Source: RICHIESTA DI OFFERTA.exe | Virustotal: Detection: 20% | Perma Link |
Source: RICHIESTA DI OFFERTA.exe | Static PE information: LOCAL_SYMS_STRIPPED, 32BIT_MACHINE, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, RELOCS_STRIPPED |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe | Process Stats: CPU usage > 98% |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe | Memory allocated: 76E20000 page execute and read and write |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe | Memory allocated: 76D20000 page execute and read and write |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe | Code function: 0_2_004092BC |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe | Code function: 0_2_01DCC329 |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe | Code function: 0_2_01DCC5DB |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe | Code function: 0_2_01DCC9C1 |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe | Code function: 0_2_01DCC567 |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe | Code function: 0_2_01DCC563 |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe | Code function: 0_2_01DCC90C |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe | Code function: 0_2_01DCDD07 |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe | Code function: 0_2_01DCDD3B |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe | Code function: 0_2_01DCC8CA |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe | Code function: 0_2_01DCDCC7 |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe | Code function: 0_2_01DCC816 |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe | Code function: 0_2_01DCE033 |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe | Code function: 0_2_01DCDB8F |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe | Code function: 0_2_01DCCF87 |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe | Code function: 0_2_01DCDBBF |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe | Code function: 0_2_01DCC7B8 |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe | Code function: 0_2_01DCDB55 |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe | Code function: 0_2_01DCCB72 |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe | Code function: 0_2_01DCCB63 |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe | Code function: 0_2_01DCDF14 |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe | Code function: 0_2_01DCCAD7 |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe | Code function: 0_2_01DCCEE6 |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe | Code function: 0_2_01DCC6B4 |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe | Code function: 0_2_01DCCEAA |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe | Code function: 0_2_01DCC665 |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe | Code function: 0_2_01DCDE3B |
Source: RICHIESTA DI OFFERTA.exe | Static PE information: Resource name: RT_ICON type: GLS_BINARY_LSB_FIRST |
Source: RICHIESTA DI OFFERTA.exe | Static PE information: Resource name: RT_ICON type: GLS_BINARY_LSB_FIRST |
Source: RICHIESTA DI OFFERTA.exe, 00000000.00000002.2202591011.0000000000435000.00000002.00020000.sdmp | Binary or memory string: OriginalFilenameIndtr8.exe vs RICHIESTA DI OFFERTA.exe |
Source: RICHIESTA DI OFFERTA.exe, 00000000.00000002.2202689070.00000000004C0000.00000008.00000001.sdmp | Binary or memory string: OriginalFilenameuser32j% vs RICHIESTA DI OFFERTA.exe |
Source: RICHIESTA DI OFFERTA.exe | Binary or memory string: OriginalFilenameIndtr8.exe vs RICHIESTA DI OFFERTA.exe |
Source: RICHIESTA DI OFFERTA.exe | Static PE information: LOCAL_SYMS_STRIPPED, 32BIT_MACHINE, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, RELOCS_STRIPPED |
Source: classification engine | Classification label: mal56.evad.winEXE@1/0@0/0 |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe | File created: C:\Users\user\AppData\Local\Temp\~DF92EF296CBEA58232.TMP | Jump to behavior |
Source: RICHIESTA DI OFFERTA.exe | Static PE information: Section: .text IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_READ |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe | Section loaded: C:\Windows\SysWOW64\msvbvm60.dll |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe | Key opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers |
Source: RICHIESTA DI OFFERTA.exe | Virustotal: Detection: 20% |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe | Code function: 0_2_0040C06E push 00000000h; retf |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe | Code function: 0_2_00406625 push ebp; iretd |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe | Code function: 0_2_01DCD1CB push FFFFFFB9h; retf |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe | Code function: 0_2_01DCD1F3 push FFFFFFB9h; retf |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe | Code function: 0_2_01DCE73F push edi; ret |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe | RDTSC instruction interceptor: First address: 0000000001DCE352 second address: 0000000001DCE352 instructions: |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe | RDTSC instruction interceptor: First address: 0000000001DCE352 second address: 0000000001DCE352 instructions: |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe | Code function: 0_2_01DCC5DB rdtsc |
Source: all processes | Thread injection, dropped files, key value created, disk infection and DNS query: no activity detected |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe | Code function: 0_2_01DCC5DB rdtsc |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe | Code function: 0_2_01DCC5DB mov eax, dword ptr fs:[00000030h] |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe | Code function: 0_2_01DCC567 mov eax, dword ptr fs:[00000030h] |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe | Code function: 0_2_01DCC563 mov eax, dword ptr fs:[00000030h] |
Source: all processes | Thread injection, dropped files, key value created, disk infection and DNS query: no activity detected |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe | Code function: 0_2_01DCCD39 cpuid |
Source: C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe | Key value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuid |
Thumbnails
This section contains all screenshots as thumbnails, including those not shown in the slideshow.