| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A9AFE NtMapViewOfSection, |
0_2_020A9AFE |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A0BF8 NtWriteVirtualMemory,TerminateProcess, |
0_2_020A0BF8 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A86C3 NtWriteVirtualMemory, |
0_2_020A86C3 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A0703 EnumWindows,NtWriteVirtualMemory, |
0_2_020A0703 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A5F4C NtAllocateVirtualMemory, |
0_2_020A5F4C |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A95F4 NtProtectVirtualMemory, |
0_2_020A95F4 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A5224 NtWriteVirtualMemory, |
0_2_020A5224 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A52C4 NtWriteVirtualMemory, |
0_2_020A52C4 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A4AE1 NtWriteVirtualMemory, |
0_2_020A4AE1 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A5310 NtWriteVirtualMemory, |
0_2_020A5310 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A9B14 NtMapViewOfSection, |
0_2_020A9B14 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A9B30 NtMapViewOfSection, |
0_2_020A9B30 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A9B58 NtMapViewOfSection, |
0_2_020A9B58 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A4B5F NtWriteVirtualMemory, |
0_2_020A4B5F |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A9B54 NtMapViewOfSection, |
0_2_020A9B54 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A9B76 NtMapViewOfSection, |
0_2_020A9B76 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A538C NtWriteVirtualMemory, |
0_2_020A538C |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A9BB0 NtMapViewOfSection, |
0_2_020A9BB0 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A4BB4 NtWriteVirtualMemory, |
0_2_020A4BB4 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A53E8 NtWriteVirtualMemory, |
0_2_020A53E8 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A9BE0 NtMapViewOfSection, |
0_2_020A9BE0 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A5003 NtWriteVirtualMemory, |
0_2_020A5003 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A601C NtAllocateVirtualMemory, |
0_2_020A601C |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A4834 NtWriteVirtualMemory, |
0_2_020A4834 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A6074 NtAllocateVirtualMemory, |
0_2_020A6074 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A508A NtWriteVirtualMemory, |
0_2_020A508A |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A4880 NtWriteVirtualMemory, |
0_2_020A4880 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A50C0 NtWriteVirtualMemory, |
0_2_020A50C0 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A60F4 NtAllocateVirtualMemory, |
0_2_020A60F4 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A4907 NtWriteVirtualMemory, |
0_2_020A4907 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A5110 NtWriteVirtualMemory, |
0_2_020A5110 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A6138 NtAllocateVirtualMemory, |
0_2_020A6138 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A5168 NtWriteVirtualMemory, |
0_2_020A5168 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A4970 NtWriteVirtualMemory, |
0_2_020A4970 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A51B0 NtWriteVirtualMemory, |
0_2_020A51B0 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A49FC NtWriteVirtualMemory, |
0_2_020A49FC |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A4E38 NtWriteVirtualMemory, |
0_2_020A4E38 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A463C NtWriteVirtualMemory, |
0_2_020A463C |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A9E6C NtMapViewOfSection, |
0_2_020A9E6C |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A4E78 NtWriteVirtualMemory, |
0_2_020A4E78 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A4698 NtWriteVirtualMemory, |
0_2_020A4698 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A4EA7 NtWriteVirtualMemory, |
0_2_020A4EA7 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A4ED0 NtWriteVirtualMemory, |
0_2_020A4ED0 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A46E0 NtWriteVirtualMemory, |
0_2_020A46E0 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A4F2C NtWriteVirtualMemory, |
0_2_020A4F2C |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A8726 NtWriteVirtualMemory, |
0_2_020A8726 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A473C NtWriteVirtualMemory, |
0_2_020A473C |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A4F55 NtWriteVirtualMemory, |
0_2_020A4F55 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A4F79 NtWriteVirtualMemory, |
0_2_020A4F79 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A5F80 NtAllocateVirtualMemory, |
0_2_020A5F80 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A4FAC NtWriteVirtualMemory, |
0_2_020A4FAC |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A47DA NtWriteVirtualMemory, |
0_2_020A47DA |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A9C08 NtMapViewOfSection, |
0_2_020A9C08 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A9C18 NtMapViewOfSection, |
0_2_020A9C18 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A4C44 NtWriteVirtualMemory, |
0_2_020A4C44 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A9C50 NtMapViewOfSection, |
0_2_020A9C50 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A9C6C NtMapViewOfSection, |
0_2_020A9C6C |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A1C7E NtWriteVirtualMemory, |
0_2_020A1C7E |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A9C88 NtMapViewOfSection, |
0_2_020A9C88 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A9C98 NtMapViewOfSection, |
0_2_020A9C98 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A4CA4 NtWriteVirtualMemory, |
0_2_020A4CA4 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A9CB4 NtMapViewOfSection, |
0_2_020A9CB4 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A9CDC NtMapViewOfSection, |
0_2_020A9CDC |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A44FF NtWriteVirtualMemory, |
0_2_020A44FF |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A9CFC NtMapViewOfSection, |
0_2_020A9CFC |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A5510 NtWriteVirtualMemory, |
0_2_020A5510 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A9D20 NtMapViewOfSection, |
0_2_020A9D20 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A4D36 NtWriteVirtualMemory, |
0_2_020A4D36 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A4554 NtWriteVirtualMemory, |
0_2_020A4554 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A4D90 NtWriteVirtualMemory, |
0_2_020A4D90 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A95AF NtProtectVirtualMemory, |
0_2_020A95AF |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A8DBB NtWriteVirtualMemory, |
0_2_020A8DBB |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A9DBC NtMapViewOfSection, |
0_2_020A9DBC |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A4DD4 NtWriteVirtualMemory, |
0_2_020A4DD4 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A45F2 NtWriteVirtualMemory, |
0_2_020A45F2 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00569AFE NtQueryInformationProcess, |
7_2_00569AFE |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00560BF8 NtProtectVirtualMemory, |
7_2_00560BF8 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_005695F4 NtProtectVirtualMemory, |
7_2_005695F4 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00565F4C NtAllocateVirtualMemory, |
7_2_00565F4C |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00566074 NtAllocateVirtualMemory, |
7_2_00566074 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_0056601C NtAllocateVirtualMemory, |
7_2_0056601C |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_005660F4 NtAllocateVirtualMemory, |
7_2_005660F4 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00566138 NtAllocateVirtualMemory, |
7_2_00566138 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00569B54 NtQueryInformationProcess, |
7_2_00569B54 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00569B58 NtQueryInformationProcess, |
7_2_00569B58 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00569B76 NtQueryInformationProcess, |
7_2_00569B76 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00569B14 NtQueryInformationProcess, |
7_2_00569B14 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00569B30 NtQueryInformationProcess, |
7_2_00569B30 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00569BE0 NtQueryInformationProcess, |
7_2_00569BE0 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00569BB0 NtQueryInformationProcess, |
7_2_00569BB0 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00569C50 NtQueryInformationProcess, |
7_2_00569C50 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00569C6C NtQueryInformationProcess, |
7_2_00569C6C |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00569C18 NtQueryInformationProcess, |
7_2_00569C18 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00569C08 NtQueryInformationProcess, |
7_2_00569C08 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00569CDC NtQueryInformationProcess, |
7_2_00569CDC |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00569CFC NtQueryInformationProcess, |
7_2_00569CFC |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00569C98 NtQueryInformationProcess, |
7_2_00569C98 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00569C88 NtQueryInformationProcess, |
7_2_00569C88 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00569CB4 NtQueryInformationProcess, |
7_2_00569CB4 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00569D20 NtQueryInformationProcess, |
7_2_00569D20 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_0056158E NtProtectVirtualMemory, |
7_2_0056158E |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_005615BC NtProtectVirtualMemory, |
7_2_005615BC |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00569DBC NtQueryInformationProcess, |
7_2_00569DBC |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_005695AF NtProtectVirtualMemory, |
7_2_005695AF |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00561670 NtProtectVirtualMemory, |
7_2_00561670 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00569E6C NtQueryInformationProcess, |
7_2_00569E6C |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00561604 NtProtectVirtualMemory, |
7_2_00561604 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00565F80 NtAllocateVirtualMemory, |
7_2_00565F80 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F9AFE NtResumeThread, |
15_2_021F9AFE |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F0BF8 NtWriteVirtualMemory,TerminateProcess, |
15_2_021F0BF8 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F86C3 NtWriteVirtualMemory, |
15_2_021F86C3 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F0703 EnumWindows,NtWriteVirtualMemory, |
15_2_021F0703 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F5F4C NtAllocateVirtualMemory, |
15_2_021F5F4C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F95F4 NtProtectVirtualMemory, |
15_2_021F95F4 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F5224 NtWriteVirtualMemory, |
15_2_021F5224 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F52C4 NtWriteVirtualMemory, |
15_2_021F52C4 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F4AE1 NtWriteVirtualMemory, |
15_2_021F4AE1 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F9B14 NtResumeThread, |
15_2_021F9B14 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F5310 NtWriteVirtualMemory, |
15_2_021F5310 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F9B30 NtResumeThread, |
15_2_021F9B30 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F4B5F NtWriteVirtualMemory, |
15_2_021F4B5F |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F9B58 NtResumeThread, |
15_2_021F9B58 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F9B54 NtResumeThread, |
15_2_021F9B54 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F9B76 NtResumeThread, |
15_2_021F9B76 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F538C NtWriteVirtualMemory, |
15_2_021F538C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F4BB4 NtWriteVirtualMemory, |
15_2_021F4BB4 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F9BB0 NtResumeThread, |
15_2_021F9BB0 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F53E8 NtWriteVirtualMemory, |
15_2_021F53E8 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F9BE0 NtResumeThread, |
15_2_021F9BE0 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F601C NtAllocateVirtualMemory, |
15_2_021F601C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F5003 NtWriteVirtualMemory, |
15_2_021F5003 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F4834 NtWriteVirtualMemory, |
15_2_021F4834 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F6074 NtAllocateVirtualMemory, |
15_2_021F6074 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F508A NtWriteVirtualMemory, |
15_2_021F508A |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F4880 NtWriteVirtualMemory, |
15_2_021F4880 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F50C0 NtWriteVirtualMemory, |
15_2_021F50C0 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F60F4 NtAllocateVirtualMemory, |
15_2_021F60F4 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F5110 NtWriteVirtualMemory, |
15_2_021F5110 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F4907 NtWriteVirtualMemory, |
15_2_021F4907 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F6138 NtAllocateVirtualMemory, |
15_2_021F6138 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F4970 NtWriteVirtualMemory, |
15_2_021F4970 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F5168 NtWriteVirtualMemory, |
15_2_021F5168 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F51B0 NtWriteVirtualMemory, |
15_2_021F51B0 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F49FC NtWriteVirtualMemory, |
15_2_021F49FC |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F463C NtWriteVirtualMemory, |
15_2_021F463C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F4E38 NtWriteVirtualMemory, |
15_2_021F4E38 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F4E78 NtWriteVirtualMemory, |
15_2_021F4E78 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F9E6C NtResumeThread, |
15_2_021F9E6C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F4698 NtWriteVirtualMemory, |
15_2_021F4698 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F4EA7 NtWriteVirtualMemory, |
15_2_021F4EA7 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F4ED0 NtWriteVirtualMemory, |
15_2_021F4ED0 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F46E0 NtWriteVirtualMemory, |
15_2_021F46E0 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F473C NtWriteVirtualMemory, |
15_2_021F473C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F4F2C NtWriteVirtualMemory, |
15_2_021F4F2C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F8726 NtWriteVirtualMemory, |
15_2_021F8726 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F4F55 NtWriteVirtualMemory, |
15_2_021F4F55 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F4F79 NtWriteVirtualMemory, |
15_2_021F4F79 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F5F80 NtAllocateVirtualMemory, |
15_2_021F5F80 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F4FAC NtWriteVirtualMemory, |
15_2_021F4FAC |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F47DA NtWriteVirtualMemory, |
15_2_021F47DA |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F9C18 NtResumeThread, |
15_2_021F9C18 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F9C08 NtResumeThread, |
15_2_021F9C08 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F9C50 NtResumeThread, |
15_2_021F9C50 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F4C44 NtWriteVirtualMemory, |
15_2_021F4C44 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F1C7E NtWriteVirtualMemory, |
15_2_021F1C7E |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F9C6C NtResumeThread, |
15_2_021F9C6C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F9C98 NtResumeThread, |
15_2_021F9C98 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F9C88 NtResumeThread, |
15_2_021F9C88 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F9CB4 NtResumeThread, |
15_2_021F9CB4 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F4CA4 NtWriteVirtualMemory, |
15_2_021F4CA4 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F9CDC NtResumeThread, |
15_2_021F9CDC |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F44FF NtWriteVirtualMemory, |
15_2_021F44FF |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F9CFC NtResumeThread, |
15_2_021F9CFC |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F5510 NtWriteVirtualMemory, |
15_2_021F5510 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F4D36 NtWriteVirtualMemory, |
15_2_021F4D36 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F9D20 NtResumeThread, |
15_2_021F9D20 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F4554 NtWriteVirtualMemory, |
15_2_021F4554 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F4D90 NtWriteVirtualMemory, |
15_2_021F4D90 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F9DBC NtResumeThread, |
15_2_021F9DBC |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F8DBB NtWriteVirtualMemory, |
15_2_021F8DBB |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F95AF NtProtectVirtualMemory, |
15_2_021F95AF |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F4DD4 NtWriteVirtualMemory, |
15_2_021F4DD4 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F45F2 NtWriteVirtualMemory, |
15_2_021F45F2 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B49AFE NtSetInformationThread, |
16_2_02B49AFE |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B40BF8 NtWriteVirtualMemory,TerminateProcess, |
16_2_02B40BF8 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B486C3 NtWriteVirtualMemory, |
16_2_02B486C3 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B40703 EnumWindows,NtWriteVirtualMemory, |
16_2_02B40703 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B45F4C NtAllocateVirtualMemory, |
16_2_02B45F4C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B495F4 NtProtectVirtualMemory, |
16_2_02B495F4 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B44AE1 NtWriteVirtualMemory, |
16_2_02B44AE1 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B452C4 NtWriteVirtualMemory, |
16_2_02B452C4 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B45224 NtWriteVirtualMemory, |
16_2_02B45224 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B44BB4 NtWriteVirtualMemory, |
16_2_02B44BB4 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B49BB0 NtSetInformationThread, |
16_2_02B49BB0 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B4538C NtWriteVirtualMemory, |
16_2_02B4538C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B49BE0 NtSetInformationThread, |
16_2_02B49BE0 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B453E8 NtWriteVirtualMemory, |
16_2_02B453E8 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B49B30 NtSetInformationThread, |
16_2_02B49B30 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B49B14 NtSetInformationThread, |
16_2_02B49B14 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B45310 NtWriteVirtualMemory, |
16_2_02B45310 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B49B76 NtSetInformationThread, |
16_2_02B49B76 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B49B54 NtSetInformationThread, |
16_2_02B49B54 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B44B5F NtWriteVirtualMemory, |
16_2_02B44B5F |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B49B58 NtSetInformationThread, |
16_2_02B49B58 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B44880 NtWriteVirtualMemory, |
16_2_02B44880 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B4508A NtWriteVirtualMemory, |
16_2_02B4508A |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B460F4 NtAllocateVirtualMemory, |
16_2_02B460F4 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B450C0 NtWriteVirtualMemory, |
16_2_02B450C0 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B44834 NtWriteVirtualMemory, |
16_2_02B44834 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B4601C NtAllocateVirtualMemory, |
16_2_02B4601C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B45003 NtWriteVirtualMemory, |
16_2_02B45003 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B46074 NtAllocateVirtualMemory, |
16_2_02B46074 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B451B0 NtWriteVirtualMemory, |
16_2_02B451B0 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B449FC NtWriteVirtualMemory, |
16_2_02B449FC |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B46138 NtAllocateVirtualMemory, |
16_2_02B46138 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B45110 NtWriteVirtualMemory, |
16_2_02B45110 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B44907 NtWriteVirtualMemory, |
16_2_02B44907 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B44970 NtWriteVirtualMemory, |
16_2_02B44970 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B45168 NtWriteVirtualMemory, |
16_2_02B45168 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B44EA7 NtWriteVirtualMemory, |
16_2_02B44EA7 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B44698 NtWriteVirtualMemory, |
16_2_02B44698 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B446E0 NtWriteVirtualMemory, |
16_2_02B446E0 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B44ED0 NtWriteVirtualMemory, |
16_2_02B44ED0 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B4463C NtWriteVirtualMemory, |
16_2_02B4463C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B44E38 NtWriteVirtualMemory, |
16_2_02B44E38 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B44E78 NtWriteVirtualMemory, |
16_2_02B44E78 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B49E6C NtSetInformationThread, |
16_2_02B49E6C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B44FAC NtWriteVirtualMemory, |
16_2_02B44FAC |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B45F80 NtAllocateVirtualMemory, |
16_2_02B45F80 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B447DA NtWriteVirtualMemory, |
16_2_02B447DA |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B4473C NtWriteVirtualMemory, |
16_2_02B4473C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B48726 NtWriteVirtualMemory, |
16_2_02B48726 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B44F2C NtWriteVirtualMemory, |
16_2_02B44F2C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B44F79 NtWriteVirtualMemory, |
16_2_02B44F79 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B44F55 NtWriteVirtualMemory, |
16_2_02B44F55 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B49CB4 NtSetInformationThread, |
16_2_02B49CB4 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B44CA4 NtWriteVirtualMemory, |
16_2_02B44CA4 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B49C98 NtSetInformationThread, |
16_2_02B49C98 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B49C88 NtSetInformationThread, |
16_2_02B49C88 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B49CFC NtSetInformationThread, |
16_2_02B49CFC |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B444FF NtWriteVirtualMemory, |
16_2_02B444FF |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B49CDC NtSetInformationThread, |
16_2_02B49CDC |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B49C18 NtSetInformationThread, |
16_2_02B49C18 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B49C08 NtSetInformationThread, |
16_2_02B49C08 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B41C7E NtWriteVirtualMemory, |
16_2_02B41C7E |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B49C6C NtSetInformationThread, |
16_2_02B49C6C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B49C50 NtSetInformationThread, |
16_2_02B49C50 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B44C44 NtWriteVirtualMemory, |
16_2_02B44C44 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B49DBC NtSetInformationThread, |
16_2_02B49DBC |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B48DBB NtWriteVirtualMemory, |
16_2_02B48DBB |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B495AF NtProtectVirtualMemory, |
16_2_02B495AF |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B44D90 NtWriteVirtualMemory, |
16_2_02B44D90 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B445F2 NtWriteVirtualMemory, |
16_2_02B445F2 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B44DD4 NtWriteVirtualMemory, |
16_2_02B44DD4 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B44D36 NtWriteVirtualMemory, |
16_2_02B44D36 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B49D20 NtSetInformationThread, |
16_2_02B49D20 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B45510 NtWriteVirtualMemory, |
16_2_02B45510 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B44554 NtWriteVirtualMemory, |
16_2_02B44554 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A9AFE NtSetInformationThread, |
17_2_020A9AFE |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A0BF8 NtWriteVirtualMemory,TerminateProcess, |
17_2_020A0BF8 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A86C3 NtWriteVirtualMemory, |
17_2_020A86C3 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A0703 EnumWindows,NtWriteVirtualMemory, |
17_2_020A0703 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A5F4C NtAllocateVirtualMemory, |
17_2_020A5F4C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A95F4 NtProtectVirtualMemory, |
17_2_020A95F4 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A5224 NtWriteVirtualMemory, |
17_2_020A5224 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A52C4 NtWriteVirtualMemory, |
17_2_020A52C4 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A4AE1 NtWriteVirtualMemory, |
17_2_020A4AE1 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A5310 NtWriteVirtualMemory, |
17_2_020A5310 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A9B14 NtSetInformationThread, |
17_2_020A9B14 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A9B30 NtSetInformationThread, |
17_2_020A9B30 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A9B58 NtSetInformationThread, |
17_2_020A9B58 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A4B5F NtWriteVirtualMemory, |
17_2_020A4B5F |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A9B54 NtSetInformationThread, |
17_2_020A9B54 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A9B76 NtSetInformationThread, |
17_2_020A9B76 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A538C NtWriteVirtualMemory, |
17_2_020A538C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A9BB0 NtSetInformationThread, |
17_2_020A9BB0 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A4BB4 NtWriteVirtualMemory, |
17_2_020A4BB4 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A53E8 NtWriteVirtualMemory, |
17_2_020A53E8 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A9BE0 NtSetInformationThread, |
17_2_020A9BE0 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A5003 NtWriteVirtualMemory, |
17_2_020A5003 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A601C NtAllocateVirtualMemory, |
17_2_020A601C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A4834 NtWriteVirtualMemory, |
17_2_020A4834 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A6074 NtAllocateVirtualMemory, |
17_2_020A6074 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A508A NtWriteVirtualMemory, |
17_2_020A508A |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A4880 NtWriteVirtualMemory, |
17_2_020A4880 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A50C0 NtWriteVirtualMemory, |
17_2_020A50C0 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A60F4 NtAllocateVirtualMemory, |
17_2_020A60F4 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A4907 NtWriteVirtualMemory, |
17_2_020A4907 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A5110 NtWriteVirtualMemory, |
17_2_020A5110 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A6138 NtAllocateVirtualMemory, |
17_2_020A6138 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A5168 NtWriteVirtualMemory, |
17_2_020A5168 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A4970 NtWriteVirtualMemory, |
17_2_020A4970 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A51B0 NtWriteVirtualMemory, |
17_2_020A51B0 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A49FC NtWriteVirtualMemory, |
17_2_020A49FC |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A4E38 NtWriteVirtualMemory, |
17_2_020A4E38 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A463C NtWriteVirtualMemory, |
17_2_020A463C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A9E6C NtSetInformationThread, |
17_2_020A9E6C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A4E78 NtWriteVirtualMemory, |
17_2_020A4E78 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A4698 NtWriteVirtualMemory, |
17_2_020A4698 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A4EA7 NtWriteVirtualMemory, |
17_2_020A4EA7 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A4ED0 NtWriteVirtualMemory, |
17_2_020A4ED0 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A46E0 NtWriteVirtualMemory, |
17_2_020A46E0 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A4F2C NtWriteVirtualMemory, |
17_2_020A4F2C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A8726 NtWriteVirtualMemory, |
17_2_020A8726 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A473C NtWriteVirtualMemory, |
17_2_020A473C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A4F55 NtWriteVirtualMemory, |
17_2_020A4F55 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A4F79 NtWriteVirtualMemory, |
17_2_020A4F79 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A5F80 NtAllocateVirtualMemory, |
17_2_020A5F80 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A4FAC NtWriteVirtualMemory, |
17_2_020A4FAC |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A47DA NtWriteVirtualMemory, |
17_2_020A47DA |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A9C08 NtSetInformationThread, |
17_2_020A9C08 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A9C18 NtSetInformationThread, |
17_2_020A9C18 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A4C44 NtWriteVirtualMemory, |
17_2_020A4C44 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A9C50 NtSetInformationThread, |
17_2_020A9C50 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A9C6C NtSetInformationThread, |
17_2_020A9C6C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A1C7E NtWriteVirtualMemory, |
17_2_020A1C7E |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A9C88 NtSetInformationThread, |
17_2_020A9C88 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A9C98 NtSetInformationThread, |
17_2_020A9C98 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A4CA4 NtWriteVirtualMemory, |
17_2_020A4CA4 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A9CB4 NtSetInformationThread, |
17_2_020A9CB4 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A9CDC NtSetInformationThread, |
17_2_020A9CDC |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A44FF NtWriteVirtualMemory, |
17_2_020A44FF |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A9CFC NtSetInformationThread, |
17_2_020A9CFC |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A5510 NtWriteVirtualMemory, |
17_2_020A5510 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A9D20 NtSetInformationThread, |
17_2_020A9D20 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A4D36 NtWriteVirtualMemory, |
17_2_020A4D36 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A4554 NtWriteVirtualMemory, |
17_2_020A4554 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A4D90 NtWriteVirtualMemory, |
17_2_020A4D90 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A95AF NtProtectVirtualMemory, |
17_2_020A95AF |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A8DBB NtWriteVirtualMemory, |
17_2_020A8DBB |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A9DBC NtSetInformationThread, |
17_2_020A9DBC |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A4DD4 NtWriteVirtualMemory, |
17_2_020A4DD4 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A45F2 NtWriteVirtualMemory, |
17_2_020A45F2 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_00569AFE NtSetInformationThread, |
21_2_00569AFE |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_00560BF8 NtProtectVirtualMemory, |
21_2_00560BF8 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_005695F4 NtProtectVirtualMemory, |
21_2_005695F4 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_00565F4C NtAllocateVirtualMemory, |
21_2_00565F4C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_00566074 NtAllocateVirtualMemory, |
21_2_00566074 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_0056601C NtAllocateVirtualMemory, |
21_2_0056601C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_005660F4 NtAllocateVirtualMemory, |
21_2_005660F4 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_00566138 NtAllocateVirtualMemory, |
21_2_00566138 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_00569B54 NtSetInformationThread, |
21_2_00569B54 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_00569B58 NtSetInformationThread, |
21_2_00569B58 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_00569B76 NtSetInformationThread, |
21_2_00569B76 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_00569B14 NtSetInformationThread, |
21_2_00569B14 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_00569B30 NtSetInformationThread, |
21_2_00569B30 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_00569BE0 NtSetInformationThread, |
21_2_00569BE0 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_00569BB0 NtSetInformationThread, |
21_2_00569BB0 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_00569C50 NtSetInformationThread, |
21_2_00569C50 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_00569C6C NtSetInformationThread, |
21_2_00569C6C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_00569C18 NtSetInformationThread, |
21_2_00569C18 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_00569C08 NtSetInformationThread, |
21_2_00569C08 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_00569CDC NtSetInformationThread, |
21_2_00569CDC |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_00569CFC NtSetInformationThread, |
21_2_00569CFC |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_00569C98 NtSetInformationThread, |
21_2_00569C98 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_00569C88 NtSetInformationThread, |
21_2_00569C88 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_00569CB4 NtSetInformationThread, |
21_2_00569CB4 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_00569D20 NtSetInformationThread, |
21_2_00569D20 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_0056158E NtProtectVirtualMemory, |
21_2_0056158E |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_005615BC NtProtectVirtualMemory, |
21_2_005615BC |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_00569DBC NtSetInformationThread, |
21_2_00569DBC |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_005695AF NtProtectVirtualMemory, |
21_2_005695AF |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_00561670 NtProtectVirtualMemory, |
21_2_00561670 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_00569E6C NtSetInformationThread, |
21_2_00569E6C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_00561604 NtProtectVirtualMemory, |
21_2_00561604 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_00565F80 NtAllocateVirtualMemory, |
21_2_00565F80 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 22_2_00560BF8 NtProtectVirtualMemory, |
22_2_00560BF8 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 22_2_005695F4 NtProtectVirtualMemory, |
22_2_005695F4 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 22_2_00565F4C NtAllocateVirtualMemory, |
22_2_00565F4C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 22_2_00566074 NtAllocateVirtualMemory, |
22_2_00566074 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 22_2_0056601C NtAllocateVirtualMemory, |
22_2_0056601C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 22_2_005660F4 NtAllocateVirtualMemory, |
22_2_005660F4 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 22_2_00566138 NtAllocateVirtualMemory, |
22_2_00566138 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 22_2_0056158E NtProtectVirtualMemory, |
22_2_0056158E |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 22_2_005615BC NtProtectVirtualMemory, |
22_2_005615BC |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 22_2_005695AF NtProtectVirtualMemory, |
22_2_005695AF |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 22_2_00561670 NtProtectVirtualMemory, |
22_2_00561670 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 22_2_00561604 NtProtectVirtualMemory, |
22_2_00561604 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 22_2_00565F80 NtAllocateVirtualMemory, |
22_2_00565F80 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A9AFE |
0_2_020A9AFE |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A0BF8 |
0_2_020A0BF8 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A86C3 |
0_2_020A86C3 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A0703 |
0_2_020A0703 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A5F4C |
0_2_020A5F4C |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A1210 |
0_2_020A1210 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A5224 |
0_2_020A5224 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A3A49 |
0_2_020A3A49 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A1259 |
0_2_020A1259 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A2A5D |
0_2_020A2A5D |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A2A50 |
0_2_020A2A50 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A3A80 |
0_2_020A3A80 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A1286 |
0_2_020A1286 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A12A4 |
0_2_020A12A4 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A2AC0 |
0_2_020A2AC0 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A52C4 |
0_2_020A52C4 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A92D4 |
0_2_020A92D4 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A3AEC |
0_2_020A3AEC |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A12E0 |
0_2_020A12E0 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A4AE1 |
0_2_020A4AE1 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A2AF4 |
0_2_020A2AF4 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A131B |
0_2_020A131B |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A5310 |
0_2_020A5310 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A9B14 |
0_2_020A9B14 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A9B30 |
0_2_020A9B30 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A1331 |
0_2_020A1331 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A2B34 |
0_2_020A2B34 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A0335 |
0_2_020A0335 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A1348 |
0_2_020A1348 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A3B44 |
0_2_020A3B44 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A9B58 |
0_2_020A9B58 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A4B5F |
0_2_020A4B5F |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A135C |
0_2_020A135C |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A9B54 |
0_2_020A9B54 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A0378 |
0_2_020A0378 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A9B76 |
0_2_020A9B76 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A538C |
0_2_020A538C |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A2B84 |
0_2_020A2B84 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A03A8 |
0_2_020A03A8 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A3BA0 |
0_2_020A3BA0 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A9BB0 |
0_2_020A9BB0 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A13B4 |
0_2_020A13B4 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A4BB4 |
0_2_020A4BB4 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A2BD4 |
0_2_020A2BD4 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A53E8 |
0_2_020A53E8 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A9BE0 |
0_2_020A9BE0 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A03E4 |
0_2_020A03E4 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A3BF8 |
0_2_020A3BF8 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A5003 |
0_2_020A5003 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A9018 |
0_2_020A9018 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A101C |
0_2_020A101C |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A082F |
0_2_020A082F |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A083C |
0_2_020A083C |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A4834 |
0_2_020A4834 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A9048 |
0_2_020A9048 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A305C |
0_2_020A305C |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A9056 |
0_2_020A9056 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A1078 |
0_2_020A1078 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A508A |
0_2_020A508A |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A0880 |
0_2_020A0880 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A4880 |
0_2_020A4880 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A109C |
0_2_020A109C |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A50C0 |
0_2_020A50C0 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A08D0 |
0_2_020A08D0 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A4907 |
0_2_020A4907 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A5110 |
0_2_020A5110 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A4116 |
0_2_020A4116 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A0924 |
0_2_020A0924 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A1124 |
0_2_020A1124 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A113F |
0_2_020A113F |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A5168 |
0_2_020A5168 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A1163 |
0_2_020A1163 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A4970 |
0_2_020A4970 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A19A9 |
0_2_020A19A9 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A19BC |
0_2_020A19BC |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A51B0 |
0_2_020A51B0 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A49FC |
0_2_020A49FC |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A69F7 |
0_2_020A69F7 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A0E24 |
0_2_020A0E24 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A4E38 |
0_2_020A4E38 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A463C |
0_2_020A463C |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A664C |
0_2_020A664C |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A8E54 |
0_2_020A8E54 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A4E78 |
0_2_020A4E78 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A0E70 |
0_2_020A0E70 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A4698 |
0_2_020A4698 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A2E96 |
0_2_020A2E96 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A6694 |
0_2_020A6694 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A36AA |
0_2_020A36AA |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A4EA7 |
0_2_020A4EA7 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A8EB0 |
0_2_020A8EB0 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A4ED0 |
0_2_020A4ED0 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A66EC |
0_2_020A66EC |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A46E0 |
0_2_020A46E0 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A0F04 |
0_2_020A0F04 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A2F18 |
0_2_020A2F18 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A4F2C |
0_2_020A4F2C |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A8726 |
0_2_020A8726 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A473C |
0_2_020A473C |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A8F34 |
0_2_020A8F34 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A0F50 |
0_2_020A0F50 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A4F55 |
0_2_020A4F55 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A4F79 |
0_2_020A4F79 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A8F7C |
0_2_020A8F7C |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A0F74 |
0_2_020A0F74 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A3F88 |
0_2_020A3F88 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A2F80 |
0_2_020A2F80 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A5F80 |
0_2_020A5F80 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A4FAC |
0_2_020A4FAC |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A0FB8 |
0_2_020A0FB8 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A47DA |
0_2_020A47DA |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A2FDC |
0_2_020A2FDC |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A77EC |
0_2_020A77EC |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A9C08 |
0_2_020A9C08 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A9C18 |
0_2_020A9C18 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A2C24 |
0_2_020A2C24 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A0430 |
0_2_020A0430 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A0C4C |
0_2_020A0C4C |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A6442 |
0_2_020A6442 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A4C44 |
0_2_020A4C44 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A9C50 |
0_2_020A9C50 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A646C |
0_2_020A646C |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A9C6C |
0_2_020A9C6C |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A1C7E |
0_2_020A1C7E |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A3C7C |
0_2_020A3C7C |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A9C88 |
0_2_020A9C88 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A9C98 |
0_2_020A9C98 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A4CA4 |
0_2_020A4CA4 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A9CB4 |
0_2_020A9CB4 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A64D8 |
0_2_020A64D8 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A9CDC |
0_2_020A9CDC |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A0CEC |
0_2_020A0CEC |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A44FF |
0_2_020A44FF |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A9CFC |
0_2_020A9CFC |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A8D1B |
0_2_020A8D1B |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A6520 |
0_2_020A6520 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A9D20 |
0_2_020A9D20 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A4D36 |
0_2_020A4D36 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A6537 |
0_2_020A6537 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A0D40 |
0_2_020A0D40 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A4554 |
0_2_020A4554 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A4D90 |
0_2_020A4D90 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A65A0 |
0_2_020A65A0 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A8DBB |
0_2_020A8DBB |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A0DB4 |
0_2_020A0DB4 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A8DD0 |
0_2_020A8DD0 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A4DD4 |
0_2_020A4DD4 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A65EC |
0_2_020A65EC |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A0DE4 |
0_2_020A0DE4 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A3DFC |
0_2_020A3DFC |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A45F2 |
0_2_020A45F2 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00563A49 |
7_2_00563A49 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00569AFE |
7_2_00569AFE |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00560BF8 |
7_2_00560BF8 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00566442 |
7_2_00566442 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_005686C3 |
7_2_005686C3 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00565F4C |
7_2_00565F4C |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00560703 |
7_2_00560703 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00569056 |
7_2_00569056 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_0056305C |
7_2_0056305C |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00569048 |
7_2_00569048 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00561078 |
7_2_00561078 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_0056101C |
7_2_0056101C |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00569018 |
7_2_00569018 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00565003 |
7_2_00565003 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00564834 |
7_2_00564834 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_0056083C |
7_2_0056083C |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_0056082F |
7_2_0056082F |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_005608D0 |
7_2_005608D0 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_005650C0 |
7_2_005650C0 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_0056109C |
7_2_0056109C |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00560880 |
7_2_00560880 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00564880 |
7_2_00564880 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_0056508A |
7_2_0056508A |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00564970 |
7_2_00564970 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00561163 |
7_2_00561163 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00565168 |
7_2_00565168 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00564116 |
7_2_00564116 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00565110 |
7_2_00565110 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00564907 |
7_2_00564907 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_0056113F |
7_2_0056113F |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00560924 |
7_2_00560924 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00561124 |
7_2_00561124 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_005669F7 |
7_2_005669F7 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_005649FC |
7_2_005649FC |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_005651B0 |
7_2_005651B0 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00562A50 |
7_2_00562A50 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00562A5D |
7_2_00562A5D |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00561259 |
7_2_00561259 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00565224 |
7_2_00565224 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_005692D4 |
7_2_005692D4 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_005652C4 |
7_2_005652C4 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00562AC0 |
7_2_00562AC0 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00562AF4 |
7_2_00562AF4 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_005612E0 |
7_2_005612E0 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00564AE1 |
7_2_00564AE1 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00563AEC |
7_2_00563AEC |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00563A80 |
7_2_00563A80 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_005612A4 |
7_2_005612A4 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00569B54 |
7_2_00569B54 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00564B5F |
7_2_00564B5F |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_0056135C |
7_2_0056135C |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00569B58 |
7_2_00569B58 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00563B44 |
7_2_00563B44 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00569B76 |
7_2_00569B76 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00560378 |
7_2_00560378 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00569B14 |
7_2_00569B14 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00565310 |
7_2_00565310 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_0056131B |
7_2_0056131B |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00562B34 |
7_2_00562B34 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00560335 |
7_2_00560335 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00569B30 |
7_2_00569B30 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00562BD4 |
7_2_00562BD4 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00563BF8 |
7_2_00563BF8 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_005603E4 |
7_2_005603E4 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00569BE0 |
7_2_00569BE0 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_005653E8 |
7_2_005653E8 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00562B84 |
7_2_00562B84 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_0056538C |
7_2_0056538C |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_005613B4 |
7_2_005613B4 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00564BB4 |
7_2_00564BB4 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00569BB0 |
7_2_00569BB0 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00563BA0 |
7_2_00563BA0 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_005603A8 |
7_2_005603A8 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00569C50 |
7_2_00569C50 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00564C44 |
7_2_00564C44 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00560C4C |
7_2_00560C4C |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00561C7E |
7_2_00561C7E |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00563C7C |
7_2_00563C7C |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_0056646C |
7_2_0056646C |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00569C6C |
7_2_00569C6C |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00569C18 |
7_2_00569C18 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00569C08 |
7_2_00569C08 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00560430 |
7_2_00560430 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00562C24 |
7_2_00562C24 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00569CDC |
7_2_00569CDC |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_005664D8 |
7_2_005664D8 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_005644FF |
7_2_005644FF |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00569CFC |
7_2_00569CFC |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00560CEC |
7_2_00560CEC |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00569C98 |
7_2_00569C98 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00569C88 |
7_2_00569C88 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00569CB4 |
7_2_00569CB4 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00564CA4 |
7_2_00564CA4 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00564554 |
7_2_00564554 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00560D40 |
7_2_00560D40 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00568D1B |
7_2_00568D1B |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00564D36 |
7_2_00564D36 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00566537 |
7_2_00566537 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00566520 |
7_2_00566520 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00569D20 |
7_2_00569D20 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00564DD4 |
7_2_00564DD4 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00568DD0 |
7_2_00568DD0 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_005645F2 |
7_2_005645F2 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00563DFC |
7_2_00563DFC |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00560DE4 |
7_2_00560DE4 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_005665EC |
7_2_005665EC |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00564D90 |
7_2_00564D90 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_0056158E |
7_2_0056158E |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00560DB4 |
7_2_00560DB4 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_005615BC |
7_2_005615BC |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00568DBB |
7_2_00568DBB |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_005665A0 |
7_2_005665A0 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00568E54 |
7_2_00568E54 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_0056664C |
7_2_0056664C |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00561670 |
7_2_00561670 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00560E70 |
7_2_00560E70 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00564E78 |
7_2_00564E78 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00561604 |
7_2_00561604 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_0056463C |
7_2_0056463C |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00564E38 |
7_2_00564E38 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00560E24 |
7_2_00560E24 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_005646E0 |
7_2_005646E0 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_005666EC |
7_2_005666EC |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00562E96 |
7_2_00562E96 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00566694 |
7_2_00566694 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00564698 |
7_2_00564698 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00568EB0 |
7_2_00568EB0 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_005636AA |
7_2_005636AA |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00560F50 |
7_2_00560F50 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00560F74 |
7_2_00560F74 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00564F73 |
7_2_00564F73 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00568F7C |
7_2_00568F7C |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00562F18 |
7_2_00562F18 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00560F04 |
7_2_00560F04 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00568F34 |
7_2_00568F34 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_0056473C |
7_2_0056473C |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00568726 |
7_2_00568726 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00564F2C |
7_2_00564F2C |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00562FDC |
7_2_00562FDC |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_005647DA |
7_2_005647DA |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_005677EC |
7_2_005677EC |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00562F80 |
7_2_00562F80 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00565F80 |
7_2_00565F80 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00560FB8 |
7_2_00560FB8 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00564FAC |
7_2_00564FAC |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F9AFE |
15_2_021F9AFE |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F0BF8 |
15_2_021F0BF8 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F86C3 |
15_2_021F86C3 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F0703 |
15_2_021F0703 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F5F4C |
15_2_021F5F4C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F1210 |
15_2_021F1210 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F5224 |
15_2_021F5224 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F2A5D |
15_2_021F2A5D |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F1259 |
15_2_021F1259 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F2A50 |
15_2_021F2A50 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F3A49 |
15_2_021F3A49 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F1286 |
15_2_021F1286 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F3A80 |
15_2_021F3A80 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F12A4 |
15_2_021F12A4 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F92D4 |
15_2_021F92D4 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F52C4 |
15_2_021F52C4 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F2AC0 |
15_2_021F2AC0 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F2AF4 |
15_2_021F2AF4 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F3AEC |
15_2_021F3AEC |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F4AE1 |
15_2_021F4AE1 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F12E0 |
15_2_021F12E0 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F131B |
15_2_021F131B |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F9B14 |
15_2_021F9B14 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F5310 |
15_2_021F5310 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F0335 |
15_2_021F0335 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F2B34 |
15_2_021F2B34 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F1331 |
15_2_021F1331 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F9B30 |
15_2_021F9B30 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F4B5F |
15_2_021F4B5F |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F135C |
15_2_021F135C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F9B58 |
15_2_021F9B58 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F9B54 |
15_2_021F9B54 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F1348 |
15_2_021F1348 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F3B44 |
15_2_021F3B44 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F0378 |
15_2_021F0378 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F9B76 |
15_2_021F9B76 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F538C |
15_2_021F538C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F2B84 |
15_2_021F2B84 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F13B4 |
15_2_021F13B4 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F4BB4 |
15_2_021F4BB4 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F9BB0 |
15_2_021F9BB0 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F03A8 |
15_2_021F03A8 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F3BA0 |
15_2_021F3BA0 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F2BD4 |
15_2_021F2BD4 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F3BF8 |
15_2_021F3BF8 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F53E8 |
15_2_021F53E8 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F03E4 |
15_2_021F03E4 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F9BE0 |
15_2_021F9BE0 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F101C |
15_2_021F101C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F9018 |
15_2_021F9018 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F5003 |
15_2_021F5003 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F083C |
15_2_021F083C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F4834 |
15_2_021F4834 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F082F |
15_2_021F082F |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F305C |
15_2_021F305C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F9056 |
15_2_021F9056 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F9048 |
15_2_021F9048 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F1078 |
15_2_021F1078 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F109C |
15_2_021F109C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F508A |
15_2_021F508A |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F0880 |
15_2_021F0880 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F4880 |
15_2_021F4880 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F08D0 |
15_2_021F08D0 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F50C0 |
15_2_021F50C0 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F4116 |
15_2_021F4116 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F5110 |
15_2_021F5110 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F4907 |
15_2_021F4907 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F113F |
15_2_021F113F |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F0924 |
15_2_021F0924 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F1124 |
15_2_021F1124 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F4970 |
15_2_021F4970 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F5168 |
15_2_021F5168 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F1163 |
15_2_021F1163 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F19BC |
15_2_021F19BC |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F51B0 |
15_2_021F51B0 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F19A9 |
15_2_021F19A9 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F49FC |
15_2_021F49FC |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F69F7 |
15_2_021F69F7 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F463C |
15_2_021F463C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F4E38 |
15_2_021F4E38 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F0E24 |
15_2_021F0E24 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F8E54 |
15_2_021F8E54 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F664C |
15_2_021F664C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F4E78 |
15_2_021F4E78 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F0E70 |
15_2_021F0E70 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F4698 |
15_2_021F4698 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F2E96 |
15_2_021F2E96 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F6694 |
15_2_021F6694 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F8EB0 |
15_2_021F8EB0 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F36AA |
15_2_021F36AA |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F4EA7 |
15_2_021F4EA7 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F4ED0 |
15_2_021F4ED0 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F66EC |
15_2_021F66EC |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F46E0 |
15_2_021F46E0 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F2F18 |
15_2_021F2F18 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F0F04 |
15_2_021F0F04 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F473C |
15_2_021F473C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F8F34 |
15_2_021F8F34 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F4F2C |
15_2_021F4F2C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F8726 |
15_2_021F8726 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F4F55 |
15_2_021F4F55 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F0F50 |
15_2_021F0F50 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F8F7C |
15_2_021F8F7C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F4F79 |
15_2_021F4F79 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F0F74 |
15_2_021F0F74 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F3F88 |
15_2_021F3F88 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F2F80 |
15_2_021F2F80 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F5F80 |
15_2_021F5F80 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F0FB8 |
15_2_021F0FB8 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F4FAC |
15_2_021F4FAC |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F2FDC |
15_2_021F2FDC |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F47DA |
15_2_021F47DA |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F77EC |
15_2_021F77EC |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F9C18 |
15_2_021F9C18 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F9C08 |
15_2_021F9C08 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F0430 |
15_2_021F0430 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F2C24 |
15_2_021F2C24 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F9C50 |
15_2_021F9C50 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F0C4C |
15_2_021F0C4C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F4C44 |
15_2_021F4C44 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F6442 |
15_2_021F6442 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F1C7E |
15_2_021F1C7E |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F3C7C |
15_2_021F3C7C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F646C |
15_2_021F646C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F9C6C |
15_2_021F9C6C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F9C98 |
15_2_021F9C98 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F9C88 |
15_2_021F9C88 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F9CB4 |
15_2_021F9CB4 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F4CA4 |
15_2_021F4CA4 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F9CDC |
15_2_021F9CDC |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F64D8 |
15_2_021F64D8 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F44FF |
15_2_021F44FF |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F9CFC |
15_2_021F9CFC |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F0CEC |
15_2_021F0CEC |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F8D1B |
15_2_021F8D1B |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F6537 |
15_2_021F6537 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F4D36 |
15_2_021F4D36 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F6520 |
15_2_021F6520 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F9D20 |
15_2_021F9D20 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F4554 |
15_2_021F4554 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F0D40 |
15_2_021F0D40 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F4D90 |
15_2_021F4D90 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F8DBB |
15_2_021F8DBB |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F0DB4 |
15_2_021F0DB4 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F65A0 |
15_2_021F65A0 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F4DD4 |
15_2_021F4DD4 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F8DD0 |
15_2_021F8DD0 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F3DFC |
15_2_021F3DFC |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F45F2 |
15_2_021F45F2 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F65EC |
15_2_021F65EC |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F0DE4 |
15_2_021F0DE4 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B49AFE |
16_2_02B49AFE |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B40BF8 |
16_2_02B40BF8 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B486C3 |
16_2_02B486C3 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B40703 |
16_2_02B40703 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B45F4C |
16_2_02B45F4C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B412A4 |
16_2_02B412A4 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B41286 |
16_2_02B41286 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B43A80 |
16_2_02B43A80 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B42AF4 |
16_2_02B42AF4 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B412E0 |
16_2_02B412E0 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B44AE1 |
16_2_02B44AE1 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B43AEC |
16_2_02B43AEC |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B492D4 |
16_2_02B492D4 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B452C4 |
16_2_02B452C4 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B42AC0 |
16_2_02B42AC0 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B45224 |
16_2_02B45224 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B41210 |
16_2_02B41210 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B42A50 |
16_2_02B42A50 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B42A5D |
16_2_02B42A5D |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B41259 |
16_2_02B41259 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B43A49 |
16_2_02B43A49 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B413B4 |
16_2_02B413B4 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B44BB4 |
16_2_02B44BB4 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B49BB0 |
16_2_02B49BB0 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B43BA0 |
16_2_02B43BA0 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B403A8 |
16_2_02B403A8 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B42B84 |
16_2_02B42B84 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B4538C |
16_2_02B4538C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B43BF8 |
16_2_02B43BF8 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B403E4 |
16_2_02B403E4 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B49BE0 |
16_2_02B49BE0 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B453E8 |
16_2_02B453E8 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B42BD4 |
16_2_02B42BD4 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B42B34 |
16_2_02B42B34 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B40335 |
16_2_02B40335 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B49B30 |
16_2_02B49B30 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B41331 |
16_2_02B41331 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B49B14 |
16_2_02B49B14 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B45310 |
16_2_02B45310 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B4131B |
16_2_02B4131B |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B49B76 |
16_2_02B49B76 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B40378 |
16_2_02B40378 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B49B54 |
16_2_02B49B54 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B4135C |
16_2_02B4135C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B44B5F |
16_2_02B44B5F |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B49B58 |
16_2_02B49B58 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B43B44 |
16_2_02B43B44 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B41348 |
16_2_02B41348 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B4109C |
16_2_02B4109C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B40880 |
16_2_02B40880 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B44880 |
16_2_02B44880 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B4508A |
16_2_02B4508A |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B408D0 |
16_2_02B408D0 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A0BF8 NtWriteVirtualMemory,TerminateProcess, |
0_2_020A0BF8 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A86C3 NtWriteVirtualMemory, |
0_2_020A86C3 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A0703 EnumWindows,NtWriteVirtualMemory, |
0_2_020A0703 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A1210 TerminateProcess, |
0_2_020A1210 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A1259 TerminateProcess, |
0_2_020A1259 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A2A5D |
0_2_020A2A5D |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A2A50 |
0_2_020A2A50 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A1286 TerminateProcess, |
0_2_020A1286 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A12A4 TerminateProcess, |
0_2_020A12A4 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A2AC0 |
0_2_020A2AC0 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A12E0 TerminateProcess, |
0_2_020A12E0 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A2AF4 |
0_2_020A2AF4 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A131B TerminateProcess, |
0_2_020A131B |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A1331 TerminateProcess, |
0_2_020A1331 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A2B34 |
0_2_020A2B34 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A1348 TerminateProcess, |
0_2_020A1348 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A135C TerminateProcess, |
0_2_020A135C |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A2B84 |
0_2_020A2B84 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A13B4 TerminateProcess, |
0_2_020A13B4 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A2BD4 |
0_2_020A2BD4 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A13EC TerminateProcess, |
0_2_020A13EC |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A101C TerminateProcess, |
0_2_020A101C |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A4834 NtWriteVirtualMemory, |
0_2_020A4834 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A1078 TerminateProcess, |
0_2_020A1078 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A4880 NtWriteVirtualMemory, |
0_2_020A4880 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A109C TerminateProcess, |
0_2_020A109C |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A4907 NtWriteVirtualMemory, |
0_2_020A4907 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A1124 TerminateProcess, |
0_2_020A1124 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A113F TerminateProcess, |
0_2_020A113F |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A1163 TerminateProcess, |
0_2_020A1163 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A4970 NtWriteVirtualMemory, |
0_2_020A4970 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A49FC NtWriteVirtualMemory, |
0_2_020A49FC |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A0E24 TerminateProcess, |
0_2_020A0E24 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A463C NtWriteVirtualMemory, |
0_2_020A463C |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A0E70 TerminateProcess, |
0_2_020A0E70 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A4698 NtWriteVirtualMemory, |
0_2_020A4698 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A46E0 NtWriteVirtualMemory, |
0_2_020A46E0 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A0F04 TerminateProcess, |
0_2_020A0F04 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A8726 NtWriteVirtualMemory, |
0_2_020A8726 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A473C NtWriteVirtualMemory, |
0_2_020A473C |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A0F50 TerminateProcess, |
0_2_020A0F50 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A0F74 TerminateProcess, |
0_2_020A0F74 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A0FB8 TerminateProcess, |
0_2_020A0FB8 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A47DA NtWriteVirtualMemory, |
0_2_020A47DA |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A1402 TerminateProcess, |
0_2_020A1402 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A1421 TerminateProcess, |
0_2_020A1421 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A2C24 |
0_2_020A2C24 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A1430 TerminateProcess, |
0_2_020A1430 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A0C4C TerminateProcess, |
0_2_020A0C4C |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A1C7E NtWriteVirtualMemory, |
0_2_020A1C7E |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A2C8C |
0_2_020A2C8C |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A1484 TerminateProcess, |
0_2_020A1484 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A0CEC TerminateProcess, |
0_2_020A0CEC |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A2CE0 |
0_2_020A2CE0 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A44FF NtWriteVirtualMemory, |
0_2_020A44FF |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A0D40 TerminateProcess, |
0_2_020A0D40 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A4554 NtWriteVirtualMemory, |
0_2_020A4554 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A8DBB NtWriteVirtualMemory, |
0_2_020A8DBB |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A0DB4 TerminateProcess, |
0_2_020A0DB4 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A0DE4 TerminateProcess, |
0_2_020A0DE4 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 0_2_020A45F2 NtWriteVirtualMemory, |
0_2_020A45F2 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00560BF8 NtProtectVirtualMemory, |
7_2_00560BF8 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_005686C3 |
7_2_005686C3 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00561078 |
7_2_00561078 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_0056101C |
7_2_0056101C |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00564834 |
7_2_00564834 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_0056109C |
7_2_0056109C |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00564880 |
7_2_00564880 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00564970 |
7_2_00564970 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00561163 |
7_2_00561163 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00564907 |
7_2_00564907 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_0056113F |
7_2_0056113F |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00561124 |
7_2_00561124 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_005649FC |
7_2_005649FC |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00562A50 |
7_2_00562A50 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00562A5D |
7_2_00562A5D |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00561259 |
7_2_00561259 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00562AC0 |
7_2_00562AC0 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00562AF4 |
7_2_00562AF4 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_005612E0 |
7_2_005612E0 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_005612A4 |
7_2_005612A4 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_0056135C |
7_2_0056135C |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_0056131B |
7_2_0056131B |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00562B34 |
7_2_00562B34 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00562BD4 |
7_2_00562BD4 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_005613EC |
7_2_005613EC |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00562B84 |
7_2_00562B84 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_005613B4 |
7_2_005613B4 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00560C4C |
7_2_00560C4C |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00561C7E |
7_2_00561C7E |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00561430 |
7_2_00561430 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00562C24 |
7_2_00562C24 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_005644FF |
7_2_005644FF |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00562CE0 |
7_2_00562CE0 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00560CEC |
7_2_00560CEC |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00561484 |
7_2_00561484 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00562C8C |
7_2_00562C8C |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00564554 |
7_2_00564554 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00560D40 |
7_2_00560D40 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_005645F2 |
7_2_005645F2 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00560DE4 |
7_2_00560DE4 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_0056158E NtProtectVirtualMemory, |
7_2_0056158E |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00560DB4 |
7_2_00560DB4 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_005615BC NtProtectVirtualMemory, |
7_2_005615BC |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00568DBB |
7_2_00568DBB |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00561670 NtProtectVirtualMemory, |
7_2_00561670 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00560E70 |
7_2_00560E70 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00561604 NtProtectVirtualMemory, |
7_2_00561604 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_0056463C |
7_2_0056463C |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00560E24 |
7_2_00560E24 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_005646E0 |
7_2_005646E0 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00564698 |
7_2_00564698 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00560F50 |
7_2_00560F50 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00560F74 |
7_2_00560F74 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00560F04 |
7_2_00560F04 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_0056473C |
7_2_0056473C |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00568726 |
7_2_00568726 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_005647DA |
7_2_005647DA |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
Code function: 7_2_00560FB8 |
7_2_00560FB8 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F0BF8 NtWriteVirtualMemory,TerminateProcess, |
15_2_021F0BF8 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F86C3 NtWriteVirtualMemory, |
15_2_021F86C3 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F0703 EnumWindows,NtWriteVirtualMemory, |
15_2_021F0703 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F1210 TerminateProcess, |
15_2_021F1210 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F2A5D |
15_2_021F2A5D |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F1259 TerminateProcess, |
15_2_021F1259 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F2A50 |
15_2_021F2A50 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F1286 TerminateProcess, |
15_2_021F1286 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F12A4 TerminateProcess, |
15_2_021F12A4 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F2AC0 |
15_2_021F2AC0 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F2AF4 |
15_2_021F2AF4 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F12E0 TerminateProcess, |
15_2_021F12E0 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F131B TerminateProcess, |
15_2_021F131B |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F2B34 |
15_2_021F2B34 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F1331 TerminateProcess, |
15_2_021F1331 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F135C TerminateProcess, |
15_2_021F135C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F1348 TerminateProcess, |
15_2_021F1348 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F2B84 |
15_2_021F2B84 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F13B4 TerminateProcess, |
15_2_021F13B4 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F2BD4 |
15_2_021F2BD4 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F13EC TerminateProcess, |
15_2_021F13EC |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F101C TerminateProcess, |
15_2_021F101C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F4834 NtWriteVirtualMemory, |
15_2_021F4834 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F1078 TerminateProcess, |
15_2_021F1078 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F109C TerminateProcess, |
15_2_021F109C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F4880 NtWriteVirtualMemory, |
15_2_021F4880 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F4907 NtWriteVirtualMemory, |
15_2_021F4907 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F113F TerminateProcess, |
15_2_021F113F |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F1124 TerminateProcess, |
15_2_021F1124 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F4970 NtWriteVirtualMemory, |
15_2_021F4970 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F1163 TerminateProcess, |
15_2_021F1163 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F49FC NtWriteVirtualMemory, |
15_2_021F49FC |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F463C NtWriteVirtualMemory, |
15_2_021F463C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F0E24 TerminateProcess, |
15_2_021F0E24 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F0E70 TerminateProcess, |
15_2_021F0E70 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F4698 NtWriteVirtualMemory, |
15_2_021F4698 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F46E0 NtWriteVirtualMemory, |
15_2_021F46E0 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F0F04 TerminateProcess, |
15_2_021F0F04 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F473C NtWriteVirtualMemory, |
15_2_021F473C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F8726 NtWriteVirtualMemory, |
15_2_021F8726 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F0F50 TerminateProcess, |
15_2_021F0F50 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F0F74 TerminateProcess, |
15_2_021F0F74 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F0FB8 TerminateProcess, |
15_2_021F0FB8 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F47DA NtWriteVirtualMemory, |
15_2_021F47DA |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F1402 TerminateProcess, |
15_2_021F1402 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F1430 TerminateProcess, |
15_2_021F1430 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F2C24 |
15_2_021F2C24 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F1421 TerminateProcess, |
15_2_021F1421 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F0C4C TerminateProcess, |
15_2_021F0C4C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F1C7E NtWriteVirtualMemory, |
15_2_021F1C7E |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F2C8C |
15_2_021F2C8C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F1484 TerminateProcess, |
15_2_021F1484 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F44FF NtWriteVirtualMemory, |
15_2_021F44FF |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F0CEC TerminateProcess, |
15_2_021F0CEC |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F2CE0 |
15_2_021F2CE0 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F4554 NtWriteVirtualMemory, |
15_2_021F4554 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F0D40 TerminateProcess, |
15_2_021F0D40 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F8DBB NtWriteVirtualMemory, |
15_2_021F8DBB |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F0DB4 TerminateProcess, |
15_2_021F0DB4 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F45F2 NtWriteVirtualMemory, |
15_2_021F45F2 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 15_2_021F0DE4 TerminateProcess, |
15_2_021F0DE4 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B40BF8 NtWriteVirtualMemory,TerminateProcess, |
16_2_02B40BF8 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B486C3 NtWriteVirtualMemory, |
16_2_02B486C3 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B40703 EnumWindows,NtWriteVirtualMemory, |
16_2_02B40703 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B412A4 TerminateProcess, |
16_2_02B412A4 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B41286 TerminateProcess, |
16_2_02B41286 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B42AF4 |
16_2_02B42AF4 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B412E0 TerminateProcess, |
16_2_02B412E0 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B42AC0 |
16_2_02B42AC0 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B41210 TerminateProcess, |
16_2_02B41210 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B42A50 |
16_2_02B42A50 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B42A5D |
16_2_02B42A5D |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B41259 TerminateProcess, |
16_2_02B41259 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B413B4 TerminateProcess, |
16_2_02B413B4 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B42B84 |
16_2_02B42B84 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B413EC TerminateProcess, |
16_2_02B413EC |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B42BD4 |
16_2_02B42BD4 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B42B34 |
16_2_02B42B34 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B41331 TerminateProcess, |
16_2_02B41331 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B4131B TerminateProcess, |
16_2_02B4131B |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B4135C TerminateProcess, |
16_2_02B4135C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B41348 TerminateProcess, |
16_2_02B41348 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B4109C TerminateProcess, |
16_2_02B4109C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B44880 NtWriteVirtualMemory, |
16_2_02B44880 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B44834 NtWriteVirtualMemory, |
16_2_02B44834 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B4101C TerminateProcess, |
16_2_02B4101C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B41078 TerminateProcess, |
16_2_02B41078 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B449FC NtWriteVirtualMemory, |
16_2_02B449FC |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B4113F TerminateProcess, |
16_2_02B4113F |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B41124 TerminateProcess, |
16_2_02B41124 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B44907 NtWriteVirtualMemory, |
16_2_02B44907 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B44970 NtWriteVirtualMemory, |
16_2_02B44970 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B41163 TerminateProcess, |
16_2_02B41163 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B44698 NtWriteVirtualMemory, |
16_2_02B44698 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B446E0 NtWriteVirtualMemory, |
16_2_02B446E0 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B4463C NtWriteVirtualMemory, |
16_2_02B4463C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B40E24 TerminateProcess, |
16_2_02B40E24 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B40E70 TerminateProcess, |
16_2_02B40E70 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B40FB8 TerminateProcess, |
16_2_02B40FB8 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B447DA NtWriteVirtualMemory, |
16_2_02B447DA |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B4473C NtWriteVirtualMemory, |
16_2_02B4473C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B48726 NtWriteVirtualMemory, |
16_2_02B48726 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B40F04 TerminateProcess, |
16_2_02B40F04 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B40F74 TerminateProcess, |
16_2_02B40F74 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B40F50 TerminateProcess, |
16_2_02B40F50 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B41484 TerminateProcess, |
16_2_02B41484 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B42C8C |
16_2_02B42C8C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B444FF NtWriteVirtualMemory, |
16_2_02B444FF |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B42CE0 |
16_2_02B42CE0 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B40CEC TerminateProcess, |
16_2_02B40CEC |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B41430 TerminateProcess, |
16_2_02B41430 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B42C24 |
16_2_02B42C24 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B41421 TerminateProcess, |
16_2_02B41421 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B41402 TerminateProcess, |
16_2_02B41402 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B41C7E NtWriteVirtualMemory, |
16_2_02B41C7E |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B40C4C TerminateProcess, |
16_2_02B40C4C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B40DB4 TerminateProcess, |
16_2_02B40DB4 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B48DBB NtWriteVirtualMemory, |
16_2_02B48DBB |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B445F2 NtWriteVirtualMemory, |
16_2_02B445F2 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B40DE4 TerminateProcess, |
16_2_02B40DE4 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B44554 NtWriteVirtualMemory, |
16_2_02B44554 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 16_2_02B40D40 TerminateProcess, |
16_2_02B40D40 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A0BF8 NtWriteVirtualMemory,TerminateProcess, |
17_2_020A0BF8 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A86C3 NtWriteVirtualMemory, |
17_2_020A86C3 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A0703 EnumWindows,NtWriteVirtualMemory, |
17_2_020A0703 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A1210 TerminateProcess, |
17_2_020A1210 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A1259 TerminateProcess, |
17_2_020A1259 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A2A5D |
17_2_020A2A5D |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A2A50 |
17_2_020A2A50 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A1286 TerminateProcess, |
17_2_020A1286 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A12A4 TerminateProcess, |
17_2_020A12A4 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A2AC0 |
17_2_020A2AC0 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A12E0 TerminateProcess, |
17_2_020A12E0 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A2AF4 |
17_2_020A2AF4 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A131B TerminateProcess, |
17_2_020A131B |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A1331 TerminateProcess, |
17_2_020A1331 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A2B34 |
17_2_020A2B34 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A1348 TerminateProcess, |
17_2_020A1348 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A135C TerminateProcess, |
17_2_020A135C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A2B84 |
17_2_020A2B84 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A13B4 TerminateProcess, |
17_2_020A13B4 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A2BD4 |
17_2_020A2BD4 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A13EC TerminateProcess, |
17_2_020A13EC |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A101C TerminateProcess, |
17_2_020A101C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A4834 NtWriteVirtualMemory, |
17_2_020A4834 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A1078 TerminateProcess, |
17_2_020A1078 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A4880 NtWriteVirtualMemory, |
17_2_020A4880 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A109C TerminateProcess, |
17_2_020A109C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A4907 NtWriteVirtualMemory, |
17_2_020A4907 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A1124 TerminateProcess, |
17_2_020A1124 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A113F TerminateProcess, |
17_2_020A113F |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A1163 TerminateProcess, |
17_2_020A1163 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A4970 NtWriteVirtualMemory, |
17_2_020A4970 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A49FC NtWriteVirtualMemory, |
17_2_020A49FC |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A0E24 TerminateProcess, |
17_2_020A0E24 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A463C NtWriteVirtualMemory, |
17_2_020A463C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A0E70 TerminateProcess, |
17_2_020A0E70 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A4698 NtWriteVirtualMemory, |
17_2_020A4698 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A46E0 NtWriteVirtualMemory, |
17_2_020A46E0 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A0F04 TerminateProcess, |
17_2_020A0F04 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A8726 NtWriteVirtualMemory, |
17_2_020A8726 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A473C NtWriteVirtualMemory, |
17_2_020A473C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A0F50 TerminateProcess, |
17_2_020A0F50 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A0F74 TerminateProcess, |
17_2_020A0F74 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A0FB8 TerminateProcess, |
17_2_020A0FB8 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A47DA NtWriteVirtualMemory, |
17_2_020A47DA |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A1402 TerminateProcess, |
17_2_020A1402 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A1421 TerminateProcess, |
17_2_020A1421 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A2C24 |
17_2_020A2C24 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A1430 TerminateProcess, |
17_2_020A1430 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A0C4C TerminateProcess, |
17_2_020A0C4C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A1C7E NtWriteVirtualMemory, |
17_2_020A1C7E |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A2C8C |
17_2_020A2C8C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A1484 TerminateProcess, |
17_2_020A1484 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A0CEC TerminateProcess, |
17_2_020A0CEC |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A2CE0 |
17_2_020A2CE0 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A44FF NtWriteVirtualMemory, |
17_2_020A44FF |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A0D40 TerminateProcess, |
17_2_020A0D40 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A4554 NtWriteVirtualMemory, |
17_2_020A4554 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A8DBB NtWriteVirtualMemory, |
17_2_020A8DBB |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A0DB4 TerminateProcess, |
17_2_020A0DB4 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A0DE4 TerminateProcess, |
17_2_020A0DE4 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 17_2_020A45F2 NtWriteVirtualMemory, |
17_2_020A45F2 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_00560BF8 NtProtectVirtualMemory, |
21_2_00560BF8 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_005686C3 |
21_2_005686C3 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_00561078 |
21_2_00561078 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_0056101C |
21_2_0056101C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_00564834 |
21_2_00564834 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_0056109C |
21_2_0056109C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_00564880 |
21_2_00564880 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_00564970 |
21_2_00564970 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_00561163 |
21_2_00561163 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_00564907 |
21_2_00564907 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_0056113F |
21_2_0056113F |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_00561124 |
21_2_00561124 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_005649FC |
21_2_005649FC |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_00562A50 |
21_2_00562A50 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_00562A5D |
21_2_00562A5D |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_00561259 |
21_2_00561259 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_00562AC0 |
21_2_00562AC0 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_00562AF4 |
21_2_00562AF4 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_005612E0 |
21_2_005612E0 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_005612A4 |
21_2_005612A4 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_0056135C |
21_2_0056135C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_0056131B |
21_2_0056131B |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_00562B34 |
21_2_00562B34 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_00562BD4 |
21_2_00562BD4 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_005613EC |
21_2_005613EC |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_00562B84 |
21_2_00562B84 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_005613B4 |
21_2_005613B4 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_00560C4C |
21_2_00560C4C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_00561C7E |
21_2_00561C7E |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_00561430 |
21_2_00561430 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_00562C24 |
21_2_00562C24 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_005644FF |
21_2_005644FF |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_00562CE0 |
21_2_00562CE0 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_00560CEC |
21_2_00560CEC |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_00561484 |
21_2_00561484 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_00562C8C |
21_2_00562C8C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_00564554 |
21_2_00564554 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_00560D40 |
21_2_00560D40 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_005645F2 |
21_2_005645F2 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_00560DE4 |
21_2_00560DE4 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_0056158E NtProtectVirtualMemory, |
21_2_0056158E |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_00560DB4 |
21_2_00560DB4 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_005615BC NtProtectVirtualMemory, |
21_2_005615BC |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_00568DBB |
21_2_00568DBB |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_00561670 NtProtectVirtualMemory, |
21_2_00561670 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_00560E70 |
21_2_00560E70 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_00561604 NtProtectVirtualMemory, |
21_2_00561604 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_0056463C |
21_2_0056463C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_00560E24 |
21_2_00560E24 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_005646E0 |
21_2_005646E0 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_00564698 |
21_2_00564698 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_00560F50 |
21_2_00560F50 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_00560F74 |
21_2_00560F74 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_00560F04 |
21_2_00560F04 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_0056473C |
21_2_0056473C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_00568726 |
21_2_00568726 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_005647DA |
21_2_005647DA |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 21_2_00560FB8 |
21_2_00560FB8 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 22_2_00560BF8 NtProtectVirtualMemory, |
22_2_00560BF8 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 22_2_005686C3 |
22_2_005686C3 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 22_2_00561078 |
22_2_00561078 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 22_2_0056101C |
22_2_0056101C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 22_2_00564834 |
22_2_00564834 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 22_2_0056109C |
22_2_0056109C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 22_2_00564880 |
22_2_00564880 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 22_2_00564970 |
22_2_00564970 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 22_2_00561163 |
22_2_00561163 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 22_2_00564907 |
22_2_00564907 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 22_2_0056113F |
22_2_0056113F |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 22_2_00561124 |
22_2_00561124 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 22_2_005649FC |
22_2_005649FC |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 22_2_00562A50 |
22_2_00562A50 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 22_2_00562A5D |
22_2_00562A5D |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 22_2_00561259 |
22_2_00561259 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 22_2_00562AC0 |
22_2_00562AC0 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 22_2_00562AF4 |
22_2_00562AF4 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 22_2_005612E0 |
22_2_005612E0 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 22_2_005612A4 |
22_2_005612A4 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 22_2_0056135C |
22_2_0056135C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 22_2_0056131B |
22_2_0056131B |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 22_2_00562B34 |
22_2_00562B34 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 22_2_00562BD4 |
22_2_00562BD4 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 22_2_005613EC |
22_2_005613EC |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 22_2_00562B84 |
22_2_00562B84 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 22_2_005613B4 |
22_2_005613B4 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 22_2_00560C4C |
22_2_00560C4C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 22_2_00561C7E |
22_2_00561C7E |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 22_2_00561430 |
22_2_00561430 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 22_2_00562C24 |
22_2_00562C24 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 22_2_005644FF |
22_2_005644FF |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 22_2_00562CE0 |
22_2_00562CE0 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 22_2_00560CEC |
22_2_00560CEC |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 22_2_00561484 |
22_2_00561484 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 22_2_00562C8C |
22_2_00562C8C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 22_2_00564554 |
22_2_00564554 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 22_2_00560D40 |
22_2_00560D40 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 22_2_005645F2 |
22_2_005645F2 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 22_2_00560DE4 |
22_2_00560DE4 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 22_2_0056158E NtProtectVirtualMemory, |
22_2_0056158E |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 22_2_00560DB4 |
22_2_00560DB4 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 22_2_005615BC NtProtectVirtualMemory, |
22_2_005615BC |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 22_2_00568DBB |
22_2_00568DBB |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 22_2_00561670 NtProtectVirtualMemory, |
22_2_00561670 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 22_2_00560E70 |
22_2_00560E70 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 22_2_00561604 NtProtectVirtualMemory, |
22_2_00561604 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 22_2_0056463C |
22_2_0056463C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 22_2_00560E24 |
22_2_00560E24 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 22_2_005646E0 |
22_2_005646E0 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 22_2_00564698 |
22_2_00564698 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 22_2_00560F50 |
22_2_00560F50 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 22_2_00560F74 |
22_2_00560F74 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 22_2_00560F04 |
22_2_00560F04 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 22_2_0056473C |
22_2_0056473C |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 22_2_00568726 |
22_2_00568726 |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 22_2_005647DA |
22_2_005647DA |
| Source: C:\Users\user\AppData\Roaming\win.exe |
Code function: 22_2_00560FB8 |
22_2_00560FB8 |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
RDTSC instruction interceptor: First address: 00000000020A0153 second address: 00000000020A0297 instructions: 0x00000000 rdtsc 0x00000002 popad 0x00000003 jmp 00007F8D488E6046h 0x00000005 test dl, bl 0x00000007 mov dword ptr [ebp-29h], edi 0x0000000a mov edi, 0B6FB570h 0x0000000f sub edi, 3B5E49F8h 0x00000015 xor edi, 6B2CFFD1h 0x0000001b sub edi, BB3D91A9h 0x00000021 sub esp, edi 0x00000023 mov edi, dword ptr [ebp-29h] 0x00000026 jmp 00007F8D488E6042h 0x00000028 test cl, cl 0x0000002a jmp 00007F8D488E6042h 0x0000002c cld 0x0000002d jmp 00007F8D488E6042h 0x0000002f cmp edx, ebx 0x00000031 jmp 00007F8D488E6046h 0x00000033 test dl, bl 0x00000035 jmp 00007F8D488E6046h 0x00000037 test ch, bh 0x00000039 jmp 00007F8D488E6042h 0x0000003b cmp edx, edx 0x0000003d push ebp 0x0000003e jmp 00007F8D488E6046h 0x00000040 test ah, bh 0x00000042 jmp 00007F8D488E6042h 0x00000044 jmp 00007F8D488E6050h 0x00000046 mov ebp, esp 0x00000048 jmp 00007F8D488E6046h 0x0000004a cmp cl, cl 0x0000004c mov dword ptr [ebp+0000013Ch], 00000000h 0x00000056 jmp 00007F8D488E6046h 0x00000058 pushad 0x00000059 mov eax, 000000AEh 0x0000005e rdtsc |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
RDTSC instruction interceptor: First address: 00000000020A5F52 second address: 00000000020A6004 instructions: 0x00000000 rdtsc 0x00000002 lfence 0x00000005 shl edx, 20h 0x00000008 or edx, eax 0x0000000a popad 0x0000000b pushad 0x0000000c cmp dl, 0000005Fh 0x0000000f cmp dword ptr [ebp+0000013Ch], 00000000h 0x00000016 jne 00007F8D48A2841Bh 0x0000001c jmp 00007F8D48A28216h 0x0000001e test eax, eax 0x00000020 mov eax, 86EE1AF5h 0x00000025 test bl, bl 0x00000027 xor eax, BD4846E4h 0x0000002c xor eax, 21283749h 0x00000031 xor eax, 1A8E6E61h 0x00000036 cmp dx, cx 0x00000039 mov dword ptr [ebp+00000182h], edx 0x0000003f mov edx, 115ADCC7h 0x00000044 cmp edx, edx 0x00000046 test ebx, ecx 0x00000048 sub edx, D410C907h 0x0000004e xor edx, A788CB95h 0x00000054 jmp 00007F8D48A28216h 0x00000056 test cl, FFFFFF97h 0x00000059 xor edx, 9AC2D839h 0x0000005f push edx 0x00000060 cmp cl, bl 0x00000062 mov edx, dword ptr [ebp+00000182h] 0x00000068 mov dword ptr [ebp+00000177h], edi 0x0000006e mov edi, 5BE1273Ch 0x00000073 xor edi, 5A5059E2h 0x00000079 test cl, cl 0x0000007b xor edi, 6B9E11F2h 0x00000081 cmp ecx, eax 0x00000083 xor edi, 064B1B42h 0x00000089 pushad 0x0000008a rdtsc |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
RDTSC instruction interceptor: First address: 00000000020A6004 second address: 00000000020A6004 instructions: |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
RDTSC instruction interceptor: First address: 00000000020A8DD5 second address: 00000000020A8DD5 instructions: |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
RDTSC instruction interceptor: First address: 00000000020A5EBF second address: 00000000020A5EBF instructions: |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
RDTSC instruction interceptor: First address: 00000000020A7A03 second address: 00000000020A7A03 instructions: 0x00000000 rdtsc 0x00000002 mov eax, 00000001h 0x00000007 cpuid 0x00000009 popad 0x0000000a cmp bx, dx 0x0000000d jne 00007F8D48A28187h 0x0000000f push dword ptr [esp+04h] 0x00000013 jmp 00007F8D48A28212h 0x00000015 cmp al, cl 0x00000017 call 00007F8D48A2864Ch 0x0000001c cmp cl, bl 0x0000001e mov ebx, dword ptr [esp+04h] 0x00000022 xor ecx, ecx 0x00000024 test ecx, DBADF924h 0x0000002a add ecx, 02h 0x0000002d cmp word ptr [ebx+ecx], 0000h 0x00000032 jne 00007F8D48A281F8h 0x00000034 add ecx, 02h 0x00000037 cmp word ptr [ebx+ecx], 0000h 0x0000003c jne 00007F8D48A281F8h 0x0000003e add ecx, 02h 0x00000041 cmp word ptr [ebx+ecx], 0000h 0x00000046 jne 00007F8D48A281F8h 0x00000048 add ecx, 02h 0x0000004b cmp word ptr [ebx+ecx], 0000h 0x00000050 jne 00007F8D48A281F8h 0x00000052 add ecx, 02h 0x00000055 cmp word ptr [ebx+ecx], 0000h 0x0000005a jne 00007F8D48A281F8h 0x0000005c add ecx, 02h 0x0000005f cmp word ptr [ebx+ecx], 0000h 0x00000064 jne 00007F8D48A281F8h 0x00000066 add ecx, 02h 0x00000069 cmp word ptr [ebx+ecx], 0000h 0x0000006e jne 00007F8D48A281F8h 0x00000070 test dx, dx 0x00000073 retn 0004h 0x00000076 jmp 00007F8D48A28212h 0x00000078 cmp dl, cl 0x0000007a sub ecx, 02h 0x0000007d add eax, 02h 0x00000080 jmp 00007F8D48A28216h 0x00000082 cmp ax, 0000C33Eh 0x00000086 mov bx, word ptr [eax+ecx] 0x0000008a mov dx, word ptr [esi+ecx] 0x0000008e jmp 00007F8D48A28212h 0x00000090 pushad 0x00000091 rdtsc |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
RDTSC instruction interceptor: First address: 00000000020A59EB second address: 00000000020A59EB instructions: |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
RDTSC instruction interceptor: First address: 00000000020A559F second address: 00000000020A559F instructions: |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
RDTSC instruction interceptor: First address: 0000000000560153 second address: 0000000000560297 instructions: 0x00000000 rdtsc 0x00000002 popad 0x00000003 jmp 00007F8D488E6046h 0x00000005 test dl, bl 0x00000007 mov dword ptr [ebp-29h], edi 0x0000000a mov edi, 0B6FB570h 0x0000000f sub edi, 3B5E49F8h 0x00000015 xor edi, 6B2CFFD1h 0x0000001b sub edi, BB3D91A9h 0x00000021 sub esp, edi 0x00000023 mov edi, dword ptr [ebp-29h] 0x00000026 jmp 00007F8D488E6042h 0x00000028 test cl, cl 0x0000002a jmp 00007F8D488E6042h 0x0000002c cld 0x0000002d jmp 00007F8D488E6042h 0x0000002f cmp edx, ebx 0x00000031 jmp 00007F8D488E6046h 0x00000033 test dl, bl 0x00000035 jmp 00007F8D488E6046h 0x00000037 test ch, bh 0x00000039 jmp 00007F8D488E6042h 0x0000003b cmp edx, edx 0x0000003d push ebp 0x0000003e jmp 00007F8D488E6046h 0x00000040 test ah, bh 0x00000042 jmp 00007F8D488E6042h 0x00000044 jmp 00007F8D488E6050h 0x00000046 mov ebp, esp 0x00000048 jmp 00007F8D488E6046h 0x0000004a cmp cl, cl 0x0000004c mov dword ptr [ebp+0000013Ch], 00000000h 0x00000056 jmp 00007F8D488E6046h 0x00000058 pushad 0x00000059 mov eax, 000000AEh 0x0000005e rdtsc |
| Source: C:\Users\user\Desktop\SecuriteInfo.com.__vbaHresultCheckObj.9138.exe |
RDTSC instruction interceptor: First address: 0000000000561732 second address: 0000000000561732 instructions: 0x00000000 rdtsc 0x00000002 mov eax, 00000001h 0x00000007 cpuid 0x00000009 popad 0x0000000a mov byte ptr [eax+ecx-01h], 0000005Eh 0x0000000f cmp cx, dx 0x00000012 xor byte ptr [eax+ecx-01h], 00000026h 0x00000017 xor byte ptr [eax+ecx-01h], 00000076h 0x0000001c cmp bl, 0000005Bh 0x0000001f add byte ptr [eax+ecx-01h], FFFFFFF2h 0x00000024 dec ecx 0x00000025 cmp ecx, 00000000h 0x00000028 jne 00007F8D48A281D7h 0x0000002a pushad 0x0000002b rdtsc |
| Source: C:\Users\user\AppData\Roaming\win.exe |
RDTSC instruction interceptor: First address: 00000000021F0153 second address: 00000000021F0297 instructions: 0x00000000 rdtsc 0x00000002 popad 0x00000003 jmp 00007F8D488E6046h 0x00000005 test dl, bl 0x00000007 mov dword ptr [ebp-29h], edi 0x0000000a mov edi, 0B6FB570h 0x0000000f sub edi, 3B5E49F8h 0x00000015 xor edi, 6B2CFFD1h 0x0000001b sub edi, BB3D91A9h 0x00000021 sub esp, edi 0x00000023 mov edi, dword ptr [ebp-29h] 0x00000026 jmp 00007F8D488E6042h 0x00000028 test cl, cl 0x0000002a jmp 00007F8D488E6042h 0x0000002c cld 0x0000002d jmp 00007F8D488E6042h 0x0000002f cmp edx, ebx 0x00000031 jmp 00007F8D488E6046h 0x00000033 test dl, bl 0x00000035 jmp 00007F8D488E6046h 0x00000037 test ch, bh 0x00000039 jmp 00007F8D488E6042h 0x0000003b cmp edx, edx 0x0000003d push ebp 0x0000003e jmp 00007F8D488E6046h 0x00000040 test ah, bh 0x00000042 jmp 00007F8D488E6042h 0x00000044 jmp 00007F8D488E6050h 0x00000046 mov ebp, esp 0x00000048 jmp 00007F8D488E6046h 0x0000004a cmp cl, cl 0x0000004c mov dword ptr [ebp+0000013Ch], 00000000h 0x00000056 jmp 00007F8D488E6046h 0x00000058 pushad 0x00000059 mov eax, 000000AEh 0x0000005e rdtsc |
| Source: C:\Users\user\AppData\Roaming\win.exe |
RDTSC instruction interceptor: First address: 00000000021F5F52 second address: 00000000021F6004 instructions: 0x00000000 rdtsc 0x00000002 lfence 0x00000005 shl edx, 20h 0x00000008 or edx, eax 0x0000000a popad 0x0000000b pushad 0x0000000c cmp dl, 0000005Fh 0x0000000f cmp dword ptr [ebp+0000013Ch], 00000000h 0x00000016 jne 00007F8D48A2841Bh 0x0000001c jmp 00007F8D48A28216h 0x0000001e test eax, eax 0x00000020 mov eax, 86EE1AF5h 0x00000025 test bl, bl 0x00000027 xor eax, BD4846E4h 0x0000002c xor eax, 21283749h 0x00000031 xor eax, 1A8E6E61h 0x00000036 cmp dx, cx 0x00000039 mov dword ptr [ebp+00000182h], edx 0x0000003f mov edx, 115ADCC7h 0x00000044 cmp edx, edx 0x00000046 test ebx, ecx 0x00000048 sub edx, D410C907h 0x0000004e xor edx, A788CB95h 0x00000054 jmp 00007F8D48A28216h 0x00000056 test cl, FFFFFF97h 0x00000059 xor edx, 9AC2D839h 0x0000005f push edx 0x00000060 cmp cl, bl 0x00000062 mov edx, dword ptr [ebp+00000182h] 0x00000068 mov dword ptr [ebp+00000177h], edi 0x0000006e mov edi, 5BE1273Ch 0x00000073 xor edi, 5A5059E2h 0x00000079 test cl, cl 0x0000007b xor edi, 6B9E11F2h 0x00000081 cmp ecx, eax 0x00000083 xor edi, 064B1B42h 0x00000089 pushad 0x0000008a rdtsc |
| Source: C:\Users\user\AppData\Roaming\win.exe |
RDTSC instruction interceptor: First address: 00000000021F6004 second address: 00000000021F6004 instructions: |
| Source: C:\Users\user\AppData\Roaming\win.exe |
RDTSC instruction interceptor: First address: 0000000002B40153 second address: 0000000002B40297 instructions: 0x00000000 rdtsc 0x00000002 popad 0x00000003 jmp 00007F8D48A28216h 0x00000005 test dl, bl 0x00000007 mov dword ptr [ebp-29h], edi 0x0000000a mov edi, 0B6FB570h 0x0000000f sub edi, 3B5E49F8h 0x00000015 xor edi, 6B2CFFD1h 0x0000001b sub edi, BB3D91A9h 0x00000021 sub esp, edi 0x00000023 mov edi, dword ptr [ebp-29h] 0x00000026 jmp 00007F8D48A28212h 0x00000028 test cl, cl 0x0000002a jmp 00007F8D48A28212h 0x0000002c cld 0x0000002d jmp 00007F8D48A28212h 0x0000002f cmp edx, ebx 0x00000031 jmp 00007F8D48A28216h 0x00000033 test dl, bl 0x00000035 jmp 00007F8D48A28216h 0x00000037 test ch, bh 0x00000039 jmp 00007F8D48A28212h 0x0000003b cmp edx, edx 0x0000003d push ebp 0x0000003e jmp 00007F8D48A28216h 0x00000040 test ah, bh 0x00000042 jmp 00007F8D48A28212h 0x00000044 jmp 00007F8D48A28220h 0x00000046 mov ebp, esp 0x00000048 jmp 00007F8D48A28216h 0x0000004a cmp cl, cl 0x0000004c mov dword ptr [ebp+0000013Ch], 00000000h 0x00000056 jmp 00007F8D48A28216h 0x00000058 pushad 0x00000059 mov eax, 000000AEh 0x0000005e rdtsc |
| Source: C:\Users\user\AppData\Roaming\win.exe |
RDTSC instruction interceptor: First address: 0000000002B45F52 second address: 0000000002B46004 instructions: 0x00000000 rdtsc 0x00000002 lfence 0x00000005 shl edx, 20h 0x00000008 or edx, eax 0x0000000a popad 0x0000000b pushad 0x0000000c cmp dl, 0000005Fh 0x0000000f cmp dword ptr [ebp+0000013Ch], 00000000h 0x00000016 jne 00007F8D488E624Bh 0x0000001c jmp 00007F8D488E6046h 0x0000001e test eax, eax 0x00000020 mov eax, 86EE1AF5h 0x00000025 test bl, bl 0x00000027 xor eax, BD4846E4h 0x0000002c xor eax, 21283749h 0x00000031 xor eax, 1A8E6E61h 0x00000036 cmp dx, cx 0x00000039 mov dword ptr [ebp+00000182h], edx 0x0000003f mov edx, 115ADCC7h 0x00000044 cmp edx, edx 0x00000046 test ebx, ecx 0x00000048 sub edx, D410C907h 0x0000004e xor edx, A788CB95h 0x00000054 jmp 00007F8D488E6046h 0x00000056 test cl, FFFFFF97h 0x00000059 xor edx, 9AC2D839h 0x0000005f push edx 0x00000060 cmp cl, bl 0x00000062 mov edx, dword ptr [ebp+00000182h] 0x00000068 mov dword ptr [ebp+00000177h], edi 0x0000006e mov edi, 5BE1273Ch 0x00000073 xor edi, 5A5059E2h 0x00000079 test cl, cl 0x0000007b xor edi, 6B9E11F2h 0x00000081 cmp ecx, eax 0x00000083 xor edi, 064B1B42h 0x00000089 pushad 0x0000008a rdtsc |
| Source: C:\Users\user\AppData\Roaming\win.exe |
RDTSC instruction interceptor: First address: 0000000002B46004 second address: 0000000002B46004 instructions: |
| Source: C:\Users\user\AppData\Roaming\win.exe |
RDTSC instruction interceptor: First address: 00000000020A0153 second address: 00000000020A0297 instructions: 0x00000000 rdtsc 0x00000002 popad 0x00000003 jmp 00007F8D488E6046h 0x00000005 test dl, bl 0x00000007 mov dword ptr [ebp-29h], edi 0x0000000a mov edi, 0B6FB570h 0x0000000f sub edi, 3B5E49F8h 0x00000015 xor edi, 6B2CFFD1h 0x0000001b sub edi, BB3D91A9h 0x00000021 sub esp, edi 0x00000023 mov edi, dword ptr [ebp-29h] 0x00000026 jmp 00007F8D488E6042h 0x00000028 test cl, cl 0x0000002a jmp 00007F8D488E6042h 0x0000002c cld 0x0000002d jmp 00007F8D488E6042h 0x0000002f cmp edx, ebx 0x00000031 jmp 00007F8D488E6046h 0x00000033 test dl, bl 0x00000035 jmp 00007F8D488E6046h 0x00000037 test ch, bh 0x00000039 jmp 00007F8D488E6042h 0x0000003b cmp edx, edx 0x0000003d push ebp 0x0000003e jmp 00007F8D488E6046h 0x00000040 test ah, bh 0x00000042 jmp 00007F8D488E6042h 0x00000044 jmp 00007F8D488E6050h 0x00000046 mov ebp, esp 0x00000048 jmp 00007F8D488E6046h 0x0000004a cmp cl, cl 0x0000004c mov dword ptr [ebp+0000013Ch], 00000000h 0x00000056 jmp 00007F8D488E6046h 0x00000058 pushad 0x00000059 mov eax, 000000AEh 0x0000005e rdtsc |
| Source: C:\Users\user\AppData\Roaming\win.exe |
RDTSC instruction interceptor: First address: 00000000020A5F52 second address: 00000000020A6004 instructions: 0x00000000 rdtsc 0x00000002 lfence 0x00000005 shl edx, 20h 0x00000008 or edx, eax 0x0000000a popad 0x0000000b pushad 0x0000000c cmp dl, 0000005Fh 0x0000000f cmp dword ptr [ebp+0000013Ch], 00000000h 0x00000016 jne 00007F8D48A2841Bh 0x0000001c jmp 00007F8D48A28216h 0x0000001e test eax, eax 0x00000020 mov eax, 86EE1AF5h 0x00000025 test bl, bl 0x00000027 xor eax, BD4846E4h 0x0000002c xor eax, 21283749h 0x00000031 xor eax, 1A8E6E61h 0x00000036 cmp dx, cx 0x00000039 mov dword ptr [ebp+00000182h], edx 0x0000003f mov edx, 115ADCC7h 0x00000044 cmp edx, edx 0x00000046 test ebx, ecx 0x00000048 sub edx, D410C907h 0x0000004e xor edx, A788CB95h 0x00000054 jmp 00007F8D48A28216h 0x00000056 test cl, FFFFFF97h 0x00000059 xor edx, 9AC2D839h 0x0000005f push edx 0x00000060 cmp cl, bl 0x00000062 mov edx, dword ptr [ebp+00000182h] 0x00000068 mov dword ptr [ebp+00000177h], edi 0x0000006e mov edi, 5BE1273Ch 0x00000073 xor edi, 5A5059E2h 0x00000079 test cl, cl 0x0000007b xor edi, 6B9E11F2h 0x00000081 cmp ecx, eax 0x00000083 xor edi, 064B1B42h 0x00000089 pushad 0x0000008a rdtsc |
| Source: C:\Users\user\AppData\Roaming\win.exe |
RDTSC instruction interceptor: First address: 00000000020A6004 second address: 00000000020A6004 instructions: |
| Source: C:\Users\user\AppData\Roaming\win.exe |
RDTSC instruction interceptor: First address: 00000000021F8DD5 second address: 00000000021F8DD5 instructions: |
| Source: C:\Users\user\AppData\Roaming\win.exe |
RDTSC instruction interceptor: First address: 00000000021F5EBF second address: 00000000021F5EBF instructions: |
| Source: C:\Users\user\AppData\Roaming\win.exe |
RDTSC instruction interceptor: First address: 00000000021F7A03 second address: 00000000021F7A03 instructions: 0x00000000 rdtsc 0x00000002 mov eax, 00000001h 0x00000007 cpuid 0x00000009 popad 0x0000000a cmp bx, dx 0x0000000d jne 00007F8D48A28187h 0x0000000f push dword ptr [esp+04h] 0x00000013 jmp 00007F8D48A28212h 0x00000015 cmp al, cl 0x00000017 call 00007F8D48A2864Ch 0x0000001c cmp cl, bl 0x0000001e mov ebx, dword ptr [esp+04h] 0x00000022 xor ecx, ecx 0x00000024 test ecx, DBADF924h 0x0000002a add ecx, 02h 0x0000002d cmp word ptr [ebx+ecx], 0000h 0x00000032 jne 00007F8D48A281F8h 0x00000034 add ecx, 02h 0x00000037 cmp word ptr [ebx+ecx], 0000h 0x0000003c jne 00007F8D48A281F8h 0x0000003e add ecx, 02h 0x00000041 cmp word ptr [ebx+ecx], 0000h 0x00000046 jne 00007F8D48A281F8h 0x00000048 add ecx, 02h 0x0000004b cmp word ptr [ebx+ecx], 0000h 0x00000050 jne 00007F8D48A281F8h 0x00000052 add ecx, 02h 0x00000055 cmp word ptr [ebx+ecx], 0000h 0x0000005a jne 00007F8D48A281F8h 0x0000005c add ecx, 02h 0x0000005f cmp word ptr [ebx+ecx], 0000h 0x00000064 jne 00007F8D48A281F8h 0x00000066 add ecx, 02h 0x00000069 cmp word ptr [ebx+ecx], 0000h 0x0000006e jne 00007F8D48A281F8h 0x00000070 test dx, dx 0x00000073 retn 0004h 0x00000076 jmp 00007F8D48A28212h 0x00000078 cmp dl, cl 0x0000007a sub ecx, 02h 0x0000007d add eax, 02h 0x00000080 jmp 00007F8D48A28216h 0x00000082 cmp ax, 0000C33Eh 0x00000086 mov bx, word ptr [eax+ecx] 0x0000008a mov dx, word ptr [esi+ecx] 0x0000008e jmp 00007F8D48A28212h 0x00000090 pushad 0x00000091 rdtsc |
| Source: C:\Users\user\AppData\Roaming\win.exe |
RDTSC instruction interceptor: First address: 00000000021F59EB second address: 00000000021F59EB instructions: |
| Source: C:\Users\user\AppData\Roaming\win.exe |
RDTSC instruction interceptor: First address: 00000000021F559F second address: 00000000021F559F instructions: |
| Source: C:\Users\user\AppData\Roaming\win.exe |
RDTSC instruction interceptor: First address: 0000000000560153 second address: 0000000000560297 instructions: 0x00000000 rdtsc 0x00000002 popad 0x00000003 jmp 00007F8D488E6046h 0x00000005 test dl, bl 0x00000007 mov dword ptr [ebp-29h], edi 0x0000000a mov edi, 0B6FB570h 0x0000000f sub edi, 3B5E49F8h 0x00000015 xor edi, 6B2CFFD1h 0x0000001b sub edi, BB3D91A9h 0x00000021 sub esp, edi 0x00000023 mov edi, dword ptr [ebp-29h] 0x00000026 jmp 00007F8D488E6042h 0x00000028 test cl, cl 0x0000002a jmp 00007F8D488E6042h 0x0000002c cld 0x0000002d jmp 00007F8D488E6042h 0x0000002f cmp edx, ebx 0x00000031 jmp 00007F8D488E6046h 0x00000033 test dl, bl 0x00000035 jmp 00007F8D488E6046h 0x00000037 test ch, bh 0x00000039 jmp 00007F8D488E6042h 0x0000003b cmp edx, edx 0x0000003d push ebp 0x0000003e jmp 00007F8D488E6046h 0x00000040 test ah, bh 0x00000042 jmp 00007F8D488E6042h 0x00000044 jmp 00007F8D488E6050h 0x00000046 mov ebp, esp 0x00000048 jmp 00007F8D488E6046h 0x0000004a cmp cl, cl 0x0000004c mov dword ptr [ebp+0000013Ch], 00000000h 0x00000056 jmp 00007F8D488E6046h 0x00000058 pushad 0x00000059 mov eax, 000000AEh 0x0000005e rdtsc |
| Source: C:\Users\user\AppData\Roaming\win.exe |
RDTSC instruction interceptor: First address: 0000000002B48DD5 second address: 0000000002B48DD5 instructions: |
| Source: C:\Users\user\AppData\Roaming\win.exe |
RDTSC instruction interceptor: First address: 0000000002B45EBF second address: 0000000002B45EBF instructions: |
| Source: C:\Users\user\AppData\Roaming\win.exe |
RDTSC instruction interceptor: First address: 0000000002B47A03 second address: 0000000002B47A03 instructions: 0x00000000 rdtsc 0x00000002 mov eax, 00000001h 0x00000007 cpuid 0x00000009 popad 0x0000000a cmp bx, dx 0x0000000d jne 00007F8D48A28187h 0x0000000f push dword ptr [esp+04h] 0x00000013 jmp 00007F8D48A28212h 0x00000015 cmp al, cl 0x00000017 call 00007F8D48A2864Ch 0x0000001c cmp cl, bl 0x0000001e mov ebx, dword ptr [esp+04h] 0x00000022 xor ecx, ecx 0x00000024 test ecx, DBADF924h 0x0000002a add ecx, 02h 0x0000002d cmp word ptr [ebx+ecx], 0000h 0x00000032 jne 00007F8D48A281F8h 0x00000034 add ecx, 02h 0x00000037 cmp word ptr [ebx+ecx], 0000h 0x0000003c jne 00007F8D48A281F8h 0x0000003e add ecx, 02h 0x00000041 cmp word ptr [ebx+ecx], 0000h 0x00000046 jne 00007F8D48A281F8h 0x00000048 add ecx, 02h 0x0000004b cmp word ptr [ebx+ecx], 0000h 0x00000050 jne 00007F8D48A281F8h 0x00000052 add ecx, 02h 0x00000055 cmp word ptr [ebx+ecx], 0000h 0x0000005a jne 00007F8D48A281F8h 0x0000005c add ecx, 02h 0x0000005f cmp word ptr [ebx+ecx], 0000h 0x00000064 jne 00007F8D48A281F8h 0x00000066 add ecx, 02h 0x00000069 cmp word ptr [ebx+ecx], 0000h 0x0000006e jne 00007F8D48A281F8h 0x00000070 test dx, dx 0x00000073 retn 0004h 0x00000076 jmp 00007F8D48A28212h 0x00000078 cmp dl, cl 0x0000007a sub ecx, 02h 0x0000007d add eax, 02h 0x00000080 jmp 00007F8D48A28216h 0x00000082 cmp ax, 0000C33Eh 0x00000086 mov bx, word ptr [eax+ecx] 0x0000008a mov dx, word ptr [esi+ecx] 0x0000008e jmp 00007F8D48A28212h 0x00000090 pushad 0x00000091 rdtsc |
| Source: C:\Users\user\AppData\Roaming\win.exe |
RDTSC instruction interceptor: First address: 0000000002B459EB second address: 0000000002B459EB instructions: |
| Source: C:\Users\user\AppData\Roaming\win.exe |
RDTSC instruction interceptor: First address: 0000000002B4559F second address: 0000000002B4559F instructions: |
| Source: C:\Users\user\AppData\Roaming\win.exe |
RDTSC instruction interceptor: First address: 00000000020A8DD5 second address: 00000000020A8DD5 instructions: |
| Source: C:\Users\user\AppData\Roaming\win.exe |
RDTSC instruction interceptor: First address: 00000000020A5EBF second address: 00000000020A5EBF instructions: |
| Source: C:\Users\user\AppData\Roaming\win.exe |
RDTSC instruction interceptor: First address: 00000000020A7A03 second address: 00000000020A7A03 instructions: 0x00000000 rdtsc 0x00000002 mov eax, 00000001h 0x00000007 cpuid 0x00000009 popad 0x0000000a cmp bx, dx 0x0000000d jne 00007F8D48A28187h 0x0000000f push dword ptr [esp+04h] 0x00000013 jmp 00007F8D48A28212h 0x00000015 cmp al, cl 0x00000017 call 00007F8D48A2864Ch 0x0000001c cmp cl, bl 0x0000001e mov ebx, dword ptr [esp+04h] 0x00000022 xor ecx, ecx 0x00000024 test ecx, DBADF924h 0x0000002a add ecx, 02h 0x0000002d cmp word ptr [ebx+ecx], 0000h 0x00000032 jne 00007F8D48A281F8h 0x00000034 add ecx, 02h 0x00000037 cmp word ptr [ebx+ecx], 0000h 0x0000003c jne 00007F8D48A281F8h 0x0000003e add ecx, 02h 0x00000041 cmp word ptr [ebx+ecx], 0000h 0x00000046 jne 00007F8D48A281F8h 0x00000048 add ecx, 02h 0x0000004b cmp word ptr [ebx+ecx], 0000h 0x00000050 jne 00007F8D48A281F8h 0x00000052 add ecx, 02h 0x00000055 cmp word ptr [ebx+ecx], 0000h 0x0000005a jne 00007F8D48A281F8h 0x0000005c add ecx, 02h 0x0000005f cmp word ptr [ebx+ecx], 0000h 0x00000064 jne 00007F8D48A281F8h 0x00000066 add ecx, 02h 0x00000069 cmp word ptr [ebx+ecx], 0000h 0x0000006e jne 00007F8D48A281F8h 0x00000070 test dx, dx 0x00000073 retn 0004h 0x00000076 jmp 00007F8D48A28212h 0x00000078 cmp dl, cl 0x0000007a sub ecx, 02h 0x0000007d add eax, 02h 0x00000080 jmp 00007F8D48A28216h 0x00000082 cmp ax, 0000C33Eh 0x00000086 mov bx, word ptr [eax+ecx] 0x0000008a mov dx, word ptr [esi+ecx] 0x0000008e jmp 00007F8D48A28212h 0x00000090 pushad 0x00000091 rdtsc |
| Source: C:\Users\user\AppData\Roaming\win.exe |
RDTSC instruction interceptor: First address: 00000000020A59EB second address: 00000000020A59EB instructions: |
| Source: C:\Users\user\AppData\Roaming\win.exe |
RDTSC instruction interceptor: First address: 00000000020A559F second address: 00000000020A559F instructions: |
| Source: C:\Users\user\AppData\Roaming\win.exe |
RDTSC instruction interceptor: First address: 0000000000561732 second address: 0000000000561732 instructions: 0x00000000 rdtsc 0x00000002 mov eax, 00000001h 0x00000007 cpuid 0x00000009 popad 0x0000000a mov byte ptr [eax+ecx-01h], 0000005Eh 0x0000000f cmp cx, dx 0x00000012 xor byte ptr [eax+ecx-01h], 00000026h 0x00000017 xor byte ptr [eax+ecx-01h], 00000076h 0x0000001c cmp bl, 0000005Bh 0x0000001f add byte ptr [eax+ecx-01h], FFFFFFF2h 0x00000024 dec ecx 0x00000025 cmp ecx, 00000000h 0x00000028 jne 00007F8D48A281D7h 0x0000002a pushad 0x0000002b rdtsc |
| Source: C:\Users\user\AppData\Roaming\win.exe |
RDTSC instruction interceptor: First address: 0000000000561732 second address: 0000000000561732 instructions: 0x00000000 rdtsc 0x00000002 mov eax, 00000001h 0x00000007 cpuid 0x00000009 popad 0x0000000a mov byte ptr [eax+ecx-01h], 0000005Eh 0x0000000f cmp cx, dx 0x00000012 xor byte ptr [eax+ecx-01h], 00000026h 0x00000017 xor byte ptr [eax+ecx-01h], 00000076h 0x0000001c cmp bl, 0000005Bh 0x0000001f add byte ptr [eax+ecx-01h], FFFFFFF2h 0x00000024 dec ecx 0x00000025 cmp ecx, 00000000h 0x00000028 jne 00007F8D488E6007h 0x0000002a pushad 0x0000002b rdtsc |
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet