00C81070
Source: C:\Users\user\AppData\Local\Temp\is-9NTLG.tmp\vcredist_x64.exe Command line argument: wininet.dll 27_2_00C81070
Source: C:\Users\user\AppData\Local\Temp\is-9NTLG.tmp\vcredist_x64.exe Command line argument: comres.dll 27_2_00C81070
Source: C:\Users\user\AppData\Local\Temp\is-9NTLG.tmp\vcredist_x64.exe Command line argument: clbcatq.dll 27_2_00C81070
Source: C:\Users\user\AppData\Local\Temp\is-9NTLG.tmp\vcredist_x64.exe Command line argument: msasn1.dll 27_2_00C81070
Source: C:\Users\user\AppData\Local\Temp\is-9NTLG.tmp\vcredist_x64.exe Command line argument: crypt32.dll 27_2_00C81070
Source: C:\Users\user\AppData\Local\Temp\is-9NTLG.tmp\vcredist_x64.exe Command line argument: feclient.dll 27_2_00C81070
Source: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe Command line argument: cabinet.dll 32_2_00151070
Source: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe Command line argument: msi.dll 32_2_00151070
Source: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe Command line argument: version.dll 32_2_00151070
Source: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe Command line argument: wininet.dll 32_2_00151070
Source: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe Command line argument: comres.dll 32_2_00151070
Source: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe Command line argument: clbcatq.dll 32_2_00151070
Source: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe Command line argument: msasn1.dll 32_2_00151070
Source: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe Command line argument: crypt32.dll 32_2_00151070
Source: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe Command line argument: feclient.dll 32_2_00151070
Source: C:\Users\user\Desktop\download\video_editor_x64.exe Key opened: HKEY_CURRENT_USER\Software\Borland\Delphi\Locales Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Key opened: HKEY_CURRENT_USER\Software\Borland\Delphi\Locales Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Key opened: HKEY_CURRENT_USER\Software\Borland\Delphi\Locales Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File read: C:\Program Files\FlashIntegro\VideoEditor\Localizations\crashrpt_lang_CS.ini Jump to behavior
Source: C:\Windows\SysWOW64\wget.exe Key opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Key value created or modified: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion RegisteredOrganization Jump to behavior
Source: C:\Windows\SysWOW64\wget.exe File read: C:\Windows\System32\drivers\etc\hosts Jump to behavior
Source: C:\Windows\SysWOW64\wget.exe File read: C:\Windows\System32\drivers\etc\hosts Jump to behavior
Source: video_editor_x64.exe String found in binary or memory: rting applications. /LOADINF="filename" Instructs Setup to load the settings from the specified file after having checked the co
Source: vcredist_x64.exe String found in binary or memory: Failed to re-launch bundle process after RunOnce: %ls
Source: vcredist_x64.exe String found in binary or memory: Failed to re-launch bundle process after RunOnce: %ls
Source: VC_redist.x64.exe String found in binary or memory: Failed to re-launch bundle process after RunOnce: %ls
Source: unknown Process created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /c wget -t 2 -v -T 60 -P 'C:\Users\user\Desktop\download' --no-check-certificate --content-disposition --user-agent='Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; AS; rv:11.0) like Gecko' 'http://www.videosoftdev.com/services/download.aspx?ProductID=1' > cmdline.out 2>&1
Source: unknown Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: unknown Process created: C:\Windows\SysWOW64\wget.exe wget -t 2 -v -T 60 -P 'C:\Users\user\Desktop\download' --no-check-certificate --content-disposition --user-agent='Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; AS; rv:11.0) like Gecko' 'http://www.videosoftdev.com/services/download.aspx?ProductID=1'
Source: unknown Process created: C:\Users\user\Desktop\download\video_editor_x64.exe 'C:\Users\user\Desktop\download\video_editor_x64.exe'
Source: unknown Process created: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp 'C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp' /SL5='$1F0056,89355248,121344,C:\Users\user\Desktop\download\video_editor_x64.exe'
Source: unknown Process created: C:\Users\user\AppData\Local\Temp\is-9NTLG.tmp\vcredist_x64.exe 'C:\Users\user\AppData\Local\Temp\is-9NTLG.tmp\vcredist_x64.exe' /install /passive /norestart
Source: unknown Process created: C:\Windows\Temp\{B430B43B-6E75-4804-BCFD-37DBF80ECCF7}\.cr\vcredist_x64.exe 'C:\Windows\Temp\{B430B43B-6E75-4804-BCFD-37DBF80ECCF7}\.cr\vcredist_x64.exe' -burn.clean.room='C:\Users\user\AppData\Local\Temp\is-9NTLG.tmp\vcredist_x64.exe' -burn.filehandle.attached=580 -burn.filehandle.self=564 /install /passive /norestart
Source: unknown Process created: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe 'C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe' -q -burn.elevated BurnPipe.{AEC565AB-0FED-47E7-88D9-B941D20CF512} {87809E35-81C0-47B4-86E7-066B690A99EC} 5088
Source: unknown Process created: C:\ProgramData\Package Cache\{40d3fee2-b257-46c2-bdc0-cb1088d97327}\VC_redist.x64.exe 'C:\ProgramData\Package Cache\{40d3fee2-b257-46c2-bdc0-cb1088d97327}\VC_redist.x64.exe' /burn.runonce
Source: unknown Process created: C:\ProgramData\Package Cache\{40d3fee2-b257-46c2-bdc0-cb1088d97327}\VC_redist.x64.exe 'C:\ProgramData\Package Cache\{40d3fee2-b257-46c2-bdc0-cb1088d97327}\VC_redist.x64.exe' /passive /norestart /burn.log.append 'C:\Users\user\AppData\Local\Temp\dd_vcredist_amd64_20201203102239.log' /install
Source: unknown Process created: C:\ProgramData\Package Cache\{40d3fee2-b257-46c2-bdc0-cb1088d97327}\VC_redist.x64.exe 'C:\ProgramData\Package Cache\{40d3fee2-b257-46c2-bdc0-cb1088d97327}\VC_redist.x64.exe' -burn.clean.room='C:\ProgramData\Package Cache\{40d3fee2-b257-46c2-bdc0-cb1088d97327}\VC_redist.x64.exe' -burn.filehandle.attached=600 -burn.filehandle.self=596 /passive /norestart /burn.log.append 'C:\Users\user\AppData\Local\Temp\dd_vcredist_amd64_20201203102239.log' /install
Source: C:\Windows\SysWOW64\cmd.exe Process created: C:\Windows\SysWOW64\wget.exe wget -t 2 -v -T 60 -P 'C:\Users\user\Desktop\download' --no-check-certificate --content-disposition --user-agent='Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; AS; rv:11.0) like Gecko' 'http://www.videosoftdev.com/services/download.aspx?ProductID=1' Jump to behavior
Source: C:\Users\user\Desktop\download\video_editor_x64.exe Process created: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp 'C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp' /SL5='$1F0056,89355248,121344,C:\Users\user\Desktop\download\video_editor_x64.exe' Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Process created: C:\Users\user\AppData\Local\Temp\is-9NTLG.tmp\vcredist_x64.exe 'C:\Users\user\AppData\Local\Temp\is-9NTLG.tmp\vcredist_x64.exe' /install /passive /norestart Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-9NTLG.tmp\vcredist_x64.exe Process created: C:\Windows\Temp\{B430B43B-6E75-4804-BCFD-37DBF80ECCF7}\.cr\vcredist_x64.exe 'C:\Windows\Temp\{B430B43B-6E75-4804-BCFD-37DBF80ECCF7}\.cr\vcredist_x64.exe' -burn.clean.room='C:\Users\user\AppData\Local\Temp\is-9NTLG.tmp\vcredist_x64.exe' -burn.filehandle.attached=580 -burn.filehandle.self=564 /install /passive /norestart Jump to behavior
Source: C:\Windows\Temp\{B430B43B-6E75-4804-BCFD-37DBF80ECCF7}\.cr\vcredist_x64.exe Process created: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe 'C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe' -q -burn.elevated BurnPipe.{AEC565AB-0FED-47E7-88D9-B941D20CF512} {87809E35-81C0-47B4-86E7-066B690A99EC} 5088 Jump to behavior
Source: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe Process created: unknown unknown Jump to behavior
Source: C:\ProgramData\Package Cache\{40d3fee2-b257-46c2-bdc0-cb1088d97327}\VC_redist.x64.exe Process created: C:\ProgramData\Package Cache\{40d3fee2-b257-46c2-bdc0-cb1088d97327}\VC_redist.x64.exe 'C:\ProgramData\Package Cache\{40d3fee2-b257-46c2-bdc0-cb1088d97327}\VC_redist.x64.exe' /passive /norestart /burn.log.append 'C:\Users\user\AppData\Local\Temp\dd_vcredist_amd64_20201203102239.log' /install
Source: C:\ProgramData\Package Cache\{40d3fee2-b257-46c2-bdc0-cb1088d97327}\VC_redist.x64.exe Process created: C:\ProgramData\Package Cache\{40d3fee2-b257-46c2-bdc0-cb1088d97327}\VC_redist.x64.exe 'C:\ProgramData\Package Cache\{40d3fee2-b257-46c2-bdc0-cb1088d97327}\VC_redist.x64.exe' -burn.clean.room='C:\ProgramData\Package Cache\{40d3fee2-b257-46c2-bdc0-cb1088d97327}\VC_redist.x64.exe' -burn.filehandle.attached=600 -burn.filehandle.self=596 /passive /norestart /burn.log.append 'C:\Users\user\AppData\Local\Temp\dd_vcredist_amd64_20201203102239.log' /install
Source: C:\Windows\SysWOW64\wget.exe Key value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{56FDF344-FD6D-11d0-958A-006097C9A090}\InProcServer32 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Key value created or modified: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion RegisteredOwner Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Window found: window name: TSelectLanguageForm Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Automated click: OK
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Automated click: Next >
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Automated click: I accept the agreement
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Automated click: Next >
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Automated click: I accept the agreement
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Automated click: Next >
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Automated click: Next >
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Automated click: I accept the agreement
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Automated click: Next >
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Automated click: I accept the agreement
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Automated click: Next >
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Automated click: I accept the agreement
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Automated click: Next >
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Automated click: I accept the agreement
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Automated click: Next >
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Automated click: Next >
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Automated click: I accept the agreement
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Automated click: Next >
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Automated click: I accept the agreement
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Automated click: Install
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Automated click: I accept the agreement
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Automated click: Next >
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Automated click: I accept the agreement
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Automated click: Next >
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Automated click: I accept the agreement
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Automated click: Next >
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Automated click: I accept the agreement
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Automated click: Next >
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Automated click: I accept the agreement
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Automated click: Next >
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Automated click: I accept the agreement
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Automated click: Next >
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Automated click: I accept the agreement
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Automated click: Next >
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Automated click: I accept the agreement
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File opened: C:\Windows\SysWOW64\MSFTEDIT.DLL Jump to behavior
Source: Window Recorder Window detected: More than 3 window changes detected
Source: C:\Windows\Temp\{B430B43B-6E75-4804-BCFD-37DBF80ECCF7}\.cr\vcredist_x64.exe Window detected: Number of UI elements: 23
Source: C:\ProgramData\Package Cache\{40d3fee2-b257-46c2-bdc0-cb1088d97327}\VC_redist.x64.exe Window detected: Number of UI elements: 23
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\unins000.dat Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\is-9I76T.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\is-CSG4M.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-51BGK.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\is-P6BPJ.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\is-VKA8L.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Localizations Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Localizations\is-BCRV8.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Localizations\is-OOR8C.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Localizations\is-RB1FB.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Localizations\is-TMPGC.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Localizations\is-GBMCS.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Localizations\is-VM6FH.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Localizations\is-UGT21.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Localizations\is-J2KOS.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Localizations\is-2QLEA.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Localizations\is-VQJ9Q.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Localizations\is-6PL4E.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Localizations\is-9B4VS.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Localizations\is-LFTOB.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Localizations\is-S1GUV.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Tools Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Tools\Localizations Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Tools\Localizations\is-LEDT9.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Tools\Localizations\is-TSN75.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Tools\Localizations\is-638JN.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Tools\Localizations\is-N2LQP.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Tools\Localizations\is-M9F7B.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Tools\Localizations\is-QDAKE.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Tools\Localizations\is-609T5.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Tools\Localizations\is-4CTD0.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Tools\Localizations\is-HSQHC.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Tools\Localizations\is-5TUHG.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Tools\Localizations\is-TDM5E.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Tools\Localizations\is-UA69A.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Tools\Localizations\is-Q60U2.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Tools\Localizations\is-PT0C2.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\is-2P8H9.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\is-0SG7I.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\is-EUP48.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\is-EPPLT.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\is-7P8PE.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\is-H3Q3E.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\is-VQLEK.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\is-ROU4O.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-5IHAM.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-VSVSM.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-P1PRU.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-CPPIC.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-PJL5P.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-09ON3.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-GOHUV.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-QSTSG.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\is-CL5VE.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\audiences Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\audiences\is-GHKQD.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\audiences\is-I46UE.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\audiences\is-PRH4T.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\audiences\is-5EQ0E.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\audiences\is-TBRIB.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\audiences\is-BSLL4.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\audiences\is-MVRHA.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\audiences\is-GHI5G.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\audiences\is-F29EL.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\audiences\is-FR4HO.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\audiences\is-CELBG.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\audiences\is-EMVVC.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\audiences\is-NTE34.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\audiences\is-OLPN3.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\audiences\is-KHL16.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\audiences\is-3LBIS.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\audiences\is-39A7G.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\audiences\is-JOGRT.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\audiences\is-GIT45.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\audiences\is-68POL.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\audiences\is-D3DNG.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\audiences\is-KAHAS.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\audiences\is-UPAA4.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\audiences\is-S1HTH.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\audiences\is-H1LIS.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\audiences\is-TH42R.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\audiences\is-2M1CS.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\audiences\is-H7428.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\audiences\is-929TD.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\audiences\is-OV9MG.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\audiences\is-BITA4.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\audiences\is-70ERH.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\audiences\is-QKRUR.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\audiences\is-N2GCJ.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\audiences\is-CHT3L.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\audiences\is-PH5I5.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\audiences\is-QC42T.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\audiences\is-US9VT.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\codecs Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\codecs\is-1DHV6.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\codecs\is-6RM2R.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\codecs\is-L8VPB.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\codecs\is-QP1V5.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\codecs\is-4AD6F.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\codecs\is-8OEUB.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\codecs\is-NEFLU.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\codecs\is-NJJD4.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\codecs\is-V9E7A.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\codecs\is-QI59E.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\codecs\is-FELGD.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\plugins Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\plugins\is-JLV0H.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\plugins\is-DBGJC.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\plugins\is-CMQSS.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\plugins\is-M0I4H.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\plugins\is-37145.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\plugins\is-6LQ0G.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\tools Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\tools\is-FE45C.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\tools\is-9F3I2.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\tools\is-NL7MN.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\tools\is-R788B.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\tools\is-64E3N.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\tools\is-KH2SN.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\tools\is-VE8B0.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\tools\is-7EV8O.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\tools\is-SR4CK.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\tools\is-VQ2C8.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\tools\is-RJM7O.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\tools\is-MJN3C.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\tools\is-1DN8R.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\tools\is-LKBCE.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\tools\is-GSO7L.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\tools\is-DS9U1.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\tools\is-9S1L5.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\tools\is-7JSD1.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\tools\is-1KUPI.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\tools\is-4922F.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-P9F2A.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-DI71O.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-67Q05.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-IE7UD.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-T11L1.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-T3E2B.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-19FI6.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-DVG3K.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-3EO63.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-1K3AJ.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-LCGQE.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-BS97R.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-LTK27.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-405Q8.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-9KGNK.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-DDA4R.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-7AVA5.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-PIVL1.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-ILPSH.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-32VOB.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\is-GUIIM.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\is-Q042M.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\is-TI4FS.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-P4R44.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-UNR4I.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\is-35DF0.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-22CCE.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-91VDT.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-R5R9N.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-9T70V.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-JIFVF.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-0HCB9.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-7DG6H.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-2APG5.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-EPU6H.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\Skins Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\Skins\is-B3CLK.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\Icons Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\Common Files\FlashIntegro\Icons\is-OEFT9.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\is-LLEGR.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\is-RQNKS.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\is-LBTK9.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Tools\is-I6T9L.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Tools\is-I7CDN.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Tools\is-VAK07.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Tools\is-05DK1.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Tools\is-VVOBD.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Tools\is-C5B5H.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Tools\is-0O32B.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Tools\is-MA3LK.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Tools\is-BKS6A.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Tools\is-FMAB2.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Tools\is-RGQOV.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Tools\is-GK5DP.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Tools\is-NLT24.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Tools\is-18751.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Tools\is-LP55S.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Tools\is-LIT59.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Tools\is-3G6AI.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Tools\is-H1IE7.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Tools\is-O4EEP.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Tools\is-U4VOR.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Tools\is-9HOFC.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Tools\is-FG6LB.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Tools\is-9UITF.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Tools\is-H7IP7.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Tools\is-EL74B.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Tools\is-O4TT6.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Tools\Localizations\is-TMCVL.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Tools\Localizations\is-FAIB7.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Tools\Localizations\is-26N17.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Tools\Localizations\is-GC7SG.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Tools\Localizations\is-0P374.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Tools\Localizations\is-FPN7G.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Tools\Localizations\is-MHS1N.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Tools\Localizations\is-VJVTV.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\is-AEM9J.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\data Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\data\is-PASQS.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\data\is-18N5J.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\data\is-EE30E.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\data\is-D7F0R.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\data\is-71763.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\data\is-QJKGK.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\data\is-205MJ.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\data\is-MACAJ.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\data\is-JL8TS.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Aderrasi Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Aderrasi\is-RQ9AI.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Aderrasi\is-HGA76.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Aderrasi\is-EKH8K.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Aderrasi\is-CI9B0.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Aderrasi\is-3LHV4.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Aderrasi\is-QUMD0.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Aderrasi\is-OPJ0L.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Aderrasi\is-LOAA6.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Aderrasi\is-GQFU2.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Aderrasi\is-4S9MO.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Aderrasi\is-FL6SE.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Aderrasi\is-GJEC6.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Aderrasi\is-9E7R5.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Aderrasi\is-2EJ77.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Aderrasi\is-GTG9P.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Aderrasi\is-UNULP.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Aderrasi\is-FIVE4.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Aderrasi\is-NG7L4.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Aderrasi\is-76EQB.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Aderrasi\is-2JGVN.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Eo.S Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Eo.S\is-9TRIO.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Eo.S\is-1UNB8.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Eo.S\is-F6C3V.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Eo.S\is-73DMN.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Eo.S\is-G5U8P.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Eo.S\is-M548A.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Eo.S\is-RBA0A.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Eo.S\is-VVLRI.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Eo.S\is-IS4JU.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Eo.S\is-3JNV3.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Eo.S\is-1HGD7.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Eo.S\is-SB92V.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Eo.S\is-TS4RV.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Eo.S\is-VKPMB.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Eo.S\is-6ARCB.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Eo.S\is-CPBLM.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Eo.S\is-T6CCL.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Eo.S\is-RE48O.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Eo.S\is-1793G.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Eo.S\is-6NCGG.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Eo.S\is-JITLO.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Eo.S\is-IVS55.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Eo.S\is-TE7SE.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Eo.S\is-MCB45.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Eo.S\is-QDEAV.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Eo.S\is-AG5E8.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Eo.S\is-2P44S.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Eo.S\is-OSTLC.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Eo.S\is-AA542.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Eo.S\is-NJPQP.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Eo.S\is-PUMEJ.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Eo.S\is-04MSU.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Eo.S\is-K3NSQ.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Eo.S\is-S3ULH.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Eo.S\is-7VHFA.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Eo.S\is-9KC7I.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Eo.S\is-PI9KV.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Eo.S\is-VGQT7.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Eo.S\is-43G0Q.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Eo.S\is-Q4RM0.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Eo.S\is-TB8G8.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Eo.S\is-T1D4K.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Eo.S\is-JO30Q.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Eo.S\is-NFHT1.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Eo.S\is-9QBMD.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\fiShbRaiN Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\fiShbRaiN\is-3G1IF.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\fiShbRaiN\is-VVVH3.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\fiShbRaiN\is-1RG5D.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\fiShbRaiN\is-M3HJ7.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\fiShbRaiN\is-CK81H.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\fiShbRaiN\is-03CNC.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\fiShbRaiN\is-MFIBR.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\fiShbRaiN\is-OTTME.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\fiShbRaiN\is-P9A0I.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\fiShbRaiN\is-SHHTE.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\fiShbRaiN\is-CPL14.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\fiShbRaiN\is-0NMJO.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\fiShbRaiN\is-820I8.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\fiShbRaiN\is-M34H0.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\fiShbRaiN\is-7QR9V.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\fiShbRaiN\is-GJ430.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\fiShbRaiN\is-3PADE.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\fiShbRaiN\is-4DM3R.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\fiShbRaiN\is-T8KV4.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\fiShbRaiN\is-9CCVS.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\flexi Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\flexi\is-FG1SQ.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\flexi\is-7O2BM.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\flexi\is-RJ4DC.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\flexi\is-EOLA4.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\flexi\is-T7IV4.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\flexi\is-GVT2A.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\flexi\is-104LF.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\flexi\is-VDS5H.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\flexi\is-59H75.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\flexi\is-C005E.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\flexi\is-SBFC4.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\flexi\is-03PPR.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\flexi\is-RCDRK.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\flexi\is-V7PMR.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\flexi\is-PS2Q4.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\flexi\is-0TTIP.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\flexi\is-75DNA.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\flexi\is-SJPS8.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\flexi\is-4U7S6.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\flexi\is-CEC03.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\flexi\is-DMV8U.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\flexi\is-6N0VE.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\flexi\is-GIO32.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\flexi\is-O1SLI.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\flexi\is-1CGJ9.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\flexi\is-M5DE4.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\flexi\is-033JI.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\flexi\is-L4OAU.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\flexi\is-LJ5D3.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\flexi\is-IF9Q3.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\flexi\is-HAN6B.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\flexi\is-AGMRU.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\flexi\is-RVD12.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\flexi\is-PTQP2.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\flexi\is-I5287.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\flexi\is-5JT8A.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\flexi\is-OFOE1.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\flexi\is-S0D4Q.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\flexi\is-IGSPU.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\flexi\is-R0RJR.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\flexi\is-1SG6M.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\flexi\is-HR3R2.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\flexi\is-CODG7.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\flexi\is-LNB69.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\flexi\is-C4AHP.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\flexi\is-865TJ.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\flexi\is-5EFJR.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\flexi\is-SMCBB.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\flexi\is-261A3.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\flexi\is-MECI4.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\flexi\is-CGP1H.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\flexi\is-U74IP.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\flexi\is-SN7UB.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\flexi\is-66H2D.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\flexi\is-GV0A1.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\flexi\is-OGSGC.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\flexi\is-B81HA.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\flexi\is-MPQS8.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\flexi\is-0N2I4.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\flexi\is-V5TRR.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\flexi\is-D3MPN.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\flexi\is-GFDHA.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\flexi\is-M69II.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\flexi\is-4PHGV.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\flexi\is-VUC2B.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\flexi\is-2EMNE.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\flexi\is-SVHO2.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\flexi\is-OETFG.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Geiss Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Geiss\is-GVN9T.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Geiss\is-FKS89.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Geiss\is-V6G3D.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Geiss\is-EH2R5.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Geiss\is-6QM36.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Geiss\is-LBA1M.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Geiss\is-KVO9A.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Geiss\is-K3RRM.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Geiss\is-123KU.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Geiss\is-VF05A.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Geiss\is-NM2IH.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Geiss\is-KTPSS.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Geiss\is-JAEPR.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Geiss\is-5P0OV.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Geiss\is-24HRR.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Geiss\is-2R3EF.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Geiss\is-98G0O.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Geiss\is-LNU6D.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Geiss\is-FLPM0.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Geiss\is-MPI46.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Geiss\is-8SVCB.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Geiss\is-KA8RB.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Geiss\is-J845N.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Geiss\is-ADGLP.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Geiss\is-GTAJC.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Goody Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Goody\is-B9T9I.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Goody\is-86O3P.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Goody\is-HVOV1.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Goody\is-O9B0K.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Goody\is-TOI6P.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Goody\is-67UST.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Goody\is-64HVM.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Goody\is-STRIQ.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Goody\is-6T6CP.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Goody\is-A0AHR.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Goody\is-KRDRF.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Goody\is-MKESN.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Goody\is-F2EP9.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Goody\is-BQRNC.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Goody\is-P87Q4.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Goody\is-C0552.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Goody\is-A64E2.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Goody\is-667M8.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Goody\is-1L27E.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Hexcollie Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Hexcollie\is-EN26K.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Hexcollie\is-R9IGR.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Hexcollie\is-L6UB6.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Hexcollie\is-JD4J5.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Hexcollie\is-CP3G5.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Martin Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Martin\is-0J4BD.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Martin\is-0UG6V.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Martin\is-40PGV.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Martin\is-C3M4B.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Martin\is-JGJBF.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Martin\is-BNKEA.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Martin\is-72CON.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Martin\is-E2CQ1.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Martin\is-GAL2Q.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Martin\is-67EPV.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Martin\is-OC963.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Martin\is-0CLRT.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Martin\is-0P975.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Martin\is-IJLMN.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Martin\is-HVMOR.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Martin\is-90H8N.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Martin\is-D97I9.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Martin\is-8DO5A.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Martin\is-5COKO.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Martin\is-2A6J8.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Martin\is-02E1T.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Martin\is-IJ3QF.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Martin\is-NJB1I.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Martin\is-58R27.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Martin\is-DVENQ.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Martin\is-92AUV.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Martin\is-7D1B0.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Martin\is-707GD.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Martin\is-05TPN.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Martin\is-FLAFH.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Martin\is-DG40Q.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Martin\is-N7ECH.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Martin\is-2FVHD.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Martin\is-BGFST.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Martin\is-DREMP.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Martin\is-L4HPC.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Martin\is-1MMCJ.tmp Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Directory created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\presets\Martin\is-8MVBT.tmp Jump to behavior
Source: Binary string: C:\agent\_work\8\s\build\ship\x86\burn.pdb source: vcredist_x64.exe, 0000001B.00000000.544275902.0000000000CCB000.00000002.00020000.sdmp, vcredist_x64.exe, 0000001D.00000000.545735742.0000000000F6B000.00000002.00020000.sdmp, VC_redist.x64.exe, 00000020.00000002.589217485.000000000019B000.00000002.00020000.sdmp, VC_redist.x64.exe, 00000025.00000000.583222248.0000000000ADB000.00000002.00020000.sdmp, VC_redist.x64.exe, 00000026.00000000.584723229.0000000000ADB000.00000002.00020000.sdmp, VC_redist.x64.exe, 00000027.00000002.610680528.0000000000ADB000.00000002.00020000.sdmp, VC_redist.x64.exe.32.dr
Source: Binary string: e:\src\datatype_rn\lsd\codec\ralf.pdb source: is-QI59E.tmp.22.dr
Source: Binary string: d:\agent\_work\2\s\\binaries\amd64ret\bin\amd64\\msvcp140_2.amd64.pdb source: is-CPPIC.tmp.22.dr
Source: Binary string: e:\src\producersdk\plugins\transform\audioresampler\audioresampler.pdb source: is-64E3N.tmp.22.dr
Source: Binary string: w:\Work2\ActiveX5_Edited\VStudia\mslanimationfile5\x64\Release\mslanimationfile5.pdb6 source: is-DDA4R.tmp.22.dr
Source: Binary string: w:\Tools\Codejock Software\MFC\Xtreme ToolkitPro v19.2.0\Source\Styles\Office2016\Release\vc160\Office2016vc160.pdb source: video_editor_x64.tmp, 00000016.00000002.675326646.0000000006170000.00000004.00000001.sdmp
Source: Binary string: e:\src\producersdk\plugins\transform\eventpack\eventpack.pdb source: is-SR4CK.tmp.22.dr
Source: Binary string: w:\Work2\ActiveX5_Edited\VStudia\mslanimationfile5\x64\Release\mslanimationfile5.pdb source: is-DDA4R.tmp.22.dr
Source: Binary string: w:\Work2\Projects_VideoSoftDev\video_tools\YouTubeUploader\obj\Release\YouTubeUploader.pdb source: is-GK5DP.tmp.22.dr
Source: Binary string: w:\Work2\Projects_VideoSoftDev\video_tools\YouTubeUploader\obj\Release\YouTubeUploader.pdbh source: is-GK5DP.tmp.22.dr
Source: Binary string: W:\Work2\Projects_VideoSoftDev\common\ExecuteHelper\x64\Release\ExecuteHelper.pdb source: video_editor_x64.tmp, 00000016.00000002.668331619.0000000004E60000.00000004.00000001.sdmp

Data Obfuscation:

barindex
Contains functionality to dynamically determine API calls
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Code function: 22_2_004A1A3C LoadLibraryExW,LoadLibraryW,GetProcAddress, 22_2_004A1A3C
PE file contains an invalid checksum
Source: is-9I76T.tmp.22.dr Static PE information: real checksum: 0x12d125 should be: 0x12adc8
Source: video_editor_x64.exe.2.dr Static PE information: real checksum: 0x55c3daa should be:
Source: itdownload.dll.22.dr Static PE information: real checksum: 0x0 should be: 0x3c807
Source: vcredist_x64.exe.22.dr Static PE information: real checksum: 0xe56dd3 should be:
Source: vcredist_x64.exe.27.dr Static PE information: real checksum: 0xe56dd3 should be: 0xa5b19
Source: _iscrypt.dll.22.dr Static PE information: real checksum: 0x0 should be: 0x89d2
PE file contains sections with non-standard names
Source: vcredist_x64.exe.22.dr Static PE information: section name: .wixburn
Source: vcredist_x64.exe.27.dr Static PE information: section name: .wixburn
Source: VC_redist.x64.exe.32.dr Static PE information: section name: .wixburn
Uses code obfuscation techniques (call, push, ret)
Source: C:\Users\user\Desktop\download\video_editor_x64.exe Code function: 20_2_0040D034 push ecx; mov dword ptr [esp], eax 20_2_0040D039
Source: C:\Users\user\Desktop\download\video_editor_x64.exe Code function: 20_2_0040E0D0 push 0040E118h; ret 20_2_0040E110
Source: C:\Users\user\Desktop\download\video_editor_x64.exe Code function: 20_2_004100D8 push 00410140h; ret 20_2_00410138
Source: C:\Users\user\Desktop\download\video_editor_x64.exe Code function: 20_2_00406944 push 00406986h; ret 20_2_0040697E
Source: C:\Users\user\Desktop\download\video_editor_x64.exe Code function: 20_2_0040B104 push 0040B2B0h; ret 20_2_0040B2A8
Source: C:\Users\user\Desktop\download\video_editor_x64.exe Code function: 20_2_00406A50 push 00406A88h; ret 20_2_00406A80
Source: C:\Users\user\Desktop\download\video_editor_x64.exe Code function: 20_2_0040E250 push 0040E27Ch; ret 20_2_0040E274
Source: C:\Users\user\Desktop\download\video_editor_x64.exe Code function: 20_2_00406A92 push 00406AC0h; ret 20_2_00406AB8
Source: C:\Users\user\Desktop\download\video_editor_x64.exe Code function: 20_2_00406A94 push 00406AC0h; ret 20_2_00406AB8
Source: C:\Users\user\Desktop\download\video_editor_x64.exe Code function: 20_2_004064A6 push 0040650Dh; ret 20_2_00406505
Source: C:\Users\user\Desktop\download\video_editor_x64.exe Code function: 20_2_004064A8 push 0040650Dh; ret 20_2_00406505
Source: C:\Users\user\Desktop\download\video_editor_x64.exe Code function: 20_2_004034A8 push eax; ret 20_2_004034E4
Source: C:\Users\user\Desktop\download\video_editor_x64.exe Code function: 20_2_0041157C push 004115FAh; ret 20_2_004115F2
Source: C:\Users\user\Desktop\download\video_editor_x64.exe Code function: 20_2_0040DD38 push 0040DD7Bh; ret 20_2_0040DD73
Source: C:\Users\user\Desktop\download\video_editor_x64.exe Code function: 20_2_00411618 push 00411645h; ret 20_2_0041163D
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Code function: 22_2_004FA044 push ecx; mov dword ptr [esp], ecx 22_2_004FA049
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Code function: 22_2_0046E0B0 push ecx; mov dword ptr [esp], edx 22_2_0046E0B4
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Code function: 22_2_00482158 push 0048219Bh; ret 22_2_00482193
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Code function: 22_2_004AC17C push ecx; mov dword ptr [esp], eax 22_2_004AC181
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Code function: 22_2_0044C1F4 push 0044C220h; ret 22_2_0044C218
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Code function: 22_2_0042E1B4 push 0042E1E0h; ret 22_2_0042E1D8
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Code function: 22_2_0047E234 push 0047E28Eh; ret 22_2_0047E286
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Code function: 22_2_0045C2C4 push ecx; mov dword ptr [esp], ecx 22_2_0045C2C8
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Code function: 22_2_0040A2C4 push 0040A306h; ret 22_2_0040A2FE
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Code function: 22_2_004542FC push 00454367h; ret 22_2_0045435F
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Code function: 22_2_0049C374 push ecx; mov dword ptr [esp], ecx 22_2_0049C378
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Code function: 22_2_0040A3D0 push 0040A408h; ret 22_2_0040A400
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Code function: 22_2_0046E404 push ecx; mov dword ptr [esp], edx 22_2_0046E408
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Code function: 22_2_0040A412 push 0040A440h; ret 22_2_0040A438
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Code function: 22_2_0040A414 push 0040A440h; ret 22_2_0040A438
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Code function: 22_2_004204B0 push 004204FDh; ret 22_2_004204F5

Persistence and Installation Behavior:

barindex
Drops PE files
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-P4R44.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\FlashIntegro\VideoEditor\Tools\is-RGQOV.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\FlashIntegro\VideoEditor\is-P6BPJ.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-0HCB9.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-19FI6.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-GOHUV.tmp Jump to dropped file
Source: C:\Windows\Temp\{B430B43B-6E75-4804-BCFD-37DBF80ECCF7}\.cr\vcredist_x64.exe File created: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.ba\wixstdba.dll Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\Icons\is-OEFT9.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\codecs\is-8OEUB.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\FlashIntegro\VideoEditor\Tools\is-MA3LK.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\FlashIntegro\is-9I76T.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\codecs\is-NEFLU.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\FlashIntegro\VideoEditor\Tools\is-I6T9L.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Windows\System32\is-0QH9Q.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\FlashIntegro\VideoEditor\is-RQNKS.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\FlashIntegro\VideoEditor\is-LBTK9.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\FlashIntegro\VideoEditor\Tools\is-H1IE7.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\FlashIntegro\VideoEditor\Tools\is-9UITF.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\plugins\is-37145.tmp Jump to dropped file
Source: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe File created: C:\ProgramData\Package Cache\{40d3fee2-b257-46c2-bdc0-cb1088d97327}\VC_redist.x64.exe Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\FlashIntegro\VideoEditor\Tools\is-9HOFC.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Windows\System32\is-8FNTV.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\FlashIntegro\VideoEditor\is-EUP48.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-2APG5.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Windows\System32\is-OHJAD.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-VSVSM.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\tools\is-MJN3C.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\tools\is-64E3N.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\FlashIntegro\VideoEditor\is-2P8H9.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-UNR4I.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\data\is-205MJ.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-QSTSG.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\tools\is-1DN8R.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\FlashIntegro\VideoEditor\Tools\is-H7IP7.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\FlashIntegro\VideoEditor\Tools\is-LIT59.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-9KGNK.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\FlashIntegro\VideoEditor\Tools\is-3G6AI.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Users\user\AppData\Local\Temp\is-9NTLG.tmp\vcredist_x64.exe Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\tools\is-R788B.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-67Q05.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-1K3AJ.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\is-GUIIM.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-BS97R.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-7AVA5.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-DI71O.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\FlashIntegro\VideoEditor\Tools\is-C5B5H.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Windows\System32\is-JNA69.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Users\user\AppData\Local\Temp\is-9NTLG.tmp\_isetup\_setup64.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\codecs\is-NJJD4.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\is-35DF0.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Windows\System32\is-L00SG.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-9T70V.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\tools\is-4922F.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-3EO63.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-T3E2B.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\tools\is-7EV8O.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-P9F2A.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-PIVL1.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-PJL5P.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-09ON3.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Users\user\AppData\Local\Temp\is-9NTLG.tmp\_isetup\_iscrypt.dll Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\FlashIntegro\VideoEditor\is-ROU4O.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\tools\is-VE8B0.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\FlashIntegro\VideoEditor\Tools\is-VVOBD.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Windows\System32\is-RBT22.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\plugins\is-6LQ0G.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-7DG6H.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\tools\is-GSO7L.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\codecs\is-4AD6F.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-LCGQE.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\codecs\is-QI59E.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\plugins\is-M0I4H.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-JIFVF.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-22CCE.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\FlashIntegro\VideoEditor\Tools\is-GK5DP.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\codecs\is-6RM2R.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\FlashIntegro\VideoEditor\is-EPPLT.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-R5R9N.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-CPPIC.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-5IHAM.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-91VDT.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\plugins\is-DBGJC.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-IE7UD.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Windows\System32\is-G6P95.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\FlashIntegro\VideoEditor\Tools\is-EL74B.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\codecs\is-V9E7A.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Windows\System32\is-QUAMI.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Windows\System32\is-AGCOG.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Windows\System32\is-MFS8H.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\is-TI4FS.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\tools\is-SR4CK.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\FlashIntegro\VideoEditor\Tools\is-LP55S.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\is-Q042M.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\codecs\is-QP1V5.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-EPU6H.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\FlashIntegro\VideoEditor\Tools\is-VAK07.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\FlashIntegro\VideoEditor\is-0SG7I.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-DVG3K.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\tools\is-NL7MN.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\plugins\is-JLV0H.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\tools\is-FE45C.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\tools\is-VQ2C8.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\tools\is-LKBCE.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Windows\System32\is-G038I.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-405Q8.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Windows\System32\is-C5KCH.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-P1PRU.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\FlashIntegro\VideoEditor\Tools\is-BKS6A.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\FlashIntegro\VideoEditor\Tools\is-U4VOR.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\codecs\is-L8VPB.tmp Jump to dropped file
Source: C:\Windows\Temp\{B430B43B-6E75-4804-BCFD-37DBF80ECCF7}\.cr\vcredist_x64.exe File created: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-ILPSH.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\FlashIntegro\VideoEditor\Tools\is-05DK1.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Windows\System32\is-PL5GF.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\tools\is-9F3I2.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\FlashIntegro\VideoEditor\Tools\is-0O32B.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\FlashIntegro\VideoEditor\Tools\is-O4TT6.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\FlashIntegro\VideoEditor\is-VKA8L.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\Skins\is-B3CLK.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\FlashIntegro\VideoEditor\is-CSG4M.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\FlashIntegro\VideoEditor\is-H3Q3E.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\tools\is-1KUPI.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\FlashIntegro\VideoEditor\Tools\is-O4EEP.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Windows\System32\is-95VKA.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-51BGK.tmp Jump to dropped file
Source: C:\Windows\SysWOW64\wget.exe File created: C:\Users\user\Desktop\download\video_editor_x64.exe Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\FlashIntegro\VideoEditor\Tools\is-FG6LB.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-9NTLG.tmp\vcredist_x64.exe File created: C:\Windows\Temp\{B430B43B-6E75-4804-BCFD-37DBF80ECCF7}\.cr\vcredist_x64.exe Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\plugins\is-CMQSS.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-T11L1.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\tools\is-7JSD1.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\FlashIntegro\VideoEditor\is-VQLEK.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Windows\System32\is-VHK7U.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\FlashIntegro\VideoEditor\Tools\is-FMAB2.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\codecs\is-1DHV6.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Windows\System32\is-UR5C0.tmp Jump to dropped file
Source: C:\ProgramData\Package Cache\{40d3fee2-b257-46c2-bdc0-cb1088d97327}\VC_redist.x64.exe File created: C:\Windows\Temp\{9BCC3480-CDF5-4D98-B3FD-8A6800206E32}\.ba\wixstdba.dll Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\tools\is-9S1L5.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\FlashIntegro\VideoEditor\is-7P8PE.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-LTK27.tmp Jump to dropped file
Source: C:\Users\user\Desktop\download\video_editor_x64.exe File created: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-32VOB.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\tools\is-RJM7O.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\tools\is-DS9U1.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\is-CL5VE.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\FlashIntegro\VideoEditor\is-LLEGR.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-DDA4R.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Users\user\AppData\Local\Temp\is-9NTLG.tmp\itdownload.dll Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Windows\System32\is-CFMS7.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\codecs\is-FELGD.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Program Files\FlashIntegro\VideoEditor\Tools\is-I7CDN.tmp Jump to dropped file
Drops PE files to the application program directory (C:\ProgramData)
Source: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe File created: C:\ProgramData\Package Cache\{40d3fee2-b257-46c2-bdc0-cb1088d97327}\VC_redist.x64.exe Jump to dropped file
Drops PE files to the windows directory (C:\Windows)
Source: C:\Windows\Temp\{B430B43B-6E75-4804-BCFD-37DBF80ECCF7}\.cr\vcredist_x64.exe File created: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Windows\System32\is-G6P95.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Windows\System32\is-VHK7U.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Windows\System32\is-8FNTV.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Windows\System32\is-RBT22.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Windows\System32\is-OHJAD.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Windows\System32\is-JNA69.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Windows\System32\is-QUAMI.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Windows\System32\is-UR5C0.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Windows\System32\is-AGCOG.tmp Jump to dropped file
Source: C:\ProgramData\Package Cache\{40d3fee2-b257-46c2-bdc0-cb1088d97327}\VC_redist.x64.exe File created: C:\Windows\Temp\{9BCC3480-CDF5-4D98-B3FD-8A6800206E32}\.ba\wixstdba.dll Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Windows\System32\is-PL5GF.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Windows\System32\is-MFS8H.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Windows\System32\is-G038I.tmp Jump to dropped file
Source: C:\Windows\Temp\{B430B43B-6E75-4804-BCFD-37DBF80ECCF7}\.cr\vcredist_x64.exe File created: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.ba\wixstdba.dll Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Windows\System32\is-L00SG.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Windows\System32\is-C5KCH.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Windows\System32\is-CFMS7.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Windows\System32\is-95VKA.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp File created: C:\Windows\System32\is-0QH9Q.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-9NTLG.tmp\vcredist_x64.exe File created: C:\Windows\Temp\{B430B43B-6E75-4804-BCFD-37DBF80ECCF7}\.cr\vcredist_x64.exe Jump to dropped file
Source: C:\Windows\Temp\{B430B43B-6E75-4804-BCFD-37DBF80ECCF7}\.cr\vcredist_x64.exe File created: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.ba\license.rtf Jump to behavior
Source: C:\Windows\Temp\{B430B43B-6E75-4804-BCFD-37DBF80ECCF7}\.cr\vcredist_x64.exe File created: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.ba\1028\license.rtf Jump to behavior
Source: C:\Windows\Temp\{B430B43B-6E75-4804-BCFD-37DBF80ECCF7}\.cr\vcredist_x64.exe File created: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.ba\1029\license.rtf Jump to behavior
Source: C:\Windows\Temp\{B430B43B-6E75-4804-BCFD-37DBF80ECCF7}\.cr\vcredist_x64.exe File created: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.ba\1031\license.rtf Jump to behavior
Source: C:\Windows\Temp\{B430B43B-6E75-4804-BCFD-37DBF80ECCF7}\.cr\vcredist_x64.exe File created: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.ba\1036\license.rtf Jump to behavior
Source: C:\Windows\Temp\{B430B43B-6E75-4804-BCFD-37DBF80ECCF7}\.cr\vcredist_x64.exe File created: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.ba\1040\license.rtf Jump to behavior
Source: C:\Windows\Temp\{B430B43B-6E75-4804-BCFD-37DBF80ECCF7}\.cr\vcredist_x64.exe File created: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.ba\1041\license.rtf Jump to behavior
Source: C:\Windows\Temp\{B430B43B-6E75-4804-BCFD-37DBF80ECCF7}\.cr\vcredist_x64.exe File created: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.ba\1042\license.rtf Jump to behavior
Source: C:\Windows\Temp\{B430B43B-6E75-4804-BCFD-37DBF80ECCF7}\.cr\vcredist_x64.exe File created: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.ba\1045\license.rtf Jump to behavior
Source: C:\Windows\Temp\{B430B43B-6E75-4804-BCFD-37DBF80ECCF7}\.cr\vcredist_x64.exe File created: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.ba\1046\license.rtf Jump to behavior
Source: C:\Windows\Temp\{B430B43B-6E75-4804-BCFD-37DBF80ECCF7}\.cr\vcredist_x64.exe File created: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.ba\1049\license.rtf Jump to behavior
Source: C:\Windows\Temp\{B430B43B-6E75-4804-BCFD-37DBF80ECCF7}\.cr\vcredist_x64.exe File created: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.ba\1055\license.rtf Jump to behavior
Source: C:\Windows\Temp\{B430B43B-6E75-4804-BCFD-37DBF80ECCF7}\.cr\vcredist_x64.exe File created: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.ba\2052\license.rtf Jump to behavior
Source: C:\Windows\Temp\{B430B43B-6E75-4804-BCFD-37DBF80ECCF7}\.cr\vcredist_x64.exe File created: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.ba\3082\license.rtf Jump to behavior
Source: C:\ProgramData\Package Cache\{40d3fee2-b257-46c2-bdc0-cb1088d97327}\VC_redist.x64.exe File created: C:\Windows\Temp\{9BCC3480-CDF5-4D98-B3FD-8A6800206E32}\.ba\license.rtf
Source: C:\ProgramData\Package Cache\{40d3fee2-b257-46c2-bdc0-cb1088d97327}\VC_redist.x64.exe File created: C:\Windows\Temp\{9BCC3480-CDF5-4D98-B3FD-8A6800206E32}\.ba\1028\license.rtf
Source: C:\ProgramData\Package Cache\{40d3fee2-b257-46c2-bdc0-cb1088d97327}\VC_redist.x64.exe File created: C:\Windows\Temp\{9BCC3480-CDF5-4D98-B3FD-8A6800206E32}\.ba\1029\license.rtf
Source: C:\ProgramData\Package Cache\{40d3fee2-b257-46c2-bdc0-cb1088d97327}\VC_redist.x64.exe File created: C:\Windows\Temp\{9BCC3480-CDF5-4D98-B3FD-8A6800206E32}\.ba\1031\license.rtf
Source: C:\ProgramData\Package Cache\{40d3fee2-b257-46c2-bdc0-cb1088d97327}\VC_redist.x64.exe File created: C:\Windows\Temp\{9BCC3480-CDF5-4D98-B3FD-8A6800206E32}\.ba\1036\license.rtf
Source: C:\ProgramData\Package Cache\{40d3fee2-b257-46c2-bdc0-cb1088d97327}\VC_redist.x64.exe File created: C:\Windows\Temp\{9BCC3480-CDF5-4D98-B3FD-8A6800206E32}\.ba\1040\license.rtf
Source: C:\ProgramData\Package Cache\{40d3fee2-b257-46c2-bdc0-cb1088d97327}\VC_redist.x64.exe File created: C:\Windows\Temp\{9BCC3480-CDF5-4D98-B3FD-8A6800206E32}\.ba\1041\license.rtf
Source: C:\ProgramData\Package Cache\{40d3fee2-b257-46c2-bdc0-cb1088d97327}\VC_redist.x64.exe File created: C:\Windows\Temp\{9BCC3480-CDF5-4D98-B3FD-8A6800206E32}\.ba\1042\license.rtf
Source: C:\ProgramData\Package Cache\{40d3fee2-b257-46c2-bdc0-cb1088d97327}\VC_redist.x64.exe File created: C:\Windows\Temp\{9BCC3480-CDF5-4D98-B3FD-8A6800206E32}\.ba\1045\license.rtf
Source: C:\ProgramData\Package Cache\{40d3fee2-b257-46c2-bdc0-cb1088d97327}\VC_redist.x64.exe File created: C:\Windows\Temp\{9BCC3480-CDF5-4D98-B3FD-8A6800206E32}\.ba\1046\license.rtf
Source: C:\ProgramData\Package Cache\{40d3fee2-b257-46c2-bdc0-cb1088d97327}\VC_redist.x64.exe File created: C:\Windows\Temp\{9BCC3480-CDF5-4D98-B3FD-8A6800206E32}\.ba\1049\license.rtf
Source: C:\ProgramData\Package Cache\{40d3fee2-b257-46c2-bdc0-cb1088d97327}\VC_redist.x64.exe File created: C:\Windows\Temp\{9BCC3480-CDF5-4D98-B3FD-8A6800206E32}\.ba\1055\license.rtf
Source: C:\ProgramData\Package Cache\{40d3fee2-b257-46c2-bdc0-cb1088d97327}\VC_redist.x64.exe File created: C:\Windows\Temp\{9BCC3480-CDF5-4D98-B3FD-8A6800206E32}\.ba\2052\license.rtf
Source: C:\ProgramData\Package Cache\{40d3fee2-b257-46c2-bdc0-cb1088d97327}\VC_redist.x64.exe File created: C:\Windows\Temp\{9BCC3480-CDF5-4D98-B3FD-8A6800206E32}\.ba\3082\license.rtf

Hooking and other Techniques for Hiding and Protection:

barindex
Contains functionality to check if a window is minimized (may be used to check if an application is visible)
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Code function: 22_2_00470AAC GetWindowLongW,IsIconic,IsWindowVisible,ShowWindow,SetWindowLongW,SetWindowLongW,ShowWindow,ShowWindow, 22_2_00470AAC
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Code function: 22_2_004736F8 IsIconic,SetFocus,GetParent,SaveDC,RestoreDC,GetWindowDC,SaveDC,RestoreDC, 22_2_004736F8
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Code function: 22_2_004629EC IsIconic,GetCapture, 22_2_004629EC
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Code function: 22_2_00470A2C IsIconic, 22_2_00470A2C
Monitors certain registry keys / values for changes (often done to protect autostart functionality)
Source: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe Registry key monitored for changes: HKEY_CURRENT_USER_Classes Jump to behavior
Source: C:\Users\user\Desktop\download\video_editor_x64.exe Process information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Process information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Process information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Process information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Process information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Process information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Process information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Process information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Process information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Process information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX Jump to behavior
Source: C:\Windows\Temp\{B430B43B-6E75-4804-BCFD-37DBF80ECCF7}\.cr\vcredist_x64.exe Process information set: NOOPENFILEERRORBOX Jump to behavior

Malware Analysis System Evasion:

barindex
Contains capabilities to detect virtual machines
Source: C:\Windows\Temp\{B430B43B-6E75-4804-BCFD-37DBF80ECCF7}\.cr\vcredist_x64.exe File opened / queried: SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#5&280b647&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b} Jump to behavior
Contains functionality to detect sandboxes (mouse cursor move detection)
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Code function: GetCurrentThreadId,GetCursorPos,WaitForSingleObject, 22_2_0047A500
Found dropped PE file which has not been started or loaded
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-P4R44.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\FlashIntegro\VideoEditor\Tools\is-RGQOV.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\FlashIntegro\VideoEditor\is-P6BPJ.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-0HCB9.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-19FI6.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-GOHUV.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\Icons\is-OEFT9.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\FlashIntegro\VideoEditor\Tools\is-MA3LK.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\codecs\is-8OEUB.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\FlashIntegro\is-9I76T.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\FlashIntegro\VideoEditor\Tools\is-I6T9L.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\codecs\is-NEFLU.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\FlashIntegro\VideoEditor\is-RQNKS.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Windows\System32\is-0QH9Q.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\FlashIntegro\VideoEditor\is-LBTK9.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\FlashIntegro\VideoEditor\Tools\is-9UITF.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\FlashIntegro\VideoEditor\Tools\is-H1IE7.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\plugins\is-37145.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\FlashIntegro\VideoEditor\Tools\is-9HOFC.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Windows\System32\is-8FNTV.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\FlashIntegro\VideoEditor\is-EUP48.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-2APG5.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Windows\System32\is-OHJAD.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-VSVSM.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-UNR4I.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\tools\is-MJN3C.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\FlashIntegro\VideoEditor\is-2P8H9.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\tools\is-64E3N.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\FlashIntegro\VideoEditor\Templates\AudioVis\data\is-205MJ.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-QSTSG.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\tools\is-1DN8R.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\FlashIntegro\VideoEditor\Tools\is-H7IP7.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\FlashIntegro\VideoEditor\Tools\is-LIT59.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-9KGNK.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\FlashIntegro\VideoEditor\Tools\is-3G6AI.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\tools\is-R788B.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-1K3AJ.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\is-GUIIM.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-67Q05.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-BS97R.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-7AVA5.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-DI71O.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\FlashIntegro\VideoEditor\Tools\is-C5B5H.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Windows\System32\is-JNA69.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\is-9NTLG.tmp\_isetup\_setup64.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\is-35DF0.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\codecs\is-NJJD4.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Windows\System32\is-L00SG.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-9T70V.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-3EO63.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\tools\is-4922F.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-T3E2B.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-P9F2A.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\tools\is-7EV8O.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-PIVL1.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-PJL5P.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-09ON3.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\FlashIntegro\VideoEditor\is-ROU4O.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\tools\is-VE8B0.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\FlashIntegro\VideoEditor\Tools\is-VVOBD.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Windows\System32\is-RBT22.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\plugins\is-6LQ0G.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-7DG6H.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\tools\is-GSO7L.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\codecs\is-4AD6F.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-LCGQE.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\codecs\is-QI59E.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\plugins\is-M0I4H.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-JIFVF.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\FlashIntegro\VideoEditor\Tools\is-GK5DP.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-22CCE.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\codecs\is-6RM2R.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\FlashIntegro\VideoEditor\is-EPPLT.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-R5R9N.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-CPPIC.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-5IHAM.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-91VDT.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\plugins\is-DBGJC.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-IE7UD.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Windows\System32\is-G6P95.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\FlashIntegro\VideoEditor\Tools\is-EL74B.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\codecs\is-V9E7A.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Windows\System32\is-QUAMI.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Windows\System32\is-AGCOG.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Windows\System32\is-MFS8H.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\is-TI4FS.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\tools\is-SR4CK.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\FlashIntegro\VideoEditor\Tools\is-LP55S.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\is-Q042M.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-EPU6H.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\codecs\is-QP1V5.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\FlashIntegro\VideoEditor\Tools\is-VAK07.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\FlashIntegro\VideoEditor\is-0SG7I.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-DVG3K.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\tools\is-NL7MN.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\plugins\is-JLV0H.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\tools\is-VQ2C8.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\tools\is-FE45C.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\tools\is-LKBCE.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Windows\System32\is-G038I.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-405Q8.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Windows\System32\is-C5KCH.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-P1PRU.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\FlashIntegro\VideoEditor\Tools\is-BKS6A.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\FlashIntegro\VideoEditor\Tools\is-U4VOR.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\codecs\is-L8VPB.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-ILPSH.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\FlashIntegro\VideoEditor\Tools\is-05DK1.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Windows\System32\is-PL5GF.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\tools\is-9F3I2.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\FlashIntegro\VideoEditor\Tools\is-0O32B.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\FlashIntegro\VideoEditor\Tools\is-O4TT6.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\FlashIntegro\VideoEditor\is-VKA8L.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\Skins\is-B3CLK.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\FlashIntegro\VideoEditor\is-CSG4M.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\FlashIntegro\VideoEditor\is-H3Q3E.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\tools\is-1KUPI.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\FlashIntegro\VideoEditor\Tools\is-O4EEP.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Windows\System32\is-95VKA.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-51BGK.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\FlashIntegro\VideoEditor\Tools\is-FG6LB.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-9NTLG.tmp\vcredist_x64.exe Dropped PE file which has not been started: C:\Windows\Temp\{B430B43B-6E75-4804-BCFD-37DBF80ECCF7}\.cr\vcredist_x64.exe Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-T11L1.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\plugins\is-CMQSS.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\tools\is-7JSD1.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\FlashIntegro\VideoEditor\is-VQLEK.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Windows\System32\is-VHK7U.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\FlashIntegro\VideoEditor\Tools\is-FMAB2.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\codecs\is-1DHV6.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Windows\System32\is-UR5C0.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\tools\is-9S1L5.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-LTK27.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\FlashIntegro\VideoEditor\is-7P8PE.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-32VOB.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\tools\is-RJM7O.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\tools\is-DS9U1.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\is-CL5VE.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\FlashIntegro\VideoEditor\is-LLEGR.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\ActiveX\is-DDA4R.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\is-9NTLG.tmp\itdownload.dll Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Windows\System32\is-CFMS7.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\Common Files\FlashIntegro\ActiveX\x32\RMBin\codecs\is-FELGD.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Dropped PE file which has not been started: C:\Program Files\FlashIntegro\VideoEditor\Tools\is-I7CDN.tmp Jump to dropped file
Found evaded block containing many API calls
Source: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe Evaded block: after key decision
Source: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe Evaded block: after key decision
Source: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe Evaded block: after key decision
Source: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe Evaded block: after key decision
Source: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe Evaded block: after key decision
Found evasive API chain checking for process token information
Source: C:\Users\user\AppData\Local\Temp\is-9NTLG.tmp\vcredist_x64.exe Check user administrative privileges: GetTokenInformation,DecisionNodes
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Check user administrative privileges: GetTokenInformation,DecisionNodes
Source: C:\Windows\Temp\{B430B43B-6E75-4804-BCFD-37DBF80ECCF7}\.cr\vcredist_x64.exe Check user administrative privileges: GetTokenInformation,DecisionNodes
Source: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe Check user administrative privileges: GetTokenInformation,DecisionNodes
Is looking for software installed on the system
Source: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe Registry key enumerated: More than 150 enums for key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
Source: C:\ProgramData\Package Cache\{40d3fee2-b257-46c2-bdc0-cb1088d97327}\VC_redist.x64.exe Registry key enumerated: More than 152 enums for key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
Source: C:\Windows\Temp\{B430B43B-6E75-4804-BCFD-37DBF80ECCF7}\.cr\vcredist_x64.exe Registry key enumerated: More than 151 enums for key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
Queries keyboard layouts
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Key opened: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Keyboard Layouts\04090409 Jump to behavior
Uses the system / local time for branch decision (may execute only at specific dates)
Source: C:\Users\user\AppData\Local\Temp\is-9NTLG.tmp\vcredist_x64.exe Code function: 27_2_00CBFDC2 GetLocalTime followed by cmp: cmp dword ptr [ebp+08h], 05h and CTI: je 00CBFE5Dh 27_2_00CBFDC2
Source: C:\Users\user\AppData\Local\Temp\is-9NTLG.tmp\vcredist_x64.exe Code function: 27_2_00CBFDC2 GetLocalTime followed by cmp: cmp dword ptr [ebp+08h], 01h and CTI: je 00CBFE56h 27_2_00CBFDC2
Source: C:\Windows\Temp\{B430B43B-6E75-4804-BCFD-37DBF80ECCF7}\.cr\vcredist_x64.exe Code function: 29_2_00F5FDC2 GetLocalTime followed by cmp: cmp dword ptr [ebp+08h], 05h and CTI: je 00F5FE5Dh 29_2_00F5FDC2
Source: C:\Windows\Temp\{B430B43B-6E75-4804-BCFD-37DBF80ECCF7}\.cr\vcredist_x64.exe Code function: 29_2_00F5FDC2 GetLocalTime followed by cmp: cmp dword ptr [ebp+08h], 01h and CTI: je 00F5FE56h 29_2_00F5FDC2
Source: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe Code function: 32_2_0018FDC2 GetLocalTime followed by cmp: cmp dword ptr [ebp+08h], 05h and CTI: je 0018FE5Dh 32_2_0018FDC2
Source: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe Code function: 32_2_0018FDC2 GetLocalTime followed by cmp: cmp dword ptr [ebp+08h], 01h and CTI: je 0018FE56h 32_2_0018FDC2
Source: C:\Users\user\Desktop\download\video_editor_x64.exe Code function: 20_2_00405BEC GetModuleHandleW,GetProcAddress,lstrcpynW,lstrcpynW,lstrcpynW,FindFirstFileW,FindClose,lstrlenW,lstrcpynW,lstrlenW,lstrcpynW, 20_2_00405BEC
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Code function: 22_2_004AD294 FindFirstFileW,GetLastError, 22_2_004AD294
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Code function: 22_2_00408174 GetModuleHandleW,GetProcAddress,lstrcpynW,lstrcpynW,lstrcpynW,FindFirstFileW,FindClose,lstrlenW,lstrcpynW,lstrlenW,lstrcpynW, 22_2_00408174
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Code function: 22_2_004C0BC0 SetErrorMode,FindFirstFileW,FindNextFileW,FindClose,SetErrorMode, 22_2_004C0BC0
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Code function: 22_2_004C107C SetErrorMode,FindFirstFileW,FindNextFileW,FindClose,SetErrorMode, 22_2_004C107C
Source: C:\Users\user\AppData\Local\Temp\is-9NTLG.tmp\vcredist_x64.exe Code function: 27_2_00C83BC3 GetFileAttributesW,GetLastError,GetLastError,SetFileAttributesW,GetLastError,GetTempPathW,GetLastError,FindFirstFileW,GetLastError,SetFileAttributesW,DeleteFileW,GetTempFileNameW,MoveFileExW,MoveFileExW,MoveFileExW,FindNextFileW,GetLastError,GetLastError,GetLastError,GetLastError,RemoveDirectoryW,GetLastError,MoveFileExW,GetLastError,FindClose, 27_2_00C83BC3
Source: C:\Users\user\AppData\Local\Temp\is-9NTLG.tmp\vcredist_x64.exe Code function: 27_2_00CC4315 FindFirstFileW,FindClose, 27_2_00CC4315
Source: C:\Users\user\AppData\Local\Temp\is-9NTLG.tmp\vcredist_x64.exe Code function: 27_2_00C9993E FindFirstFileW,lstrlenW,FindNextFileW,FindClose, 27_2_00C9993E
Source: C:\Users\user\AppData\Local\Temp\is-9NTLG.tmp\vcredist_x64.exe Code function: 27_2_00CB7A87 FindFirstFileExW, 27_2_00CB7A87
Source: C:\Windows\Temp\{B430B43B-6E75-4804-BCFD-37DBF80ECCF7}\.cr\vcredist_x64.exe Code function: 29_2_00F3993E FindFirstFileW,lstrlenW,FindNextFileW,FindClose, 29_2_00F3993E
Source: C:\Windows\Temp\{B430B43B-6E75-4804-BCFD-37DBF80ECCF7}\.cr\vcredist_x64.exe Code function: 29_2_00F23BC3 GetFileAttributesW,GetLastError,GetLastError,SetFileAttributesW,GetLastError,GetTempPathW,GetLastError,FindFirstFileW,GetLastError,SetFileAttributesW,DeleteFileW,GetTempFileNameW,MoveFileExW,MoveFileExW,MoveFileExW,FindNextFileW,GetLastError,GetLastError,GetLastError,GetLastError,RemoveDirectoryW,GetLastError,MoveFileExW,GetLastError,FindClose, 29_2_00F23BC3
Source: C:\Windows\Temp\{B430B43B-6E75-4804-BCFD-37DBF80ECCF7}\.cr\vcredist_x64.exe Code function: 29_2_00F64315 FindFirstFileW,FindClose, 29_2_00F64315
Source: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe Code function: 32_2_00194315 FindFirstFileW,FindClose, 32_2_00194315
Source: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe Code function: 32_2_0016993E FindFirstFileW,lstrlenW,FindNextFileW,FindClose, 32_2_0016993E
Source: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe Code function: 32_2_00153BC3 GetFileAttributesW,GetLastError,GetLastError,SetFileAttributesW,GetLastError,GetTempPathW,GetLastError,FindFirstFileW,GetLastError,SetFileAttributesW,DeleteFileW,GetTempFileNameW,MoveFileExW,MoveFileExW,MoveFileExW,FindNextFileW,GetLastError,GetLastError,GetLastError,GetLastError,RemoveDirectoryW,GetLastError,MoveFileExW,GetLastError,FindClose, 32_2_00153BC3
Source: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe Code function: 32_2_00187A87 FindFirstFileExW, 32_2_00187A87
Source: C:\Users\user\Desktop\download\video_editor_x64.exe Code function: 20_2_00406458 GetSystemInfo, 20_2_00406458
Source: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe File opened: C:\ProgramData\Package Cache\{12578975-C765-4BDF-8DDC-3284BC0E855F}v14.21.27702\packages\vcRuntimeAdditional_amd64\cab1.cab Jump to behavior
Source: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe File opened: C:\ProgramData\Package Cache\{12578975-C765-4BDF-8DDC-3284BC0E855F}v14.21.27702\packages\NULL Jump to behavior
Source: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe File opened: C:\ProgramData\Package Cache\{12578975-C765-4BDF-8DDC-3284BC0E855F}v14.21.27702\NULL Jump to behavior
Source: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe File opened: C:\ProgramData\Package Cache\{12578975-C765-4BDF-8DDC-3284BC0E855F}v14.21.27702\packages\vcRuntimeAdditional_amd64 Jump to behavior
Source: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe File opened: C:\ProgramData\Package Cache\{12578975-C765-4BDF-8DDC-3284BC0E855F}v14.21.27702\packages Jump to behavior
Source: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe File opened: C:\ProgramData\Package Cache\{12578975-C765-4BDF-8DDC-3284BC0E855F}v14.21.27702\packages\vcRuntimeAdditional_amd64\NULL Jump to behavior
Source: video_editor_x64.exe, 00000014.00000002.651888982.00000000023C0000.00000002.00000001.sdmp, video_editor_x64.tmp, 00000016.00000002.657074100.00000000029A0000.00000002.00000001.sdmp, vcredist_x64.exe, 0000001B.00000002.599493680.0000000002F00000.00000002.00000001.sdmp, vcredist_x64.exe, 0000001D.00000002.595145867.0000000002E00000.00000002.00000001.sdmp, VC_redist.x64.exe, 00000020.00000002.590824327.0000000003550000.00000002.00000001.sdmp, VC_redist.x64.exe, 00000025.00000002.589434841.0000000003470000.00000002.00000001.sdmp, VC_redist.x64.exe, 00000026.00000002.616679838.00000000033C0000.00000002.00000001.sdmp, VC_redist.x64.exe, 00000027.00000002.611705152.0000000002D70000.00000002.00000001.sdmp Binary or memory string: A Virtual Machine could not be started because Hyper-V is not installed.
Source: video_editor_x64.exe, 00000014.00000002.651888982.00000000023C0000.00000002.00000001.sdmp, video_editor_x64.tmp, 00000016.00000002.657074100.00000000029A0000.00000002.00000001.sdmp, vcredist_x64.exe, 0000001B.00000002.599493680.0000000002F00000.00000002.00000001.sdmp, vcredist_x64.exe, 0000001D.00000002.595145867.0000000002E00000.00000002.00000001.sdmp, VC_redist.x64.exe, 00000020.00000002.590824327.0000000003550000.00000002.00000001.sdmp, VC_redist.x64.exe, 00000025.00000002.589434841.0000000003470000.00000002.00000001.sdmp, VC_redist.x64.exe, 00000026.00000002.616679838.00000000033C0000.00000002.00000001.sdmp, VC_redist.x64.exe, 00000027.00000002.611705152.0000000002D70000.00000002.00000001.sdmp Binary or memory string: A communication protocol error has occurred between the Hyper-V Host and Guest Compute Service.
Source: video_editor_x64.exe, 00000014.00000002.651888982.00000000023C0000.00000002.00000001.sdmp, video_editor_x64.tmp, 00000016.00000002.657074100.00000000029A0000.00000002.00000001.sdmp, vcredist_x64.exe, 0000001B.00000002.599493680.0000000002F00000.00000002.00000001.sdmp, vcredist_x64.exe, 0000001D.00000002.595145867.0000000002E00000.00000002.00000001.sdmp, VC_redist.x64.exe, 00000020.00000002.590824327.0000000003550000.00000002.00000001.sdmp, VC_redist.x64.exe, 00000025.00000002.589434841.0000000003470000.00000002.00000001.sdmp, VC_redist.x64.exe, 00000026.00000002.616679838.00000000033C0000.00000002.00000001.sdmp, VC_redist.x64.exe, 00000027.00000002.611705152.0000000002D70000.00000002.00000001.sdmp Binary or memory string: The communication protocol version between the Hyper-V Host and Guest Compute Services is not supported.
Source: wget.exe, 00000002.00000002.340434297.00000000009F8000.00000004.00000020.sdmp Binary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll
Source: video_editor_x64.exe, 00000014.00000002.651888982.00000000023C0000.00000002.00000001.sdmp, video_editor_x64.tmp, 00000016.00000002.657074100.00000000029A0000.00000002.00000001.sdmp, vcredist_x64.exe, 0000001B.00000002.599493680.0000000002F00000.00000002.00000001.sdmp, vcredist_x64.exe, 0000001D.00000002.595145867.0000000002E00000.00000002.00000001.sdmp, VC_redist.x64.exe, 00000020.00000002.590824327.0000000003550000.00000002.00000001.sdmp, VC_redist.x64.exe, 00000025.00000002.589434841.0000000003470000.00000002.00000001.sdmp, VC_redist.x64.exe, 00000026.00000002.616679838.00000000033C0000.00000002.00000001.sdmp, VC_redist.x64.exe, 00000027.00000002.611705152.0000000002D70000.00000002.00000001.sdmp Binary or memory string: An unknown internal message was received by the Hyper-V Compute Service.
Source: C:\Users\user\Desktop\download\video_editor_x64.exe API call chain: ExitProcess graph end node
Source: C:\Users\user\AppData\Local\Temp\is-9NTLG.tmp\vcredist_x64.exe API call chain: ExitProcess graph end node
Source: C:\Windows\Temp\{B430B43B-6E75-4804-BCFD-37DBF80ECCF7}\.cr\vcredist_x64.exe API call chain: ExitProcess graph end node
Source: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe API call chain: ExitProcess graph end node
Source: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe Process information queried: ProcessInformation Jump to behavior

Anti Debugging:

barindex
Contains functionality to check if a debugger is running (IsDebuggerPresent)
Source: C:\Users\user\AppData\Local\Temp\is-9NTLG.tmp\vcredist_x64.exe Code function: 27_2_00CAE625 IsProcessorFeaturePresent,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter, 27_2_00CAE625
Contains functionality to dynamically determine API calls
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Code function: 22_2_004A1A3C LoadLibraryExW,LoadLibraryW,GetProcAddress, 22_2_004A1A3C
Contains functionality to read the PEB
Source: C:\Users\user\AppData\Local\Temp\is-9NTLG.tmp\vcredist_x64.exe Code function: 27_2_00CB4812 mov eax, dword ptr fs:[00000030h] 27_2_00CB4812
Source: C:\Windows\Temp\{B430B43B-6E75-4804-BCFD-37DBF80ECCF7}\.cr\vcredist_x64.exe Code function: 29_2_00F54812 mov eax, dword ptr fs:[00000030h] 29_2_00F54812
Source: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe Code function: 32_2_00184812 mov eax, dword ptr fs:[00000030h] 32_2_00184812
Contains functionality which may be used to detect a debugger (GetProcessHeap)
Source: C:\Users\user\AppData\Local\Temp\is-9NTLG.tmp\vcredist_x64.exe Code function: 27_2_00C838D4 GetProcessHeap,RtlAllocateHeap, 27_2_00C838D4
Source: C:\Users\user\AppData\Local\Temp\is-9NTLG.tmp\vcredist_x64.exe Code function: 27_2_00CAE773 SetUnhandledExceptionFilter, 27_2_00CAE773
Source: C:\Users\user\AppData\Local\Temp\is-9NTLG.tmp\vcredist_x64.exe Code function: 27_2_00CAE188 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess, 27_2_00CAE188
Source: C:\Users\user\AppData\Local\Temp\is-9NTLG.tmp\vcredist_x64.exe Code function: 27_2_00CAE625 IsProcessorFeaturePresent,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter, 27_2_00CAE625
Source: C:\Users\user\AppData\Local\Temp\is-9NTLG.tmp\vcredist_x64.exe Code function: 27_2_00CB3BB0 IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter, 27_2_00CB3BB0
Source: C:\Windows\Temp\{B430B43B-6E75-4804-BCFD-37DBF80ECCF7}\.cr\vcredist_x64.exe Code function: 29_2_00F4E188 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess, 29_2_00F4E188
Source: C:\Windows\Temp\{B430B43B-6E75-4804-BCFD-37DBF80ECCF7}\.cr\vcredist_x64.exe Code function: 29_2_00F53BB0 IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter, 29_2_00F53BB0
Source: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe Code function: 32_2_0017E773 SetUnhandledExceptionFilter, 32_2_0017E773
Source: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe Code function: 32_2_0017E188 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess, 32_2_0017E188
Source: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe Code function: 32_2_0017E625 IsProcessorFeaturePresent,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter, 32_2_0017E625
Source: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe Code function: 32_2_00183BB0 IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter, 32_2_00183BB0

HIPS / PFW / Operating System Protection Evasion:

barindex
Contains functionality to launch a program with higher privileges
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Code function: 22_2_004D8F68 ShellExecuteExW,GetLastError,MsgWaitForMultipleObjects,GetExitCodeProcess,CloseHandle, 22_2_004D8F68
Creates a process in suspended mode (likely to inject code)
Source: C:\Users\user\AppData\Local\Temp\is-9NTLG.tmp\vcredist_x64.exe Process created: C:\Windows\Temp\{B430B43B-6E75-4804-BCFD-37DBF80ECCF7}\.cr\vcredist_x64.exe 'C:\Windows\Temp\{B430B43B-6E75-4804-BCFD-37DBF80ECCF7}\.cr\vcredist_x64.exe' -burn.clean.room='C:\Users\user\AppData\Local\Temp\is-9NTLG.tmp\vcredist_x64.exe' -burn.filehandle.attached=580 -burn.filehandle.self=564 /install /passive /norestart Jump to behavior
Source: C:\Windows\Temp\{B430B43B-6E75-4804-BCFD-37DBF80ECCF7}\.cr\vcredist_x64.exe Process created: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe 'C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe' -q -burn.elevated BurnPipe.{AEC565AB-0FED-47E7-88D9-B941D20CF512} {87809E35-81C0-47B4-86E7-066B690A99EC} 5088 Jump to behavior
Source: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe Process created: unknown unknown Jump to behavior
Source: C:\ProgramData\Package Cache\{40d3fee2-b257-46c2-bdc0-cb1088d97327}\VC_redist.x64.exe Process created: C:\ProgramData\Package Cache\{40d3fee2-b257-46c2-bdc0-cb1088d97327}\VC_redist.x64.exe 'C:\ProgramData\Package Cache\{40d3fee2-b257-46c2-bdc0-cb1088d97327}\VC_redist.x64.exe' -burn.clean.room='C:\ProgramData\Package Cache\{40d3fee2-b257-46c2-bdc0-cb1088d97327}\VC_redist.x64.exe' -burn.filehandle.attached=600 -burn.filehandle.self=596 /passive /norestart /burn.log.append 'C:\Users\user\AppData\Local\Temp\dd_vcredist_amd64_20201203102239.log' /install
Very long cmdline option found, this is very uncommon (may be encrypted or packed)
Source: unknown Process created: C:\ProgramData\Package Cache\{40d3fee2-b257-46c2-bdc0-cb1088d97327}\VC_redist.x64.exe 'C:\ProgramData\Package Cache\{40d3fee2-b257-46c2-bdc0-cb1088d97327}\VC_redist.x64.exe' -burn.clean.room='C:\ProgramData\Package Cache\{40d3fee2-b257-46c2-bdc0-cb1088d97327}\VC_redist.x64.exe' -burn.filehandle.attached=600 -burn.filehandle.self=596 /passive /norestart /burn.log.append 'C:\Users\user\AppData\Local\Temp\dd_vcredist_amd64_20201203102239.log' /install
Source: C:\ProgramData\Package Cache\{40d3fee2-b257-46c2-bdc0-cb1088d97327}\VC_redist.x64.exe Process created: C:\ProgramData\Package Cache\{40d3fee2-b257-46c2-bdc0-cb1088d97327}\VC_redist.x64.exe 'C:\ProgramData\Package Cache\{40d3fee2-b257-46c2-bdc0-cb1088d97327}\VC_redist.x64.exe' -burn.clean.room='C:\ProgramData\Package Cache\{40d3fee2-b257-46c2-bdc0-cb1088d97327}\VC_redist.x64.exe' -burn.filehandle.attached=600 -burn.filehandle.self=596 /passive /norestart /burn.log.append 'C:\Users\user\AppData\Local\Temp\dd_vcredist_amd64_20201203102239.log' /install
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Code function: 22_2_00480E38 InitializeSecurityDescriptor,SetSecurityDescriptorDacl, 22_2_00480E38
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Code function: 22_2_0047FFEC AllocateAndInitializeSid,GetVersion,GetModuleHandleW,CheckTokenMembership,GetCurrentThread,OpenThreadToken,GetLastError,GetCurrentProcess,OpenProcessToken,GetTokenInformation,GetLastError,GetTokenInformation,EqualSid,CloseHandle,FreeSid, 22_2_0047FFEC
Source: video_editor_x64.exe, 00000014.00000002.650376524.0000000000E70000.00000002.00000001.sdmp, video_editor_x64.tmp, 00000016.00000002.652288287.0000000000FE0000.00000002.00000001.sdmp Binary or memory string: Program Manager
Source: video_editor_x64.exe, 00000014.00000002.650376524.0000000000E70000.00000002.00000001.sdmp, video_editor_x64.tmp, 00000016.00000002.652288287.0000000000FE0000.00000002.00000001.sdmp Binary or memory string: Shell_TrayWnd
Source: video_editor_x64.exe, 00000014.00000002.650376524.0000000000E70000.00000002.00000001.sdmp, video_editor_x64.tmp, 00000016.00000002.652288287.0000000000FE0000.00000002.00000001.sdmp Binary or memory string: Progman
Source: video_editor_x64.exe, 00000014.00000002.650376524.0000000000E70000.00000002.00000001.sdmp, video_editor_x64.tmp, 00000016.00000002.652288287.0000000000FE0000.00000002.00000001.sdmp Binary or memory string: Progmanlock

Language, Device and Operating System Detection:

barindex
Contains functionality to query CPU information (cpuid)
Source: C:\Users\user\AppData\Local\Temp\is-9NTLG.tmp\vcredist_x64.exe Code function: 27_2_00CAE9A7 cpuid 27_2_00CAE9A7
Contains functionality to query locales information (e.g. system language)
Source: C:\Users\user\Desktop\download\video_editor_x64.exe Code function: GetModuleFileNameW,RegOpenKeyExW,RegOpenKeyExW,RegOpenKeyExW,RegOpenKeyExW,RegQueryValueExW,RegQueryValueExW,RegCloseKey,lstrcpynW,GetThreadLocale,GetLocaleInfoW,lstrlenW,lstrcpynW,LoadLibraryExW,lstrcpynW,LoadLibraryExW,lstrcpynW,LoadLibraryExW, 20_2_00405DE8
Source: C:\Users\user\Desktop\download\video_editor_x64.exe Code function: GetLocaleInfoW, 20_2_0040E640
Source: C:\Users\user\Desktop\download\video_editor_x64.exe Code function: GetLocaleInfoW, 20_2_00408EB4
Source: C:\Users\user\Desktop\download\video_editor_x64.exe Code function: GetLocaleInfoW, 20_2_00408F00
Source: C:\Users\user\Desktop\download\video_editor_x64.exe Code function: lstrcpynW,GetThreadLocale,GetLocaleInfoW,lstrlenW,lstrcpynW,LoadLibraryExW,lstrcpynW,LoadLibraryExW,lstrcpynW,LoadLibraryExW, 20_2_00405F23
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Code function: GetModuleFileNameW,RegOpenKeyExW,RegOpenKeyExW,RegOpenKeyExW,RegOpenKeyExW,RegQueryValueExW,RegQueryValueExW,RegCloseKey,lstrcpynW,GetThreadLocale,GetLocaleInfoW,lstrlenW,lstrcpynW,LoadLibraryExW,lstrcpynW,LoadLibraryExW,lstrcpynW,LoadLibraryExW, 22_2_00408370
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Code function: lstrcpynW,GetThreadLocale,GetLocaleInfoW,lstrlenW,lstrcpynW,LoadLibraryExW,lstrcpynW,LoadLibraryExW,lstrcpynW,LoadLibraryExW, 22_2_004084AB
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Code function: GetLocaleInfoW, 22_2_004B0DAC
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Code function: GetLocaleInfoW, 22_2_00410FC0
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Code function: GetLocaleInfoW, 22_2_00410FBE
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Code function: GetLocaleInfoW, 22_2_0041100C
Queries the volume information (name, serial number etc) of a device
Source: C:\Windows\SysWOW64\wget.exe Queries volume information: C:\Users\user\Desktop\download VolumeInformation Jump to behavior
Source: C:\Windows\Temp\{B430B43B-6E75-4804-BCFD-37DBF80ECCF7}\.cr\vcredist_x64.exe Queries volume information: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.ba\logo.png VolumeInformation Jump to behavior
Source: C:\ProgramData\Package Cache\{40d3fee2-b257-46c2-bdc0-cb1088d97327}\VC_redist.x64.exe Queries volume information: C:\Windows\Temp\{9BCC3480-CDF5-4D98-B3FD-8A6800206E32}\.ba\logo.png VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\is-9NTLG.tmp\vcredist_x64.exe Code function: 27_2_00C94CE8 ConvertStringSecurityDescriptorToSecurityDescriptorW,GetLastError,CreateNamedPipeW,GetLastError,CreateNamedPipeW,GetLastError,CloseHandle,LocalFree, 27_2_00C94CE8
Source: C:\Users\user\AppData\Local\Temp\is-M4I27.tmp\video_editor_x64.tmp Code function: 22_2_004B2868 GetSystemTimeAsFileTime,FileTimeToSystemTime, 22_2_004B2868
Source: C:\Users\user\AppData\Local\Temp\is-9NTLG.tmp\vcredist_x64.exe Code function: 27_2_00C860BA GetUserNameW,GetLastError, 27_2_00C860BA
Source: C:\Users\user\AppData\Local\Temp\is-9NTLG.tmp\vcredist_x64.exe Code function: 27_2_00CC8733 GetTimeZoneInformation,SystemTimeToTzSpecificLocalTime, 27_2_00CC8733
Source: C:\Users\user\Desktop\download\video_editor_x64.exe Code function: 20_2_004110C4 GetModuleHandleW,GetVersion,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,SetProcessDEPPolicy, 20_2_004110C4
Source: C:\Windows\Temp\{CEE95A1C-E22B-4560-8B03-72FA4E103FF8}\.be\VC_redist.x64.exe Key value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuid Jump to behavior
windows-stand
Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 process2 2 Behavior Graph ID: 326343 URL: http://www.videosoftdev.com... Startdate: 03/12/2020 Architecture: WINDOWS Score: 19 8 video_editor_x64.exe 2 2->8         started        11 cmd.exe 2 2->11         started        13 VC_redist.x64.exe 2->13         started        file3 40 C:\Users\user\...\video_editor_x64.tmp, PE32 8->40 dropped 15 video_editor_x64.tmp 58 508 8->15         started        17 wget.exe 2 11->17         started        21 conhost.exe 11->21         started        23 VC_redist.x64.exe 13->23         started        process4 dnsIp5 25 vcredist_x64.exe 3 15->25         started        50 198.251.66.75 ONEANDONE-ASBrauerstrasse48DE United States 17->50 52 8.8.8.8 GOOGLEUS United States 17->52 38 C:\Users\user\...\video_editor_x64.exe, PE32 17->38 dropped 28 VC_redist.x64.exe 23->28         started        file6 process7 file8 42 C:\Windows\Temp\...\vcredist_x64.exe, PE32 25->42 dropped 30 vcredist_x64.exe 71 25->30         started        44 C:\Windows\Temp\...\wixstdba.dll, PE32 28->44 dropped process9 file10 46 C:\Windows\Temp\...\VC_redist.x64.exe, PE32 30->46 dropped 48 C:\Windows\Temp\...\wixstdba.dll, PE32 30->48 dropped 33 VC_redist.x64.exe 30 18 30->33         started        process11 file12 36 C:\ProgramData\...\VC_redist.x64.exe, PE32 33->36 dropped
  • No. of IPs < 25%
  • 25% < No. of IPs < 50%
  • 50% < No. of IPs < 75%
  • 75% < No. of IPs

Contacted Public IPs

IP Domain Country Flag ASN ASN Name Malicious
8.8.8.8
 unknown United States
15169 GOOGLEUS false
198.251.66.75
 unknown United States
8560 ONEANDONE-ASBrauerstrasse48DE false