Source: icudt63.dll.txt |
Static PE information: 32BIT_MACHINE, EXECUTABLE_IMAGE, DLL |
Source: icudt63.dll.txt |
Static PE information: NO_SEH, DYNAMIC_BASE, NX_COMPAT |
Source: icudt63.dll.txt |
String found in binary or memory: http://www.unicode.org/copyright.html |
Source: icudt63.dll.txt |
Static PE information: invalid certificate |
Source: icudt63.dll.txt |
Static PE information: No import functions for PE file found |
Source: icudt63.dll.txt |
Static PE information: 32BIT_MACHINE, EXECUTABLE_IMAGE, DLL |
Source: classification engine |
Classification label: clean2.winTXT@1/0@0/0 |
Source: C:\Windows\System32\notepad.exe |
Key opened: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers |
Jump to behavior |
Source: C:\Windows\System32\notepad.exe |
Key value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11659a23-5884-4d1b-9cf6-67d6f4f90b36}\InProcServer32 |
Jump to behavior |
Source: icudt63.dll.txt |
Static file information: File size 27192000 > 1048576 |
Source: icudt63.dll.txt |
Static PE information: Raw size of .rdata is bigger than: 0x100000 < 0x19ebe00 |
Source: icudt63.dll.txt |
Static PE information: NO_SEH, DYNAMIC_BASE, NX_COMPAT |
Source: icudt63.dll.txt |
Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG |
Source: icudt63.dll.txt |
Static PE information: real checksum: 0x19fc019 should be: |
Source: notepad.exe, 00000000.00000002.464528916.0000022867890000.00000002.00000001.sdmp |
Binary or memory string: Program Manager |
Source: notepad.exe, 00000000.00000002.464528916.0000022867890000.00000002.00000001.sdmp |
Binary or memory string: Shell_TrayWnd |
Source: notepad.exe, 00000000.00000002.464528916.0000022867890000.00000002.00000001.sdmp |
Binary or memory string: Progman |
Source: notepad.exe, 00000000.00000002.464528916.0000022867890000.00000002.00000001.sdmp |
Binary or memory string: Progmanlock |
Source: C:\Windows\System32\notepad.exe |
Queries volume information: C:\Users\user\Desktop\icudt63.dll.txt VolumeInformation |
Jump to behavior |