Source: tLes2JdtRw.exe, 00000003.00000002.908393469.0000000003121000.00000004.00000001.sdmp | String found in binary or memory: http://127.0.0.1:HTTP/1.1 |
Source: tLes2JdtRw.exe, 00000003.00000002.908393469.0000000003121000.00000004.00000001.sdmp | String found in binary or memory: http://DynDns.comDynDNS |
Source: tLes2JdtRw.exe, 00000003.00000002.908393469.0000000003121000.00000004.00000001.sdmp | String found in binary or memory: http://qdovFN.com |
Source: tLes2JdtRw.exe, 00000000.00000002.655983993.0000000002BE1000.00000004.00000001.sdmp | String found in binary or memory: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name |
Source: tLes2JdtRw.exe, 00000003.00000002.908788243.000000000347D000.00000004.00000001.sdmp | String found in binary or memory: http://smtp.kaeiser.com |
Source: tLes2JdtRw.exe, 00000003.00000002.908788243.000000000347D000.00000004.00000001.sdmp | String found in binary or memory: http://us2.smtp.mailhostbox.com |
Source: tLes2JdtRw.exe, 00000003.00000002.908393469.0000000003121000.00000004.00000001.sdmp, tLes2JdtRw.exe, 00000003.00000002.908718423.000000000342C000.00000004.00000001.sdmp, tLes2JdtRw.exe, 00000003.00000002.908802618.0000000003487000.00000004.00000001.sdmp, tLes2JdtRw.exe, 00000003.00000002.908815420.000000000348C000.00000004.00000001.sdmp | String found in binary or memory: http://vn95dHBD7e.net |
Source: tLes2JdtRw.exe, 00000003.00000002.908393469.0000000003121000.00000004.00000001.sdmp | String found in binary or memory: http://vn95dHBD7e.net4 |
Source: tLes2JdtRw.exe, 00000003.00000002.908393469.0000000003121000.00000004.00000001.sdmp | String found in binary or memory: https://api.ipify.org% |
Source: tLes2JdtRw.exe, 00000003.00000002.908393469.0000000003121000.00000004.00000001.sdmp | String found in binary or memory: https://api.ipify.org%GETMozilla/5.0 |
Source: tLes2JdtRw.exe, 00000000.00000002.656178946.0000000002C25000.00000004.00000001.sdmp | String found in binary or memory: https://stackpath.bootstrapcdn.com/bootstrap/4.5.0/css/bootstrap.min.css |
Source: tLes2JdtRw.exe, 00000000.00000002.657948952.0000000003BE9000.00000004.00000001.sdmp, tLes2JdtRw.exe, 00000003.00000002.906500988.0000000000402000.00000040.00000001.sdmp | String found in binary or memory: https://www.theonionrouter.com/dist.torproject.org/torbrowser/9.5.3/tor-win32-0.4.3.6.zip |
Source: tLes2JdtRw.exe, 00000003.00000002.908393469.0000000003121000.00000004.00000001.sdmp | String found in binary or memory: https://www.theonionrouter.com/dist.torproject.org/torbrowser/9.5.3/tor-win32-0.4.3.6.zip%tordir%%ha |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Code function: 0_2_011E41DF |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Code function: 0_2_011E6A49 |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Code function: 0_2_011E417E |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Code function: 0_2_011E419E |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Code function: 0_2_011E39B8 |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Code function: 0_2_011E0006 |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Code function: 0_2_011E0040 |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Code function: 0_2_011E20D8 |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Code function: 0_2_011E20C8 |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Code function: 0_2_011E3BB8 |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Code function: 0_2_011E3BA8 |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Code function: 0_2_011E1538 |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Code function: 0_2_011E1548 |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Code function: 0_2_011E3F97 |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Code function: 0_2_011E3FA8 |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Code function: 0_2_02B7C2B0 |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Code function: 0_2_02B799D8 |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Code function: 3_2_01175520 |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Code function: 3_2_0117B838 |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Code function: 3_2_011767C0 |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Code function: 3_2_014AB120 |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Code function: 3_2_014A0818 |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Code function: 3_2_014A0C58 |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Code function: 3_2_014A6F88 |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Code function: 3_2_014A35A0 |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Code function: 3_2_014A9738 |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Code function: 3_2_014AE7E8 |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Code function: 3_2_014C2D50 |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Code function: 3_2_014CB460 |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Code function: 3_2_014C2768 |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Code function: 3_2_014CAB20 |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Code function: 3_2_014C1FF0 |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Code function: 3_2_014CDEA8 |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Code function: 3_2_014C9DB8 |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Code function: 3_2_015746A0 |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Code function: 3_2_01575371 |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Code function: 3_2_015735C4 |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Code function: 3_2_015745B0 |
Source: tLes2JdtRw.exe, 00000000.00000000.641516490.0000000000852000.00000002.00020000.sdmp | Binary or memory string: OriginalFilenameBindableVectorToListAdapter.exeP vs tLes2JdtRw.exe |
Source: tLes2JdtRw.exe, 00000000.00000002.656178946.0000000002C25000.00000004.00000001.sdmp | Binary or memory string: OriginalFilenameSimpleUI.dll( vs tLes2JdtRw.exe |
Source: tLes2JdtRw.exe, 00000000.00000002.655983993.0000000002BE1000.00000004.00000001.sdmp | Binary or memory string: OriginalFilenameUPUUHYtnpTKoXtyRejHoSmyBkdQcDqfWz.exe4 vs tLes2JdtRw.exe |
Source: tLes2JdtRw.exe, 00000000.00000002.660476002.0000000005EF0000.00000004.00000001.sdmp | Binary or memory string: OriginalFilenameDSASignature.dll@ vs tLes2JdtRw.exe |
Source: tLes2JdtRw.exe, 00000003.00000000.653585012.0000000000D02000.00000002.00020000.sdmp | Binary or memory string: OriginalFilenameBindableVectorToListAdapter.exeP vs tLes2JdtRw.exe |
Source: tLes2JdtRw.exe, 00000003.00000002.907690197.00000000014F0000.00000002.00000001.sdmp | Binary or memory string: OriginalFilenamemscorrc.dllT vs tLes2JdtRw.exe |
Source: tLes2JdtRw.exe, 00000003.00000002.906500988.0000000000402000.00000040.00000001.sdmp | Binary or memory string: OriginalFilenameUPUUHYtnpTKoXtyRejHoSmyBkdQcDqfWz.exe4 vs tLes2JdtRw.exe |
Source: tLes2JdtRw.exe, 00000003.00000002.907418762.0000000001379000.00000004.00000020.sdmp | Binary or memory string: OriginalFilenameclr.dllT vs tLes2JdtRw.exe |
Source: tLes2JdtRw.exe, 00000003.00000002.907733763.0000000001560000.00000002.00000001.sdmp | Binary or memory string: OriginalFilenamewshom.ocx.mui vs tLes2JdtRw.exe |
Source: tLes2JdtRw.exe, 00000003.00000002.906774932.00000000010F8000.00000004.00000001.sdmp | Binary or memory string: OriginalFilenameUNKNOWN_FILET vs tLes2JdtRw.exe |
Source: tLes2JdtRw.exe, 00000003.00000002.907644228.00000000014B0000.00000002.00000001.sdmp | Binary or memory string: OriginalFilenamewshom.ocx vs tLes2JdtRw.exe |
Source: tLes2JdtRw.exe | Binary or memory string: OriginalFilenameBindableVectorToListAdapter.exeP vs tLes2JdtRw.exe |
Source: tLes2JdtRw.exe, 00000000.00000002.656178946.0000000002C25000.00000004.00000001.sdmp | Binary or memory string: Select * from Clientes WHERE id=@id;; |
Source: tLes2JdtRw.exe, 00000000.00000002.656178946.0000000002C25000.00000004.00000001.sdmp | Binary or memory string: Select * from Aluguel Erro ao listar Banco sql-Aluguel.INSERT INTO Aluguel VALUES(@clienteID, @data); |
Source: tLes2JdtRw.exe, 00000000.00000002.656178946.0000000002C25000.00000004.00000001.sdmp | Binary or memory string: Select * from SecurityLogonType WHERE id=@id; |
Source: tLes2JdtRw.exe, 00000000.00000002.656178946.0000000002C25000.00000004.00000001.sdmp | Binary or memory string: Select * from SecurityLogonType WHERE modelo=@modelo; |
Source: tLes2JdtRw.exe, 00000000.00000002.656178946.0000000002C25000.00000004.00000001.sdmp | Binary or memory string: INSERT INTO Itens_Aluguel VALUES(@aluguelID, @aviaoID, @validade); |
Source: tLes2JdtRw.exe, 00000000.00000002.656178946.0000000002C25000.00000004.00000001.sdmp | Binary or memory string: Insert into Clientes values (@nome, @cpf, @rg, @cidade, @endereco, @uf, @telefone); |
Source: tLes2JdtRw.exe, 00000000.00000002.656178946.0000000002C25000.00000004.00000001.sdmp | Binary or memory string: INSERT INTO Aluguel VALUES(@clienteID, @data); |
Source: tLes2JdtRw.exe, 00000000.00000002.656178946.0000000002C25000.00000004.00000001.sdmp | Binary or memory string: INSERT INTO SecurityLogonType VALUES(@modelo, @fabricante, @ano, @cor); |
Source: tLes2JdtRw.exe, 00000000.00000002.656178946.0000000002C25000.00000004.00000001.sdmp | Binary or memory string: Select * from SecurityLogonType*Erro ao listar Banco sql-SecurityLogonType,Select * from SecurityLogonType WHERE id=@id;Select * from SecurityLogonType WHERE (modelo LIKE @modelo) |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Process information set: NOOPENFILEERRORBOX |
Source: tLes2JdtRw.exe, 00000000.00000002.656178946.0000000002C25000.00000004.00000001.sdmp | Binary or memory string: vmware |
Source: tLes2JdtRw.exe, 00000000.00000002.656178946.0000000002C25000.00000004.00000001.sdmp | Binary or memory string: C:\PROGRAM FILES\VMWARE\VMWARE TOOLS\ |
Source: tLes2JdtRw.exe, 00000000.00000002.656178946.0000000002C25000.00000004.00000001.sdmp | Binary or memory string: SOFTWARE\VMware, Inc.\VMware Tools |
Source: tLes2JdtRw.exe, 00000000.00000002.656178946.0000000002C25000.00000004.00000001.sdmp | Binary or memory string: VMware SVGA II!Add-MpPreference -ExclusionPath " |
Source: tLes2JdtRw.exe, 00000000.00000002.656178946.0000000002C25000.00000004.00000001.sdmp | Binary or memory string: VMWARE |
Source: tLes2JdtRw.exe, 00000003.00000002.907501327.00000000013EA000.00000004.00000020.sdmp | Binary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll6/ |
Source: tLes2JdtRw.exe, 00000000.00000002.656178946.0000000002C25000.00000004.00000001.sdmp | Binary or memory string: InstallPath%C:\PROGRAM FILES\VMWARE\VMWARE TOOLS\ |
Source: tLes2JdtRw.exe, 00000000.00000002.656178946.0000000002C25000.00000004.00000001.sdmp | Binary or memory string: VMWARE"SOFTWARE\VMware, Inc.\VMware ToolsLHARDWARE\DEVICEMAP\Scsi\Scsi Port 1\Scsi Bus 0\Target Id 0\Logical Unit Id 0LHARDWARE\DEVICEMAP\Scsi\Scsi Port 2\Scsi Bus 0\Target Id 0\Logical Unit Id 0'SYSTEM\ControlSet001\Services\Disk\Enum |
Source: tLes2JdtRw.exe, 00000000.00000002.656178946.0000000002C25000.00000004.00000001.sdmp | Binary or memory string: VMware SVGA II |
Source: tLes2JdtRw.exe, 00000000.00000002.656178946.0000000002C25000.00000004.00000001.sdmp | Binary or memory string: vmwareNSYSTEM\ControlSet001\Control\Class\{4D36E968-E325-11CE-BFC1-08002BE10318}\0000 |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Queries volume information: C:\Users\user\Desktop\tLes2JdtRw.exe VolumeInformation |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll VolumeInformation |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformation |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll VolumeInformation |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll VolumeInformation |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll VolumeInformation |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Queries volume information: C:\Users\user\Desktop\tLes2JdtRw.exe VolumeInformation |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformation |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll VolumeInformation |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll VolumeInformation |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll VolumeInformation |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll VolumeInformation |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll VolumeInformation |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll VolumeInformation |
Source: C:\Users\user\Desktop\tLes2JdtRw.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll VolumeInformation |