Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: RegAsm.exe, 00000010.00000002.5652953298.000000001DF51000.00000004.00000001.sdmp | String found in binary or memory: http://127.0.0.1:HTTP/1.1 |
Source: RegAsm.exe, 00000010.00000002.5652953298.000000001DF51000.00000004.00000001.sdmp | String found in binary or memory: http://DynDns.comDynDNS |
Source: RegAsm.exe, 00000010.00000002.5655252764.000000001E064000.00000004.00000001.sdmp | String found in binary or memory: http://crl.comodoca.com/AAACertificateServices.crl04 |
Source: RegAsm.exe, 00000010.00000002.5634097165.00000000012F0000.00000004.00000020.sdmp | String found in binary or memory: http://crl.comodoca.com/AAACertificateServices.crl06 |
Source: RegAsm.exe, 00000010.00000002.5655252764.000000001E064000.00000004.00000001.sdmp | String found in binary or memory: http://crl.comodoca.com/COMODORSACertificationAuthority.crl0q |
Source: RegAsm.exe, 00000010.00000002.5655252764.000000001E064000.00000004.00000001.sdmp | String found in binary or memory: http://crl.comodoca.com/cPanelIncCertificationAuthority.crl0 |
Source: RegAsm.exe, 00000010.00000002.5634097165.00000000012F0000.00000004.00000020.sdmp | String found in binary or memory: http://crl.globalsign.net/root-r2.crl0 |
Source: RegAsm.exe, 00000010.00000002.5652953298.000000001DF51000.00000004.00000001.sdmp, RegAsm.exe, 00000010.00000003.1969551904.0000000001381000.00000004.00000001.sdmp, RegAsm.exe, 00000010.00000002.5655175240.000000001E060000.00000004.00000001.sdmp, RegAsm.exe, 00000010.00000002.5655609885.000000001E08E000.00000004.00000001.sdmp | String found in binary or memory: http://isQqqrU1x3qSl4S.net |
Source: RegAsm.exe, 00000010.00000002.5655252764.000000001E064000.00000004.00000001.sdmp | String found in binary or memory: http://mail.reyesyasociados.com |
Source: RegAsm.exe, 00000010.00000002.5655252764.000000001E064000.00000004.00000001.sdmp | String found in binary or memory: http://ocsp.comodoca.com0 |
Source: RegAsm.exe, 00000010.00000002.5652953298.000000001DF51000.00000004.00000001.sdmp | String found in binary or memory: http://omoYjp.com |
Source: RegAsm.exe, 00000010.00000003.1053028532.0000000001334000.00000004.00000001.sdmp | String found in binary or memory: https://csp.withgoogle.com/csp/drive-explorer/ |
Source: RegAsm.exe, 00000010.00000002.5633250471.00000000012CE000.00000004.00000020.sdmp | String found in binary or memory: https://doc-0o-50-docs.googleusercontent.com/ |
Source: RegAsm.exe, 00000010.00000003.1057519355.000000000134A000.00000004.00000001.sdmp, RegAsm.exe, 00000010.00000003.1053028532.0000000001334000.00000004.00000001.sdmp | String found in binary or memory: https://doc-0o-50-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/hfb1eo2p |
Source: RegAsm.exe, 00000010.00000002.5631737424.0000000001288000.00000004.00000020.sdmp | String found in binary or memory: https://drive.google.com/ |
Source: RegAsm.exe, 00000010.00000002.5631737424.0000000001288000.00000004.00000020.sdmp | String found in binary or memory: https://drive.google.com/OxH |
Source: RegAsm.exe, 00000010.00000003.1056702167.00000000012FC000.00000004.00000001.sdmp | String found in binary or memory: https://drive.google.com/uc?export=download&id=13YjZJAZqkYRBpSLq3kNAObzs8kDFmm8g |
Source: RegAsm.exe, 00000010.00000003.1056702167.00000000012FC000.00000004.00000001.sdmp | String found in binary or memory: https://drive.google.com/uc?export=download&id=13YjZJAZqkYRBpSLq3kNAObzs8kDFmm8gE |
Source: RegAsm.exe, 00000010.00000002.5627003860.0000000000BF0000.00000004.00000001.sdmp | String found in binary or memory: https://drive.google.com/uc?export=download&id=13YjZJAZqkYRBpSLq3kNAObzs8kDFmm8gwininet.dllMozilla/5 |
Source: RegAsm.exe, 00000010.00000002.5631737424.0000000001288000.00000004.00000020.sdmp | String found in binary or memory: https://drive.google.com/uc?export=download&id=13YjZJAZqkYRBpSLq3kNAObzs8kDFmm8gzgV |
Source: RegAsm.exe, 00000010.00000002.5655252764.000000001E064000.00000004.00000001.sdmp | String found in binary or memory: https://sectigo.com/CPS0 |
Source: RegAsm.exe, 00000010.00000002.5652953298.000000001DF51000.00000004.00000001.sdmp | String found in binary or memory: https://www.theonionrouter.com/dist.torproject.org/torbrowser/9.5.3/tor-win32-0.4.3.6.zip%tordir%%ha |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Code function: 16_2_00E41130 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Code function: 16_2_00E43A50 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Code function: 16_2_00E4BA58 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Code function: 16_2_00E44320 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Code function: 16_2_00E4C7B8 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Code function: 16_2_00E43708 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Code function: 16_2_00E56AC8 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Code function: 16_2_00E50890 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Code function: 16_2_01157C90 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Code function: 16_2_0115BF78 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Code function: 16_2_0115AE68 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Code function: 16_2_01156518 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Code function: 16_2_01151D28 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Code function: 16_2_0115B710 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Code function: 16_2_011CB5B0 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Code function: 16_2_011CA1D0 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Code function: 16_2_011CE038 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Code function: 16_2_011C3C68 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Code function: 16_2_011CDA20 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Code function: 16_2_011C2AF0 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Code function: 16_2_011C89B8 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Code function: 16_2_011C7E48 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Code function: 16_2_1D395550 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Code function: 16_2_1D393588 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Code function: 16_2_1D390040 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Code function: 16_2_1D395F60 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Code function: 16_2_1D39A510 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Code function: 16_2_1D39003F |
Source: unknown | Process created: C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe 'C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe' |
Source: C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe | Process created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe 'C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe' |
Source: C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe | Process created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe 'C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe' |
Source: C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe | Process created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe 'C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe' |
Source: C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe | Process created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe 'C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe' |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 |
Source: C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe | Process created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe 'C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe' |
Source: C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe | Process created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe 'C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe' |
Source: C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe | Process created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe 'C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe' |
Source: C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe | Process created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe 'C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe' |
Source: C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe | Code function: 5_2_00405846 push edi; retf |
Source: C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe | Code function: 5_2_00405D7E push edx; iretd |
Source: C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe | Code function: 5_2_00402B90 push ebx; retf |
Source: C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe | Code function: 5_2_02254672 push ds; iretd |
Source: C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe | Code function: 5_2_022546F2 push ds; iretd |
Source: C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe | Code function: 5_2_022506CA push 00000060h; ret |
Source: C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe | Code function: 5_2_02256314 push eax; iretd |
Source: C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe | Code function: 5_2_022505C9 push ecx; retf |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Code function: 16_2_00E45EE9 push ebx; iretd |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Code function: 16_2_011CCE60 push 796C0114h; iretd |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Code function: 16_2_1D395500 push edi; iretd |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Code function: 16_2_1D394438 pushfd ; ret |
Source: C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe | File created: \zapytanie ofertowe (shelmo sp. z o.o. 09272021).exe |
Source: C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe | File created: \zapytanie ofertowe (shelmo sp. z o.o. 09272021).exe |
Source: C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe | File created: \zapytanie ofertowe (shelmo sp. z o.o. 09272021).exe |
Source: C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe | File created: \zapytanie ofertowe (shelmo sp. z o.o. 09272021).exe |
Source: C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe | File created: \zapytanie ofertowe (shelmo sp. z o.o. 09272021).exe |
Source: C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe | File created: \zapytanie ofertowe (shelmo sp. z o.o. 09272021).exe |
Source: C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe | File created: \zapytanie ofertowe (shelmo sp. z o.o. 09272021).exe |
Source: C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe | File created: \zapytanie ofertowe (shelmo sp. z o.o. 09272021).exe |
Source: C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\System32\conhost.exe | Process information set: NOOPENFILEERRORBOX |
Source: RegAsm.exe, 00000010.00000002.5634097165.00000000012F0000.00000004.00000020.sdmp | Binary or memory string: Hyper-V RAW< |
Source: RegAsm.exe, 00000010.00000002.5627003860.0000000000BF0000.00000004.00000001.sdmp | Binary or memory string: ntdllkernel32user32C:\Program Files\Qemu-ga\qemu-ga.exeC:\Program Files\qga\qga.exepsapi.dllMsi.dllPublishershell32advapi32USERPROFILE=https://drive.google.com/uc?export=download&id=13YjZJAZqkYRBpSLq3kNAObzs8kDFmm8gwininet.dllMozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko |
Source: RegAsm.exe, 00000010.00000002.5634097165.00000000012F0000.00000004.00000020.sdmp | Binary or memory string: Hyper-V RAW |
Source: Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe, 00000005.00000002.1080160955.0000000002270000.00000004.00000001.sdmp | Binary or memory string: ntdllkernel32user32C:\Program Files\Qemu-ga\qemu-ga.exeC:\Program Files\qga\qga.exepsapi.dllMsi.dllPublishershell32advapi32USERPROFILE=windir=\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe\syswow64\msvbvm60.dllwindir=\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe\syswow64\msvbvm60.dllwindir=\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe\syswow64\msvbvm60.dllwindir=\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe\syswow64\msvbvm60.dll |
Source: Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe, 00000005.00000002.1080160955.0000000002270000.00000004.00000001.sdmp, RegAsm.exe, 00000010.00000002.5627003860.0000000000BF0000.00000004.00000001.sdmp | Binary or memory string: C:\Program Files\Qemu-ga\qemu-ga.exe |
Source: RegAsm.exe, 00000010.00000002.5631737424.0000000001288000.00000004.00000020.sdmp | Binary or memory string: Hyper-V RAW@ |
Source: Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe, 00000005.00000002.1079503011.00000000005F4000.00000004.00000020.sdmp | Binary or memory string: \??\C:\Program Files\Qemu-ga\qemu-ga.exe |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Queries volume information: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe VolumeInformation |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformation |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll VolumeInformation |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll VolumeInformation |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll VolumeInformation |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll VolumeInformation |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll VolumeInformation |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll VolumeInformation |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll VolumeInformation |