Source: Import shipment.exe, 00000004.00000002.596645917.0000000002DA1000.00000004.00000001.sdmp |
String found in binary or memory: http://127.0.0.1:HTTP/1.1 |
Source: Import shipment.exe, 00000004.00000002.597628700.00000000030A9000.00000004.00000001.sdmp, Import shipment.exe, 00000004.00000002.597917956.0000000003132000.00000004.00000001.sdmp |
String found in binary or memory: http://6LRWb2WTxgUtmmS44W.org |
Source: Import shipment.exe, 00000004.00000002.597628700.00000000030A9000.00000004.00000001.sdmp |
String found in binary or memory: http://6LRWb2WTxgUtmmS44W.org/ |
Source: Import shipment.exe, 00000004.00000002.596645917.0000000002DA1000.00000004.00000001.sdmp |
String found in binary or memory: http://DynDns.comDynDNS |
Source: Import shipment.exe, 00000004.00000002.597989848.0000000003145000.00000004.00000001.sdmp |
String found in binary or memory: http://crl.comodoca.com/AAACertificateServices.crl04 |
Source: Import shipment.exe, 00000004.00000002.602307313.0000000006DC0000.00000004.00000001.sdmp |
String found in binary or memory: http://crl.comodoca.com/AAACertificateServices.crl06 |
Source: Import shipment.exe, 00000004.00000002.597989848.0000000003145000.00000004.00000001.sdmp |
String found in binary or memory: http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt0# |
Source: Import shipment.exe, 00000004.00000002.597989848.0000000003145000.00000004.00000001.sdmp |
String found in binary or memory: http://ocsp.comodoca.com0 |
Source: Import shipment.exe, 00000004.00000002.597989848.0000000003145000.00000004.00000001.sdmp |
String found in binary or memory: http://ocsp.sectigo.com0- |
Source: Import shipment.exe, 00000004.00000002.602307313.0000000006DC0000.00000004.00000001.sdmp |
String found in binary or memory: http://ocsp.us_ |
Source: Import shipment.exe, 00000004.00000002.597989848.0000000003145000.00000004.00000001.sdmp |
String found in binary or memory: http://server126.web-hosting.com |
Source: Import shipment.exe, 00000004.00000002.596645917.0000000002DA1000.00000004.00000001.sdmp |
String found in binary or memory: http://ycagAe.com |
Source: Import shipment.exe, 00000004.00000002.596645917.0000000002DA1000.00000004.00000001.sdmp |
String found in binary or memory: https://api.ipify.org% |
Source: Import shipment.exe, 00000004.00000002.596645917.0000000002DA1000.00000004.00000001.sdmp |
String found in binary or memory: https://api.ipify.org%GETMozilla/5.0 |
Source: Import shipment.exe, 00000004.00000002.597989848.0000000003145000.00000004.00000001.sdmp |
String found in binary or memory: https://sectigo.com/CPS0 |
Source: Import shipment.exe, 00000004.00000002.594372140.0000000000402000.00000040.00000001.sdmp |
String found in binary or memory: https://www.theonionrouter.com/dist.torproject.org/torbrowser/9.5.3/tor-win32-0.4.3.6.zip |
Source: Import shipment.exe, 00000004.00000002.596645917.0000000002DA1000.00000004.00000001.sdmp |
String found in binary or memory: https://www.theonionrouter.com/dist.torproject.org/torbrowser/9.5.3/tor-win32-0.4.3.6.zip%tordir%%ha |
Source: C:\Users\user\Desktop\Import shipment.exe |
Code function: 1_2_00C2929D |
1_2_00C2929D |
Source: C:\Users\user\Desktop\Import shipment.exe |
Code function: 1_2_0162C164 |
1_2_0162C164 |
Source: C:\Users\user\Desktop\Import shipment.exe |
Code function: 1_2_0162E5A0 |
1_2_0162E5A0 |
Source: C:\Users\user\Desktop\Import shipment.exe |
Code function: 1_2_0162E5B0 |
1_2_0162E5B0 |
Source: C:\Users\user\Desktop\Import shipment.exe |
Code function: 1_2_00C29BE6 |
1_2_00C29BE6 |
Source: C:\Users\user\Desktop\Import shipment.exe |
Code function: 4_2_00A4929D |
4_2_00A4929D |
Source: C:\Users\user\Desktop\Import shipment.exe |
Code function: 4_2_010E20E8 |
4_2_010E20E8 |
Source: C:\Users\user\Desktop\Import shipment.exe |
Code function: 4_2_010F68D0 |
4_2_010F68D0 |
Source: C:\Users\user\Desktop\Import shipment.exe |
Code function: 4_2_010F5B70 |
4_2_010F5B70 |
Source: C:\Users\user\Desktop\Import shipment.exe |
Code function: 4_2_0117A400 |
4_2_0117A400 |
Source: C:\Users\user\Desktop\Import shipment.exe |
Code function: 4_2_0117DA58 |
4_2_0117DA58 |
Source: C:\Users\user\Desktop\Import shipment.exe |
Code function: 4_2_01171358 |
4_2_01171358 |
Source: C:\Users\user\Desktop\Import shipment.exe |
Code function: 4_2_0117AF00 |
4_2_0117AF00 |
Source: C:\Users\user\Desktop\Import shipment.exe |
Code function: 4_2_011A7D88 |
4_2_011A7D88 |
Source: C:\Users\user\Desktop\Import shipment.exe |
Code function: 4_2_011A95E8 |
4_2_011A95E8 |
Source: C:\Users\user\Desktop\Import shipment.exe |
Code function: 4_2_011A0842 |
4_2_011A0842 |
Source: C:\Users\user\Desktop\Import shipment.exe |
Code function: 4_2_011A9CF8 |
4_2_011A9CF8 |
Source: C:\Users\user\Desktop\Import shipment.exe |
Code function: 4_2_011A4B90 |
4_2_011A4B90 |
Source: C:\Users\user\Desktop\Import shipment.exe |
Code function: 4_2_011AAEA0 |
4_2_011AAEA0 |
Source: C:\Users\user\Desktop\Import shipment.exe |
Code function: 4_2_011A55F0 |
4_2_011A55F0 |
Source: C:\Users\user\Desktop\Import shipment.exe |
Code function: 4_2_011A54F2 |
4_2_011A54F2 |
Source: C:\Users\user\Desktop\Import shipment.exe |
Code function: 4_2_011AF0E0 |
4_2_011AF0E0 |
Source: C:\Users\user\Desktop\Import shipment.exe |
Code function: 4_2_011ACFC0 |
4_2_011ACFC0 |
Source: C:\Users\user\Desktop\Import shipment.exe |
Code function: 4_2_00A49BE6 |
4_2_00A49BE6 |
Source: Import shipment.exe, 00000001.00000002.343031540.0000000006151000.00000004.00000001.sdmp |
Binary or memory string: OriginalFilenameMajorRevision.exe< vs Import shipment.exe |
Source: Import shipment.exe, 00000001.00000002.343031540.0000000006151000.00000004.00000001.sdmp |
Binary or memory string: OriginalFilenameQyFaLfbUzQfTIkIbuCUUMRJDQpUQZYaMcbZv.exe4 vs Import shipment.exe |
Source: Import shipment.exe, 00000001.00000000.324852007.0000000000CC4000.00000002.00020000.sdmp |
Binary or memory string: OriginalFilenamer/ vs Import shipment.exe |
Source: Import shipment.exe, 00000001.00000002.337995716.0000000002F61000.00000004.00000001.sdmp |
Binary or memory string: OriginalFilenameMetroFramework.dll> vs Import shipment.exe |
Source: Import shipment.exe, 00000004.00000002.594801494.0000000000EF8000.00000004.00000001.sdmp |
Binary or memory string: OriginalFilenameUNKNOWN_FILET vs Import shipment.exe |
Source: Import shipment.exe, 00000004.00000002.596263207.0000000001370000.00000002.00000001.sdmp |
Binary or memory string: OriginalFilenamemscorrc.dllT vs Import shipment.exe |
Source: Import shipment.exe, 00000004.00000002.594702941.0000000000AE4000.00000002.00020000.sdmp |
Binary or memory string: OriginalFilenamer/ vs Import shipment.exe |
Source: Import shipment.exe, 00000004.00000002.596040784.00000000011FA000.00000004.00000020.sdmp |
Binary or memory string: OriginalFilenameclr.dllT vs Import shipment.exe |
Source: Import shipment.exe, 00000004.00000002.601626006.0000000005F80000.00000002.00000001.sdmp |
Binary or memory string: OriginalFilenameKernelbase.dll.muij% vs Import shipment.exe |
Source: Import shipment.exe, 00000004.00000002.594372140.0000000000402000.00000040.00000001.sdmp |
Binary or memory string: OriginalFilenameQyFaLfbUzQfTIkIbuCUUMRJDQpUQZYaMcbZv.exe4 vs Import shipment.exe |
Source: Import shipment.exe |
Binary or memory string: OriginalFilenamer/ vs Import shipment.exe |
Source: C:\Users\user\Desktop\Import shipment.exe |
Code function: 1_2_00C2B297 push cs; iretd |
1_2_00C2B29A |
Source: C:\Users\user\Desktop\Import shipment.exe |
Code function: 1_2_00C2B021 push cs; iretd |
1_2_00C2B024 |
Source: C:\Users\user\Desktop\Import shipment.exe |
Code function: 1_2_00C2B02F push cs; iretd |
1_2_00C2B032 |
Source: C:\Users\user\Desktop\Import shipment.exe |
Code function: 4_3_012D7D01 push edx; retf |
4_3_012D7D09 |
Source: C:\Users\user\Desktop\Import shipment.exe |
Code function: 4_2_00A4B021 push cs; iretd |
4_2_00A4B024 |
Source: C:\Users\user\Desktop\Import shipment.exe |
Code function: 4_2_00A4B02F push cs; iretd |
4_2_00A4B032 |
Source: C:\Users\user\Desktop\Import shipment.exe |
Code function: 4_2_00A4B297 push cs; iretd |
4_2_00A4B29A |
Source: C:\Users\user\Desktop\Import shipment.exe |
Code function: 4_2_010FB5B7 push edi; retn 0000h |
4_2_010FB5B9 |
Source: C:\Users\user\Desktop\Import shipment.exe |
Code function: 4_2_010FD420 push ecx; retf |
4_2_010FD421 |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: Import shipment.exe, 00000001.00000002.343721953.0000000006588000.00000004.00000001.sdmp |
Binary or memory string: VMware SVGA IIOData Source=localhost\sqlexpress;Initial Catalog=dbSMS;Integrated Security=True |
Source: Import shipment.exe, 00000004.00000002.601626006.0000000005F80000.00000002.00000001.sdmp |
Binary or memory string: A Virtual Machine could not be started because Hyper-V is not installed. |
Source: Import shipment.exe, 00000001.00000002.343721953.0000000006588000.00000004.00000001.sdmp |
Binary or memory string: vmware |
Source: Import shipment.exe, 00000001.00000002.343721953.0000000006588000.00000004.00000001.sdmp |
Binary or memory string: C:\PROGRAM FILES\VMWARE\VMWARE TOOLS\ |
Source: Import shipment.exe, 00000001.00000002.343721953.0000000006588000.00000004.00000001.sdmp |
Binary or memory string: SOFTWARE\VMware, Inc.\VMware Tools |
Source: Import shipment.exe, 00000001.00000002.343721953.0000000006588000.00000004.00000001.sdmp |
Binary or memory string: VMWARE |
Source: Import shipment.exe, 00000001.00000002.343721953.0000000006588000.00000004.00000001.sdmp |
Binary or memory string: InstallPath%C:\PROGRAM FILES\VMWARE\VMWARE TOOLS\ |
Source: Import shipment.exe, 00000004.00000002.601626006.0000000005F80000.00000002.00000001.sdmp |
Binary or memory string: A communication protocol error has occurred between the Hyper-V Host and Guest Compute Service. |
Source: Import shipment.exe, 00000004.00000003.569143950.00000000012A9000.00000004.00000001.sdmp |
Binary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll= |
Source: Import shipment.exe, 00000004.00000002.601626006.0000000005F80000.00000002.00000001.sdmp |
Binary or memory string: The communication protocol version between the Hyper-V Host and Guest Compute Services is not supported. |
Source: Import shipment.exe, 00000001.00000002.343721953.0000000006588000.00000004.00000001.sdmp |
Binary or memory string: VMWARE"SOFTWARE\VMware, Inc.\VMware ToolsLHARDWARE\DEVICEMAP\Scsi\Scsi Port 1\Scsi Bus 0\Target Id 0\Logical Unit Id 0LHARDWARE\DEVICEMAP\Scsi\Scsi Port 2\Scsi Bus 0\Target Id 0\Logical Unit Id 0'SYSTEM\ControlSet001\Services\Disk\Enum |
Source: Import shipment.exe, 00000001.00000002.343721953.0000000006588000.00000004.00000001.sdmp |
Binary or memory string: VMware SVGA II |
Source: Import shipment.exe, 00000001.00000002.343721953.0000000006588000.00000004.00000001.sdmp |
Binary or memory string: vmwareNSYSTEM\ControlSet001\Control\Class\{4D36E968-E325-11CE-BFC1-08002BE10318}\0000 |
Source: Import shipment.exe, 00000004.00000002.601626006.0000000005F80000.00000002.00000001.sdmp |
Binary or memory string: An unknown internal message was received by the Hyper-V Compute Service. |
Source: C:\Users\user\Desktop\Import shipment.exe |
Queries volume information: C:\Users\user\Desktop\Import shipment.exe VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Queries volume information: C:\Users\user\Desktop\Import shipment.exe VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\Import shipment.exe |
Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll VolumeInformation |
Jump to behavior |