Source: TNT eInvoice.exe, 00000003.00000002.495864254.000000000304B000.00000004.00000001.sdmp | String found in binary or memory: http://cacerts.digicert.com/CloudflareIncECCCA-3.crt0 |
Source: TNT eInvoice.exe, 00000003.00000002.495644136.0000000003001000.00000004.00000001.sdmp | String found in binary or memory: http://checkip.dyndns.org |
Source: TNT eInvoice.exe, 00000003.00000002.495644136.0000000003001000.00000004.00000001.sdmp | String found in binary or memory: http://checkip.dyndns.org/ |
Source: TNT eInvoice.exe, 00000003.00000002.495644136.0000000003001000.00000004.00000001.sdmp | String found in binary or memory: http://checkip.dyndns.org/HB |
Source: TNT eInvoice.exe, 00000003.00000002.495152887.00000000013D0000.00000004.00000020.sdmp | String found in binary or memory: http://crl3.digicert.com/Cloudfl |
Source: TNT eInvoice.exe, 00000003.00000002.495864254.000000000304B000.00000004.00000001.sdmp | String found in binary or memory: http://crl3.digicert.com/CloudflareIncECCCA-3.crl07 |
Source: TNT eInvoice.exe, 00000003.00000002.495264713.000000000140C000.00000004.00000020.sdmp | String found in binary or memory: http://crl3.digicert.com/Omniroot2025.crl0m |
Source: TNT eInvoice.exe, 00000003.00000002.495152887.00000000013D0000.00000004.00000020.sdmp | String found in binary or memory: http://crl3.digicert.com/Omniroot20L |
Source: TNT eInvoice.exe, 00000003.00000002.495152887.00000000013D0000.00000004.00000020.sdmp | String found in binary or memory: http://crl4.digicert.com/CloudflareIncECCCA-3.c |
Source: TNT eInvoice.exe, 00000003.00000002.495864254.000000000304B000.00000004.00000001.sdmp | String found in binary or memory: http://crl4.digicert.com/CloudflareIncECCCA-3.crl0L |
Source: TNT eInvoice.exe, 00000003.00000002.495864254.000000000304B000.00000004.00000001.sdmp | String found in binary or memory: http://ocsp.digicert.com0 |
Source: TNT eInvoice.exe, 00000003.00000002.495264713.000000000140C000.00000004.00000020.sdmp | String found in binary or memory: http://ocsp.digicert.com0: |
Source: TNT eInvoice.exe, 00000000.00000002.232843003.0000000002511000.00000004.00000001.sdmp, TNT eInvoice.exe, 00000003.00000002.495644136.0000000003001000.00000004.00000001.sdmp | String found in binary or memory: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name |
Source: TNT eInvoice.exe, 00000003.00000002.495644136.0000000003001000.00000004.00000001.sdmp | String found in binary or memory: https://api.telegram.org/bot/sendMessage?chat_id=&text=Createutf-8 |
Source: TNT eInvoice.exe, 00000003.00000002.495864254.000000000304B000.00000004.00000001.sdmp | String found in binary or memory: https://freegeoip.app |
Source: TNT eInvoice.exe, 00000003.00000002.495864254.000000000304B000.00000004.00000001.sdmp | String found in binary or memory: https://freegeoip.app/xml/ |
Source: TNT eInvoice.exe, 00000003.00000002.495864254.000000000304B000.00000004.00000001.sdmp | String found in binary or memory: https://freegeoip.app/xml/84.17.52.78 |
Source: TNT eInvoice.exe, 00000003.00000002.495644136.0000000003001000.00000004.00000001.sdmp | String found in binary or memory: https://freegeoip.app/xml/LoadCountryNameClipboard |
Source: TNT eInvoice.exe, 00000003.00000002.495973738.0000000003069000.00000004.00000001.sdmp, TNT eInvoice.exe, 00000003.00000002.495864254.000000000304B000.00000004.00000001.sdmp | String found in binary or memory: https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct |
Source: TNT eInvoice.exe, 00000000.00000002.232843003.0000000002511000.00000004.00000001.sdmp | String found in binary or memory: https://stackpath.bootstrapcdn.com/bootstrap/4.5.0/css/bootstrap.min.css |
Source: TNT eInvoice.exe, 00000003.00000002.495152887.00000000013D0000.00000004.00000020.sdmp | String found in binary or memory: https://www.digicert.com/C |
Source: TNT eInvoice.exe, 00000003.00000002.495864254.000000000304B000.00000004.00000001.sdmp | String found in binary or memory: https://www.digicert.com/CPS0 |
Source: TNT eInvoice.exe, Health_Point_Game/FormatterTypeStyle.cs | Long String: Length: 14776 |
Source: 0.2.TNT eInvoice.exe.f0000.0.unpack, Health_Point_Game/FormatterTypeStyle.cs | Long String: Length: 14776 |
Source: 0.0.TNT eInvoice.exe.f0000.0.unpack, Health_Point_Game/FormatterTypeStyle.cs | Long String: Length: 14776 |
Source: 1.2.TNT eInvoice.exe.2a0000.0.unpack, Health_Point_Game/FormatterTypeStyle.cs | Long String: Length: 14776 |
Source: 1.0.TNT eInvoice.exe.2a0000.0.unpack, Health_Point_Game/FormatterTypeStyle.cs | Long String: Length: 14776 |
Source: 3.0.TNT eInvoice.exe.c10000.0.unpack, Health_Point_Game/FormatterTypeStyle.cs | Long String: Length: 14776 |
Source: 3.2.TNT eInvoice.exe.c10000.1.unpack, Health_Point_Game/FormatterTypeStyle.cs | Long String: Length: 14776 |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Code function: 0_2_0230FB20 | 0_2_0230FB20 |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Code function: 0_2_0230C2B0 | 0_2_0230C2B0 |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Code function: 0_2_0230F73D | 0_2_0230F73D |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Code function: 0_2_02309990 | 0_2_02309990 |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Code function: 3_2_05B1F488 | 3_2_05B1F488 |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Code function: 3_2_05B1EC50 | 3_2_05B1EC50 |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Code function: 3_2_05B11C00 | 3_2_05B11C00 |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Code function: 3_2_05B14FA0 | 3_2_05B14FA0 |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Code function: 3_2_05B147A0 | 3_2_05B147A0 |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Code function: 3_2_05B13FA0 | 3_2_05B13FA0 |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Code function: 3_2_05B137F0 | 3_2_05B137F0 |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Code function: 3_2_05B137E1 | 3_2_05B137E1 |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Code function: 3_2_05B10EA8 | 3_2_05B10EA8 |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Code function: 3_2_05B1F1F8 | 3_2_05B1F1F8 |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Code function: 3_2_05B17932 | 3_2_05B17932 |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Code function: 3_2_05B17940 | 3_2_05B17940 |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Code function: 3_2_05B10006 | 3_2_05B10006 |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Code function: 3_2_05B10040 | 3_2_05B10040 |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Code function: 3_2_06732778 | 3_2_06732778 |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Code function: 3_2_06734740 | 3_2_06734740 |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Code function: 3_2_067307D8 | 3_2_067307D8 |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Code function: 3_2_06730040 | 3_2_06730040 |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Code function: 3_2_06734F28 | 3_2_06734F28 |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Code function: 3_2_06730FC0 | 3_2_06730FC0 |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Code function: 3_2_06732F88 | 3_2_06732F88 |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Code function: 3_2_06733770 | 3_2_06733770 |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Code function: 3_2_067317A8 | 3_2_067317A8 |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Code function: 3_2_06733F58 | 3_2_06733F58 |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Code function: 3_2_06731F90 | 3_2_06731F90 |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Code function: 3_2_06730007 | 3_2_06730007 |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Code function: 3_2_06734F17 | 3_2_06734F17 |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Code function: 3_2_06733760 | 3_2_06733760 |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Code function: 3_2_06731799 | 3_2_06731799 |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Code function: 3_2_06767E68 | 3_2_06767E68 |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Code function: 3_2_06768650 | 3_2_06768650 |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Code function: 3_2_06768E38 | 3_2_06768E38 |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Code function: 3_2_06769620 | 3_2_06769620 |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Code function: 3_2_06769E08 | 3_2_06769E08 |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Code function: 3_2_06766EE8 | 3_2_06766EE8 |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Code function: 3_2_067676D0 | 3_2_067676D0 |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Code function: 3_2_06764760 | 3_2_06764760 |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Code function: 3_2_06764F48 | 3_2_06764F48 |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Code function: 3_2_06765730 | 3_2_06765730 |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Code function: 3_2_06765F18 | 3_2_06765F18 |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Code function: 3_2_06766700 | 3_2_06766700 |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Code function: 3_2_06762FF8 | 3_2_06762FF8 |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Code function: 3_2_06763FC8 | 3_2_06763FC8 |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Code function: 3_2_06763790 | 3_2_06763790 |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Code function: 3_2_0676A5F0 | 3_2_0676A5F0 |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Code function: 3_2_0676CDD0 | 3_2_0676CDD0 |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Code function: 3_2_0676ADD8 | 3_2_0676ADD8 |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Code function: 3_2_0676B5C0 | 3_2_0676B5C0 |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Code function: 3_2_0676D5B8 | 3_2_0676D5B8 |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Code function: 3_2_0676BDA8 | 3_2_0676BDA8 |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Code function: 3_2_0676C598 | 3_2_0676C598 |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Code function: 3_2_0676F278 | 3_2_0676F278 |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Code function: 3_2_0676EAC8 | 3_2_0676EAC8 |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Code function: 3_2_06760040 | 3_2_06760040 |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Code function: 3_2_06766ED7 | 3_2_06766ED7 |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Code function: 3_2_067676C7 | 3_2_067676C7 |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Code function: 3_2_06762FE8 | 3_2_06762FE8 |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Code function: 3_2_06763FBB | 3_2_06763FBB |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Code function: 3_2_06760007 | 3_2_06760007 |
Source: TNT eInvoice.exe | Binary or memory string: OriginalFilename vs TNT eInvoice.exe |
Source: TNT eInvoice.exe, 00000000.00000002.232843003.0000000002511000.00000004.00000001.sdmp | Binary or memory string: OriginalFilename8MC0UDR6.exe4 vs TNT eInvoice.exe |
Source: TNT eInvoice.exe, 00000000.00000002.237044575.0000000005501000.00000004.00000001.sdmp | Binary or memory string: OriginalFilenameAsyncState.dllF vs TNT eInvoice.exe |
Source: TNT eInvoice.exe, 00000000.00000002.237907630.000000000DAB0000.00000004.00000001.sdmp | Binary or memory string: OriginalFilenameLegacyPathHandling.dllN vs TNT eInvoice.exe |
Source: TNT eInvoice.exe | Binary or memory string: OriginalFilename vs TNT eInvoice.exe |
Source: TNT eInvoice.exe | Binary or memory string: OriginalFilename vs TNT eInvoice.exe |
Source: TNT eInvoice.exe, 00000003.00000002.492445341.0000000000466000.00000040.00000001.sdmp | Binary or memory string: OriginalFilename8MC0UDR6.exe4 vs TNT eInvoice.exe |
Source: TNT eInvoice.exe, 00000003.00000002.494362718.00000000011D0000.00000002.00000001.sdmp | Binary or memory string: OriginalFilenameCRYPT32.DLL.MUIj% vs TNT eInvoice.exe |
Source: TNT eInvoice.exe, 00000003.00000002.493073866.00000000010F6000.00000004.00000001.sdmp | Binary or memory string: OriginalFilenameUNKNOWN_FILET vs TNT eInvoice.exe |
Source: TNT eInvoice.exe | Binary or memory string: OriginalFilenameStreamingContextStates.exe: vs TNT eInvoice.exe |
Source: TNT eInvoice.exe, Health_Point_Game/FallbackBuffer.cs | .Net Code: WSTRBufferMarshaler System.Reflection.Assembly System.Reflection.Assembly::Load(System.Byte[]) |
Source: 0.2.TNT eInvoice.exe.f0000.0.unpack, Health_Point_Game/FallbackBuffer.cs | .Net Code: WSTRBufferMarshaler System.Reflection.Assembly System.Reflection.Assembly::Load(System.Byte[]) |
Source: 0.0.TNT eInvoice.exe.f0000.0.unpack, Health_Point_Game/FallbackBuffer.cs | .Net Code: WSTRBufferMarshaler System.Reflection.Assembly System.Reflection.Assembly::Load(System.Byte[]) |
Source: 1.2.TNT eInvoice.exe.2a0000.0.unpack, Health_Point_Game/FallbackBuffer.cs | .Net Code: WSTRBufferMarshaler System.Reflection.Assembly System.Reflection.Assembly::Load(System.Byte[]) |
Source: 1.0.TNT eInvoice.exe.2a0000.0.unpack, Health_Point_Game/FallbackBuffer.cs | .Net Code: WSTRBufferMarshaler System.Reflection.Assembly System.Reflection.Assembly::Load(System.Byte[]) |
Source: 3.0.TNT eInvoice.exe.c10000.0.unpack, Health_Point_Game/FallbackBuffer.cs | .Net Code: WSTRBufferMarshaler System.Reflection.Assembly System.Reflection.Assembly::Load(System.Byte[]) |
Source: 3.2.TNT eInvoice.exe.c10000.1.unpack, Health_Point_Game/FallbackBuffer.cs | .Net Code: WSTRBufferMarshaler System.Reflection.Assembly System.Reflection.Assembly::Load(System.Byte[]) |
Source: Yara match | File source: 00000003.00000002.491721334.0000000000402000.00000040.00000001.sdmp, type: MEMORY |
Source: Yara match | File source: 00000000.00000002.233109671.0000000003519000.00000004.00000001.sdmp, type: MEMORY |
Source: Yara match | File source: Process Memory Space: TNT eInvoice.exe PID: 6444, type: MEMORY |
Source: Yara match | File source: Process Memory Space: TNT eInvoice.exe PID: 6332, type: MEMORY |
Source: Yara match | File source: 0.2.TNT eInvoice.exe.3940fd0.1.unpack, type: UNPACKEDPE |
Source: Yara match | File source: 3.2.TNT eInvoice.exe.400000.0.unpack, type: UNPACKEDPE |
Source: Yara match | File source: 0.2.TNT eInvoice.exe.378c720.2.raw.unpack, type: UNPACKEDPE |
Source: Yara match | File source: 0.2.TNT eInvoice.exe.3701500.3.raw.unpack, type: UNPACKEDPE |
Source: Yara match | File source: 0.2.TNT eInvoice.exe.3940fd0.1.raw.unpack, type: UNPACKEDPE |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: Yara match | File source: 00000003.00000002.491721334.0000000000402000.00000040.00000001.sdmp, type: MEMORY |
Source: Yara match | File source: 00000000.00000002.233109671.0000000003519000.00000004.00000001.sdmp, type: MEMORY |
Source: Yara match | File source: Process Memory Space: TNT eInvoice.exe PID: 6444, type: MEMORY |
Source: Yara match | File source: Process Memory Space: TNT eInvoice.exe PID: 6332, type: MEMORY |
Source: Yara match | File source: 0.2.TNT eInvoice.exe.3940fd0.1.unpack, type: UNPACKEDPE |
Source: Yara match | File source: 3.2.TNT eInvoice.exe.400000.0.unpack, type: UNPACKEDPE |
Source: Yara match | File source: 0.2.TNT eInvoice.exe.378c720.2.raw.unpack, type: UNPACKEDPE |
Source: Yara match | File source: 0.2.TNT eInvoice.exe.3701500.3.raw.unpack, type: UNPACKEDPE |
Source: Yara match | File source: 0.2.TNT eInvoice.exe.3940fd0.1.raw.unpack, type: UNPACKEDPE |
Source: TNT eInvoice.exe, 00000000.00000002.232843003.0000000002511000.00000004.00000001.sdmp | Binary or memory string: InstallPathJC:\PROGRAM FILES\VMWARE\VMWARE TOOLS\ |
Source: TNT eInvoice.exe, 00000000.00000002.232843003.0000000002511000.00000004.00000001.sdmp | Binary or memory string: vmware |
Source: TNT eInvoice.exe, 00000003.00000002.495152887.00000000013D0000.00000004.00000020.sdmp | Binary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dllk |
Source: TNT eInvoice.exe, 00000000.00000002.232843003.0000000002511000.00000004.00000001.sdmp | Binary or memory string: VMware SVGA II |
Source: TNT eInvoice.exe, 00000000.00000002.232843003.0000000002511000.00000004.00000001.sdmp | Binary or memory string: VMWAREDSOFTWARE\VMware, Inc.\VMware Tools |
Source: TNT eInvoice.exe, 00000003.00000002.495369500.00000000019D0000.00000002.00000001.sdmp | Binary or memory string: Shell_TrayWnd |
Source: TNT eInvoice.exe, 00000003.00000002.495369500.00000000019D0000.00000002.00000001.sdmp | Binary or memory string: Progman |
Source: TNT eInvoice.exe, 00000003.00000002.495369500.00000000019D0000.00000002.00000001.sdmp | Binary or memory string: SProgram Managerl |
Source: TNT eInvoice.exe, 00000003.00000002.495369500.00000000019D0000.00000002.00000001.sdmp | Binary or memory string: Shell_TrayWnd, |
Source: TNT eInvoice.exe, 00000003.00000002.495369500.00000000019D0000.00000002.00000001.sdmp | Binary or memory string: Progmanlock |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Queries volume information: C:\Users\user\Desktop\TNT eInvoice.exe VolumeInformation | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll VolumeInformation | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformation | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll VolumeInformation | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll VolumeInformation | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll VolumeInformation | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Queries volume information: C:\Users\user\Desktop\TNT eInvoice.exe VolumeInformation | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformation | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll VolumeInformation | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Extensions\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.Extensions.dll VolumeInformation | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll VolumeInformation | Jump to behavior |
Source: C:\Users\user\Desktop\TNT eInvoice.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll VolumeInformation | Jump to behavior |
Source: Yara match | File source: 00000003.00000002.491721334.0000000000402000.00000040.00000001.sdmp, type: MEMORY |
Source: Yara match | File source: 00000000.00000002.233109671.0000000003519000.00000004.00000001.sdmp, type: MEMORY |
Source: Yara match | File source: Process Memory Space: TNT eInvoice.exe PID: 6444, type: MEMORY |
Source: Yara match | File source: Process Memory Space: TNT eInvoice.exe PID: 6332, type: MEMORY |
Source: Yara match | File source: 0.2.TNT eInvoice.exe.3940fd0.1.unpack, type: UNPACKEDPE |
Source: Yara match | File source: 3.2.TNT eInvoice.exe.400000.0.unpack, type: UNPACKEDPE |
Source: Yara match | File source: 0.2.TNT eInvoice.exe.378c720.2.raw.unpack, type: UNPACKEDPE |
Source: Yara match | File source: 0.2.TNT eInvoice.exe.3701500.3.raw.unpack, type: UNPACKEDPE |
Source: Yara match | File source: 0.2.TNT eInvoice.exe.3940fd0.1.raw.unpack, type: UNPACKEDPE |
Source: Yara match | File source: 00000003.00000002.491721334.0000000000402000.00000040.00000001.sdmp, type: MEMORY |
Source: Yara match | File source: 00000000.00000002.233109671.0000000003519000.00000004.00000001.sdmp, type: MEMORY |
Source: Yara match | File source: Process Memory Space: TNT eInvoice.exe PID: 6444, type: MEMORY |
Source: Yara match | File source: Process Memory Space: TNT eInvoice.exe PID: 6332, type: MEMORY |
Source: Yara match | File source: 0.2.TNT eInvoice.exe.3940fd0.1.unpack, type: UNPACKEDPE |
Source: Yara match | File source: 3.2.TNT eInvoice.exe.400000.0.unpack, type: UNPACKEDPE |
Source: Yara match | File source: 0.2.TNT eInvoice.exe.378c720.2.raw.unpack, type: UNPACKEDPE |
Source: Yara match | File source: 0.2.TNT eInvoice.exe.3701500.3.raw.unpack, type: UNPACKEDPE |
Source: Yara match | File source: 0.2.TNT eInvoice.exe.3940fd0.1.raw.unpack, type: UNPACKEDPE |