Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Code function: 1_2_01686C71 | 1_2_01686C71 |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Code function: 1_2_01684FA0 | 1_2_01684FA0 |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Code function: 1_2_0168B980 | 1_2_0168B980 |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Code function: 1_2_0168B990 | 1_2_0168B990 |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Code function: 2_2_07547EA0 | 2_2_07547EA0 |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Code function: 2_2_07547EA0 | 2_2_07547EA0 |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Code function: 5_2_00D07880 | 5_2_00D07880 |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Code function: 5_2_00D05010 | 5_2_00D05010 |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Code function: 5_2_00D05E40 | 5_2_00D05E40 |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Code function: 5_2_00D09F3A | 5_2_00D09F3A |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Code function: 5_2_00D031E0 | 5_2_00D031E0 |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Code function: 5_2_00D00460 | 5_2_00D00460 |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Code function: 5_2_00D1D578 | 5_2_00D1D578 |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Code function: 5_2_00D1317E | 5_2_00D1317E |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Code function: 5_2_00D1EA08 | 5_2_00D1EA08 |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Code function: 5_2_00D11FE0 | 5_2_00D11FE0 |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Code function: 5_2_00D12768 | 5_2_00D12768 |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Code function: 5_2_00D1BAB0 | 5_2_00D1BAB0 |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Code function: 5_2_011D5840 | 5_2_011D5840 |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Code function: 5_2_011DBAC8 | 5_2_011DBAC8 |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Code function: 5_2_011D6F60 | 5_2_011D6F60 |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Code function: 5_2_011F35C8 | 5_2_011F35C8 |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Code function: 5_2_011F0040 | 5_2_011F0040 |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Code function: 5_2_011F4355 | 5_2_011F4355 |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Code function: 5_2_011F7A40 | 5_2_011F7A40 |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Code function: 5_2_011FAD00 | 5_2_011FAD00 |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Code function: 5_2_011FED38 | 5_2_011FED38 |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Code function: 5_2_011FADE1 | 5_2_011FADE1 |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Code function: 5_2_011F0E68 | 5_2_011F0E68 |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Code function: 5_2_05134772 | 5_2_05134772 |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Code function: 5_2_05133EA8 | 5_2_05133EA8 |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Code function: 5_2_05134827 | 5_2_05134827 |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Code function: 5_2_05133D4F | 5_2_05133D4F |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Code function: 10_2_02A74FB0 | 10_2_02A74FB0 |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Code function: 10_2_02A76C80 | 10_2_02A76C80 |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Code function: 10_2_02A7B980 | 10_2_02A7B980 |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Code function: 10_2_02A7B990 | 10_2_02A7B990 |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Code function: 15_2_04C6D138 | 15_2_04C6D138 |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Code function: 15_2_04C6D1C3 | 15_2_04C6D1C3 |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Code function: 15_2_07F04AB8 | 15_2_07F04AB8 |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Code function: 15_2_07F0AF18 | 15_2_07F0AF18 |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Code function: 15_2_07F0AF07 | 15_2_07F0AF07 |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Code function: 15_2_07F04AA9 | 15_2_07F04AA9 |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Code function: 15_2_08049AD8 | 15_2_08049AD8 |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Code function: 15_2_080450C8 | 15_2_080450C8 |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Code function: 15_2_0804C4A0 | 15_2_0804C4A0 |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Code function: 15_2_0804AAD8 | 15_2_0804AAD8 |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Code function: 15_2_08046B30 | 15_2_08046B30 |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Code function: 15_2_080450BA | 15_2_080450BA |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Code function: 15_2_0804C4A0 | 15_2_0804C4A0 |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Code function: 15_2_08078AD0 | 15_2_08078AD0 |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Code function: 15_2_08078AD0 | 15_2_08078AD0 |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Code function: 15_2_08070006 | 15_2_08070006 |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Code function: 15_2_08070040 | 15_2_08070040 |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Code function: 20_2_02CA4750 | 20_2_02CA4750 |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Code function: 20_2_02CA3D2C | 20_2_02CA3D2C |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Code function: 20_2_02CA81B9 | 20_2_02CA81B9 |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Code function: 20_2_02CA4827 | 20_2_02CA4827 |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Code function: 20_2_02CA54D2 | 20_2_02CA54D2 |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Code function: 20_2_02CA3D20 | 20_2_02CA3D20 |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Queries volume information: C:\Users\user\Desktop\NKPhba0VZI.exe VolumeInformation | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformation | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll VolumeInformation | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll VolumeInformation | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.PowerShell.ConsoleHost\v4.0_3.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.ConsoleHost.dll VolumeInformation | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Automation\v4.0_3.0.0.0__31bf3856ad364e35\System.Management.Automation.dll VolumeInformation | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll VolumeInformation | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll VolumeInformation | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll VolumeInformation | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.PowerShell.Security\v4.0_3.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Security.dll VolumeInformation | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Queries volume information: C:\ VolumeInformation | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Management\v4.0_3.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Commands.Management.dll VolumeInformation | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll VolumeInformation | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll VolumeInformation | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformation | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Queries volume information: C:\Users\user\Desktop\NKPhba0VZI.exe VolumeInformation | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformation | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll VolumeInformation | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll VolumeInformation | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll VolumeInformation | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll VolumeInformation | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll VolumeInformation | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll VolumeInformation | Jump to behavior |
Source: C:\Users\user\Desktop\NKPhba0VZI.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll VolumeInformation | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Queries volume information: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe VolumeInformation | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformation | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll VolumeInformation | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll VolumeInformation | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.PowerShell.ConsoleHost\v4.0_3.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.ConsoleHost.dll VolumeInformation | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Automation\v4.0_3.0.0.0__31bf3856ad364e35\System.Management.Automation.dll VolumeInformation | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll VolumeInformation | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll VolumeInformation | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll VolumeInformation | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.PowerShell.Security\v4.0_3.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Security.dll VolumeInformation | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Queries volume information: C:\ VolumeInformation | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Management\v4.0_3.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Commands.Management.dll VolumeInformation | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll VolumeInformation | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll VolumeInformation | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformation | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Queries volume information: C:\ VolumeInformation | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Utility\v4.0_3.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Commands.Utility.dll VolumeInformation | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation | Jump to behavior |
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Queries volume information: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe VolumeInformation | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformation | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll VolumeInformation | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll VolumeInformation | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll VolumeInformation | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll VolumeInformation | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Drivers.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll VolumeInformation | Jump to behavior |