Source: RICHIESTA DI OFFERTA.exe |
Virustotal: Detection: 20% |
Perma Link |
Source: RICHIESTA DI OFFERTA.exe |
Static PE information: LOCAL_SYMS_STRIPPED, 32BIT_MACHINE, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, RELOCS_STRIPPED |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe |
Process Stats: CPU usage > 98% |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe |
Memory allocated: 76E20000 page execute and read and write |
Jump to behavior |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe |
Memory allocated: 76D20000 page execute and read and write |
Jump to behavior |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe |
Code function: 0_2_004092BC |
0_2_004092BC |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe |
Code function: 0_2_01DCC329 |
0_2_01DCC329 |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe |
Code function: 0_2_01DCC5DB |
0_2_01DCC5DB |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe |
Code function: 0_2_01DCC9C1 |
0_2_01DCC9C1 |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe |
Code function: 0_2_01DCC567 |
0_2_01DCC567 |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe |
Code function: 0_2_01DCC563 |
0_2_01DCC563 |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe |
Code function: 0_2_01DCC90C |
0_2_01DCC90C |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe |
Code function: 0_2_01DCDD07 |
0_2_01DCDD07 |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe |
Code function: 0_2_01DCDD3B |
0_2_01DCDD3B |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe |
Code function: 0_2_01DCC8CA |
0_2_01DCC8CA |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe |
Code function: 0_2_01DCDCC7 |
0_2_01DCDCC7 |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe |
Code function: 0_2_01DCC816 |
0_2_01DCC816 |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe |
Code function: 0_2_01DCE033 |
0_2_01DCE033 |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe |
Code function: 0_2_01DCDB8F |
0_2_01DCDB8F |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe |
Code function: 0_2_01DCCF87 |
0_2_01DCCF87 |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe |
Code function: 0_2_01DCDBBF |
0_2_01DCDBBF |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe |
Code function: 0_2_01DCC7B8 |
0_2_01DCC7B8 |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe |
Code function: 0_2_01DCDB55 |
0_2_01DCDB55 |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe |
Code function: 0_2_01DCCB72 |
0_2_01DCCB72 |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe |
Code function: 0_2_01DCCB63 |
0_2_01DCCB63 |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe |
Code function: 0_2_01DCDF14 |
0_2_01DCDF14 |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe |
Code function: 0_2_01DCCAD7 |
0_2_01DCCAD7 |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe |
Code function: 0_2_01DCCEE6 |
0_2_01DCCEE6 |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe |
Code function: 0_2_01DCC6B4 |
0_2_01DCC6B4 |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe |
Code function: 0_2_01DCCEAA |
0_2_01DCCEAA |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe |
Code function: 0_2_01DCC665 |
0_2_01DCC665 |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe |
Code function: 0_2_01DCDE3B |
0_2_01DCDE3B |
Source: RICHIESTA DI OFFERTA.exe |
Static PE information: Resource name: RT_ICON type: GLS_BINARY_LSB_FIRST |
Source: RICHIESTA DI OFFERTA.exe |
Static PE information: Resource name: RT_ICON type: GLS_BINARY_LSB_FIRST |
Source: RICHIESTA DI OFFERTA.exe, 00000000.00000002.2202591011.0000000000435000.00000002.00020000.sdmp |
Binary or memory string: OriginalFilenameIndtr8.exe vs RICHIESTA DI OFFERTA.exe |
Source: RICHIESTA DI OFFERTA.exe, 00000000.00000002.2202689070.00000000004C0000.00000008.00000001.sdmp |
Binary or memory string: OriginalFilenameuser32j% vs RICHIESTA DI OFFERTA.exe |
Source: RICHIESTA DI OFFERTA.exe |
Binary or memory string: OriginalFilenameIndtr8.exe vs RICHIESTA DI OFFERTA.exe |
Source: RICHIESTA DI OFFERTA.exe |
Static PE information: LOCAL_SYMS_STRIPPED, 32BIT_MACHINE, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, RELOCS_STRIPPED |
Source: classification engine |
Classification label: mal56.evad.winEXE@1/0@0/0 |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe |
File created: C:\Users\user\AppData\Local\Temp\~DF92EF296CBEA58232.TMP |
Jump to behavior |
Source: RICHIESTA DI OFFERTA.exe |
Static PE information: Section: .text IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_READ |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe |
Section loaded: C:\Windows\SysWOW64\msvbvm60.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe |
Key opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers |
Jump to behavior |
Source: RICHIESTA DI OFFERTA.exe |
Virustotal: Detection: 20% |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe |
Code function: 0_2_0040C06E push 00000000h; retf |
0_2_0040C0B0 |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe |
Code function: 0_2_00406625 push ebp; iretd |
0_2_0040662F |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe |
Code function: 0_2_01DCD1CB push FFFFFFB9h; retf |
0_2_01DCD1CD |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe |
Code function: 0_2_01DCD1F3 push FFFFFFB9h; retf |
0_2_01DCD1F5 |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe |
Code function: 0_2_01DCE73F push edi; ret |
0_2_01DCE741 |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe |
RDTSC instruction interceptor: First address: 0000000001DCE352 second address: 0000000001DCE352 instructions: |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe |
RDTSC instruction interceptor: First address: 0000000001DCE352 second address: 0000000001DCE352 instructions: |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe |
Code function: 0_2_01DCC5DB rdtsc |
0_2_01DCC5DB |
Source: all processes |
Thread injection, dropped files, key value created, disk infection and DNS query: no activity detected |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe |
Code function: 0_2_01DCC5DB rdtsc |
0_2_01DCC5DB |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe |
Code function: 0_2_01DCC5DB mov eax, dword ptr fs:[00000030h] |
0_2_01DCC5DB |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe |
Code function: 0_2_01DCC567 mov eax, dword ptr fs:[00000030h] |
0_2_01DCC567 |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe |
Code function: 0_2_01DCC563 mov eax, dword ptr fs:[00000030h] |
0_2_01DCC563 |
Source: all processes |
Thread injection, dropped files, key value created, disk infection and DNS query: no activity detected |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe |
Code function: 0_2_01DCCD39 cpuid |
0_2_01DCCD39 |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe |
Key value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuid |
Jump to behavior |