Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_0000000140034870 | 0_2_0000000140034870 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_0000000140035270 | 0_2_0000000140035270 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_0000000140048AC0 | 0_2_0000000140048AC0 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_000000014005C340 | 0_2_000000014005C340 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_0000000140065B80 | 0_2_0000000140065B80 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_000000014006A4B0 | 0_2_000000014006A4B0 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_00000001400524B0 | 0_2_00000001400524B0 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_0000000140026CC0 | 0_2_0000000140026CC0 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_000000014004BD40 | 0_2_000000014004BD40 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_00000001400495B0 | 0_2_00000001400495B0 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_0000000140036F30 | 0_2_0000000140036F30 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_0000000140069010 | 0_2_0000000140069010 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_0000000140001010 | 0_2_0000000140001010 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_0000000140066020 | 0_2_0000000140066020 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_000000014002F840 | 0_2_000000014002F840 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_000000014005D850 | 0_2_000000014005D850 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_0000000140064080 | 0_2_0000000140064080 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_0000000140010880 | 0_2_0000000140010880 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_00000001400688A0 | 0_2_00000001400688A0 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_000000014002D0D0 | 0_2_000000014002D0D0 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_00000001400018D0 | 0_2_00000001400018D0 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_0000000140016100 | 0_2_0000000140016100 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_000000014001D100 | 0_2_000000014001D100 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_000000014002A110 | 0_2_000000014002A110 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_000000014001D910 | 0_2_000000014001D910 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_0000000140015120 | 0_2_0000000140015120 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_000000014000B120 | 0_2_000000014000B120 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_000000014004F940 | 0_2_000000014004F940 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_0000000140039140 | 0_2_0000000140039140 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_0000000140023140 | 0_2_0000000140023140 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_0000000140057950 | 0_2_0000000140057950 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_000000014001E170 | 0_2_000000014001E170 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_0000000140002980 | 0_2_0000000140002980 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_00000001400611A0 | 0_2_00000001400611A0 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_00000001400389A0 | 0_2_00000001400389A0 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_00000001400381A0 | 0_2_00000001400381A0 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_000000014002E1B0 | 0_2_000000014002E1B0 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_00000001400139D0 | 0_2_00000001400139D0 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_00000001400319F0 | 0_2_00000001400319F0 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_000000014002EA00 | 0_2_000000014002EA00 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_0000000140022A00 | 0_2_0000000140022A00 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_000000014003B220 | 0_2_000000014003B220 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_0000000140067A40 | 0_2_0000000140067A40 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_0000000140069A50 | 0_2_0000000140069A50 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_0000000140007A60 | 0_2_0000000140007A60 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_000000014003AAC0 | 0_2_000000014003AAC0 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_000000014003A2E0 | 0_2_000000014003A2E0 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_0000000140062B00 | 0_2_0000000140062B00 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_0000000140018300 | 0_2_0000000140018300 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_000000014002FB20 | 0_2_000000014002FB20 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_0000000140031340 | 0_2_0000000140031340 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_0000000140022340 | 0_2_0000000140022340 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_0000000140017B40 | 0_2_0000000140017B40 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_000000014000BB40 | 0_2_000000014000BB40 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_000000014004EB60 | 0_2_000000014004EB60 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_0000000140005370 | 0_2_0000000140005370 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_000000014002CB80 | 0_2_000000014002CB80 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_000000014006B390 | 0_2_000000014006B390 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_0000000140054BA0 | 0_2_0000000140054BA0 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_0000000140033BB0 | 0_2_0000000140033BB0 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_00000001400263C0 | 0_2_00000001400263C0 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_00000001400123C0 | 0_2_00000001400123C0 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_0000000140063BD0 | 0_2_0000000140063BD0 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_00000001400663F0 | 0_2_00000001400663F0 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_0000000140023BF0 | 0_2_0000000140023BF0 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_000000014006B41B | 0_2_000000014006B41B |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_000000014006B424 | 0_2_000000014006B424 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_000000014006B42D | 0_2_000000014006B42D |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_000000014006B436 | 0_2_000000014006B436 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_000000014006B43D | 0_2_000000014006B43D |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_0000000140024440 | 0_2_0000000140024440 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_0000000140005C40 | 0_2_0000000140005C40 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_000000014006B446 | 0_2_000000014006B446 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_000000014005F490 | 0_2_000000014005F490 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_0000000140022D00 | 0_2_0000000140022D00 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_0000000140035520 | 0_2_0000000140035520 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_0000000140019D20 | 0_2_0000000140019D20 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_0000000140030530 | 0_2_0000000140030530 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_0000000140023530 | 0_2_0000000140023530 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_0000000140031540 | 0_2_0000000140031540 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_0000000140033540 | 0_2_0000000140033540 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_000000014007BD50 | 0_2_000000014007BD50 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_0000000140078570 | 0_2_0000000140078570 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_0000000140019580 | 0_2_0000000140019580 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_00000001400205A0 | 0_2_00000001400205A0 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_0000000140025DB0 | 0_2_0000000140025DB0 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_0000000140071DC0 | 0_2_0000000140071DC0 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_000000014000C5C0 | 0_2_000000014000C5C0 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_000000014002DDE0 | 0_2_000000014002DDE0 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_0000000140031DF0 | 0_2_0000000140031DF0 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_000000014000DDF0 | 0_2_000000014000DDF0 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_0000000140001620 | 0_2_0000000140001620 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_0000000140018630 | 0_2_0000000140018630 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_0000000140032650 | 0_2_0000000140032650 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_0000000140064E80 | 0_2_0000000140064E80 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_0000000140016E80 | 0_2_0000000140016E80 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_0000000140007EA0 | 0_2_0000000140007EA0 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_00000001400286B0 | 0_2_00000001400286B0 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_0000000140006EB0 | 0_2_0000000140006EB0 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_00000001400276C0 | 0_2_00000001400276C0 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_000000014002FEC0 | 0_2_000000014002FEC0 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_000000014002EED0 | 0_2_000000014002EED0 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_000000014002B6E0 | 0_2_000000014002B6E0 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_0000000140053F20 | 0_2_0000000140053F20 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_0000000140022730 | 0_2_0000000140022730 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_0000000140029780 | 0_2_0000000140029780 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_0000000140018F80 | 0_2_0000000140018F80 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_000000014003EFB0 | 0_2_000000014003EFB0 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_00000001400067B0 | 0_2_00000001400067B0 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_00000001400667D0 | 0_2_00000001400667D0 |
Source: C:\Windows\System32\loaddll64.exe | Code function: 0_2_0000000140060FE0 | 0_2_0000000140060FE0 |
Source: C:\Users\user\AppData\Local\KXZtu\SndVol.exe | Code function: 17_2_00007FF6249BA5C8 | 17_2_00007FF6249BA5C8 |
Source: C:\Users\user\AppData\Local\KXZtu\SndVol.exe | Code function: 17_2_00007FF6249B6218 | 17_2_00007FF6249B6218 |
Source: C:\Users\user\AppData\Local\KXZtu\SndVol.exe | Code function: 17_2_00007FF6249BA1A0 | 17_2_00007FF6249BA1A0 |
Source: C:\Users\user\AppData\Local\KXZtu\SndVol.exe | Code function: 17_2_00007FF6249C3718 | 17_2_00007FF6249C3718 |
Source: C:\Users\user\AppData\Local\KXZtu\SndVol.exe | Code function: 17_2_00007FF6249B8310 | 17_2_00007FF6249B8310 |
Source: C:\Users\user\AppData\Local\KXZtu\SndVol.exe | Code function: 17_2_00007FF6249C4F10 | 17_2_00007FF6249C4F10 |
Source: C:\Users\user\AppData\Local\KXZtu\SndVol.exe | Code function: 17_2_00007FF6249C2BD8 | 17_2_00007FF6249C2BD8 |
Source: C:\Users\user\AppData\Local\KXZtu\SndVol.exe | Code function: 17_2_00007FF6249C03A0 | 17_2_00007FF6249C03A0 |
Source: C:\Users\user\AppData\Local\KXZtu\SndVol.exe | Code function: 17_2_00007FF6249B44E8 | 17_2_00007FF6249B44E8 |
Source: C:\Users\user\AppData\Local\KXZtu\SndVol.exe | Code function: 17_2_00007FF6249CC4D0 | 17_2_00007FF6249CC4D0 |
Source: C:\Users\user\AppData\Local\KXZtu\SndVol.exe | Code function: 17_2_00007FF6249B3514 | 17_2_00007FF6249B3514 |
Source: C:\Users\user\AppData\Local\KXZtu\SndVol.exe | Code function: 17_2_00007FF6249C0CA8 | 17_2_00007FF6249C0CA8 |
Source: C:\Users\user\AppData\Local\KXZtu\SndVol.exe | Code function: 17_2_00007FF6249B3080 | 17_2_00007FF6249B3080 |
Source: C:\Users\user\AppData\Local\KXZtu\SndVol.exe | Code function: 17_2_00007FF6249CB088 | 17_2_00007FF6249CB088 |
Source: C:\Users\user\AppData\Local\mlAKVTuFf\bdeunlock.exe | Code function: 20_2_00007FF68D872EF4 | 20_2_00007FF68D872EF4 |
Source: C:\Users\user\AppData\Local\mlAKVTuFf\bdeunlock.exe | Code function: 20_2_00007FF68D888850 | 20_2_00007FF68D888850 |
Source: C:\Users\user\AppData\Local\mlAKVTuFf\bdeunlock.exe | Code function: 20_2_00007FF68D888E2C | 20_2_00007FF68D888E2C |
Source: C:\Users\user\AppData\Local\mlAKVTuFf\bdeunlock.exe | Code function: 20_2_00007FF68D87139C | 20_2_00007FF68D87139C |
Source: C:\Users\user\AppData\Local\cZk0IMu\GamePanel.exe | Code function: 30_2_00007FF71BB4BD14 | 30_2_00007FF71BB4BD14 |
Source: C:\Users\user\AppData\Local\cZk0IMu\GamePanel.exe | Code function: 30_2_00007FF71BB6FC59 | 30_2_00007FF71BB6FC59 |
Source: C:\Users\user\AppData\Local\cZk0IMu\GamePanel.exe | Code function: 30_2_00007FF71BAFDC44 | 30_2_00007FF71BAFDC44 |
Source: C:\Users\user\AppData\Local\cZk0IMu\GamePanel.exe | Code function: 30_2_00007FF71BB6DB6C | 30_2_00007FF71BB6DB6C |
Source: C:\Users\user\AppData\Local\cZk0IMu\GamePanel.exe | Code function: 30_2_00007FF71BB31AD4 | 30_2_00007FF71BB31AD4 |
Source: C:\Users\user\AppData\Local\cZk0IMu\GamePanel.exe | Code function: 30_2_00007FF71BB57A20 | 30_2_00007FF71BB57A20 |
Source: C:\Users\user\AppData\Local\cZk0IMu\GamePanel.exe | Code function: 30_2_00007FF71BB37A00 | 30_2_00007FF71BB37A00 |
Source: C:\Users\user\AppData\Local\cZk0IMu\GamePanel.exe | Code function: 30_2_00007FF71BACB928 | 30_2_00007FF71BACB928 |
Source: C:\Users\user\AppData\Local\cZk0IMu\GamePanel.exe | Code function: 30_2_00007FF71BB4F920 | 30_2_00007FF71BB4F920 |
Source: C:\Users\user\AppData\Local\cZk0IMu\GamePanel.exe | Code function: 30_2_00007FF71BACA058 | 30_2_00007FF71BACA058 |
Source: C:\Users\user\AppData\Local\cZk0IMu\GamePanel.exe | Code function: 30_2_00007FF71BB6BFEC | 30_2_00007FF71BB6BFEC |
Source: C:\Users\user\AppData\Local\cZk0IMu\GamePanel.exe | Code function: 30_2_00007FF71BB5BF88 | 30_2_00007FF71BB5BF88 |
Source: C:\Users\user\AppData\Local\cZk0IMu\GamePanel.exe | Code function: 30_2_00007FF71BB35F08 | 30_2_00007FF71BB35F08 |
Source: C:\Users\user\AppData\Local\cZk0IMu\GamePanel.exe | Code function: 30_2_00007FF71BB2BE58 | 30_2_00007FF71BB2BE58 |
Source: C:\Users\user\AppData\Local\cZk0IMu\GamePanel.exe | Code function: 30_2_00007FF71BAC3D38 | 30_2_00007FF71BAC3D38 |
Source: C:\Users\user\AppData\Local\cZk0IMu\GamePanel.exe | Code function: 30_2_00007FF71BB67460 | 30_2_00007FF71BB67460 |
Source: C:\Users\user\AppData\Local\cZk0IMu\GamePanel.exe | Code function: 30_2_00007FF71BB19484 | 30_2_00007FF71BB19484 |
Source: C:\Users\user\AppData\Local\cZk0IMu\GamePanel.exe | Code function: 30_2_00007FF71BB2B454 | 30_2_00007FF71BB2B454 |
Source: C:\Users\user\AppData\Local\cZk0IMu\GamePanel.exe | Code function: 30_2_00007FF71BB5137C | 30_2_00007FF71BB5137C |
Source: C:\Users\user\AppData\Local\cZk0IMu\GamePanel.exe | Code function: 30_2_00007FF71BAF72C8 | 30_2_00007FF71BAF72C8 |
Source: C:\Users\user\AppData\Local\cZk0IMu\GamePanel.exe | Code function: 30_2_00007FF71BB3B26C | 30_2_00007FF71BB3B26C |
Source: C:\Users\user\AppData\Local\cZk0IMu\GamePanel.exe | Code function: 30_2_00007FF71BAF3260 | 30_2_00007FF71BAF3260 |
Source: C:\Users\user\AppData\Local\cZk0IMu\GamePanel.exe | Code function: 30_2_00007FF71BB55190 | 30_2_00007FF71BB55190 |
Source: C:\Users\user\AppData\Local\cZk0IMu\GamePanel.exe | Code function: 30_2_00007FF71BB4B124 | 30_2_00007FF71BB4B124 |
Source: C:\Users\user\AppData\Local\cZk0IMu\GamePanel.exe | Code function: 30_2_00007FF71BB5B14C | 30_2_00007FF71BB5B14C |
Source: C:\Users\user\AppData\Local\cZk0IMu\GamePanel.exe | Code function: 30_2_00007FF71BB6D7A2 | 30_2_00007FF71BB6D7A2 |
Source: C:\Users\user\AppData\Local\cZk0IMu\GamePanel.exe | Code function: 30_2_00007FF71BB5D788 | 30_2_00007FF71BB5D788 |
Source: C:\Users\user\AppData\Local\cZk0IMu\GamePanel.exe | Code function: 30_2_00007FF71BB2D6B0 | 30_2_00007FF71BB2D6B0 |
Source: C:\Users\user\AppData\Local\cZk0IMu\GamePanel.exe | Code function: 30_2_00007FF71BB2CCFC | 30_2_00007FF71BB2CCFC |
Source: C:\Users\user\AppData\Local\cZk0IMu\GamePanel.exe | Code function: 30_2_00007FF71BAFED00 | 30_2_00007FF71BAFED00 |
Source: C:\Users\user\AppData\Local\cZk0IMu\GamePanel.exe | Code function: 30_2_00007FF71BAE4CDC | 30_2_00007FF71BAE4CDC |
Source: C:\Users\user\AppData\Local\cZk0IMu\GamePanel.exe | Code function: 30_2_00007FF71BB50C44 | 30_2_00007FF71BB50C44 |
Source: C:\Users\user\AppData\Local\cZk0IMu\GamePanel.exe | Code function: 30_2_00007FF71BB289F4 | 30_2_00007FF71BB289F4 |
Source: C:\Users\user\AppData\Local\cZk0IMu\GamePanel.exe | Code function: 30_2_00007FF71BB5A998 | 30_2_00007FF71BB5A998 |
Source: C:\Users\user\AppData\Local\cZk0IMu\GamePanel.exe | Code function: 30_2_00007FF71BB16948 | 30_2_00007FF71BB16948 |
Source: C:\Users\user\AppData\Local\2oEy\tcmsetup.exe | Code function: 33_2_00007FF6E3311A38 | 33_2_00007FF6E3311A38 |
Source: C:\Users\user\AppData\Local\NakOm\wscript.exe | Code function: 36_2_00007FF68AF21C9C | 36_2_00007FF68AF21C9C |
Source: C:\Users\user\AppData\Local\NakOm\wscript.exe | Code function: 36_2_00007FF68AF214A0 | 36_2_00007FF68AF214A0 |
Source: C:\Users\user\AppData\Local\NakOm\wscript.exe | Code function: 36_2_00007FF68AF134D8 | 36_2_00007FF68AF134D8 |
Source: C:\Users\user\AppData\Local\NakOm\wscript.exe | Code function: 36_2_00007FF68AF18348 | 36_2_00007FF68AF18348 |
Source: C:\Users\user\AppData\Local\NakOm\wscript.exe | Code function: 36_2_00007FF68AF21F68 | 36_2_00007FF68AF21F68 |
Source: C:\Users\user\AppData\Local\NakOm\wscript.exe | Code function: 36_2_00007FF68AF2340C | 36_2_00007FF68AF2340C |
Source: C:\Users\user\AppData\Local\NakOm\wscript.exe | Code function: 36_2_00007FF68AF1AE8C | 36_2_00007FF68AF1AE8C |
Source: C:\Users\user\AppData\Local\NakOm\wscript.exe | Code function: 36_2_00007FF68AF20A94 | 36_2_00007FF68AF20A94 |
Source: C:\Users\user\AppData\Local\NakOm\wscript.exe | Code function: 36_2_00007FF68AF17B1C | 36_2_00007FF68AF17B1C |
Source: C:\Users\user\AppData\Local\NakOm\wscript.exe | Code function: 36_2_00007FF68AF16954 | 36_2_00007FF68AF16954 |
Source: C:\Users\user\AppData\Local\NakOm\wscript.exe | Code function: 36_2_00007FF68AF191AC | 36_2_00007FF68AF191AC |
Source: C:\Users\user\AppData\Local\NakOm\wscript.exe | Code function: 36_2_00007FF68AF221C4 | 36_2_00007FF68AF221C4 |
Source: C:\Users\user\AppData\Local\NakOm\wscript.exe | Code function: 36_2_00007FF68AF15A34 | 36_2_00007FF68AF15A34 |
Source: C:\Users\user\AppData\Local\NakOm\wscript.exe | Code function: 36_2_00007FF68AF21A34 | 36_2_00007FF68AF21A34 |
Source: C:\Users\user\AppData\Local\Uh9eo\BitLockerWizardElev.exe | Code function: 38_2_00007FF6173E1098 | 38_2_00007FF6173E1098 |
Source: C:\Users\user\AppData\Local\mFxP\upfc.exe | Code function: 40_2_00007FF7299C0C98 | 40_2_00007FF7299C0C98 |
Source: C:\Users\user\AppData\Local\mFxP\upfc.exe | Code function: 40_2_00007FF7299B3320 | 40_2_00007FF7299B3320 |
Source: unknown | Process created: C:\Windows\System32\loaddll64.exe loaddll64.exe 'C:\Users\user\Desktop\Y7KrNvSxWx.dll' | |
Source: C:\Windows\System32\loaddll64.exe | Process created: C:\Windows\System32\cmd.exe cmd.exe /C rundll32.exe 'C:\Users\user\Desktop\Y7KrNvSxWx.dll',#1 | |
Source: C:\Windows\System32\loaddll64.exe | Process created: C:\Windows\System32\rundll32.exe rundll32.exe C:\Users\user\Desktop\Y7KrNvSxWx.dll,CloseDriver | |
Source: C:\Windows\System32\cmd.exe | Process created: C:\Windows\System32\rundll32.exe rundll32.exe 'C:\Users\user\Desktop\Y7KrNvSxWx.dll',#1 | |
Source: C:\Windows\System32\loaddll64.exe | Process created: C:\Windows\System32\rundll32.exe rundll32.exe C:\Users\user\Desktop\Y7KrNvSxWx.dll,DefDriverProc | |
Source: C:\Windows\System32\loaddll64.exe | Process created: C:\Windows\System32\rundll32.exe rundll32.exe C:\Users\user\Desktop\Y7KrNvSxWx.dll,DriverCallback | |
Source: C:\Windows\explorer.exe | Process created: C:\Windows\System32\SndVol.exe C:\Windows\system32\SndVol.exe | |
Source: C:\Windows\explorer.exe | Process created: C:\Users\user\AppData\Local\KXZtu\SndVol.exe C:\Users\user\AppData\Local\KXZtu\SndVol.exe | |
Source: C:\Windows\explorer.exe | Process created: C:\Windows\System32\bdeunlock.exe C:\Windows\system32\bdeunlock.exe | |
Source: C:\Windows\explorer.exe | Process created: C:\Users\user\AppData\Local\mlAKVTuFf\bdeunlock.exe C:\Users\user\AppData\Local\mlAKVTuFf\bdeunlock.exe | |
Source: C:\Windows\explorer.exe | Process created: C:\Windows\System32\SystemPropertiesPerformance.exe C:\Windows\system32\SystemPropertiesPerformance.exe | |
Source: C:\Windows\explorer.exe | Process created: C:\Users\user\AppData\Local\UjbH0ZEv\SystemPropertiesPerformance.exe C:\Users\user\AppData\Local\UjbH0ZEv\SystemPropertiesPerformance.exe | |
Source: C:\Windows\explorer.exe | Process created: C:\Windows\System32\GamePanel.exe C:\Windows\system32\GamePanel.exe | |
Source: C:\Windows\explorer.exe | Process created: C:\Users\user\AppData\Local\cZk0IMu\GamePanel.exe C:\Users\user\AppData\Local\cZk0IMu\GamePanel.exe | |
Source: C:\Windows\explorer.exe | Process created: C:\Windows\System32\tcmsetup.exe C:\Windows\system32\tcmsetup.exe | |
Source: C:\Windows\explorer.exe | Process created: C:\Users\user\AppData\Local\2oEy\tcmsetup.exe C:\Users\user\AppData\Local\2oEy\tcmsetup.exe | |
Source: C:\Windows\explorer.exe | Process created: C:\Windows\System32\wscript.exe C:\Windows\system32\wscript.exe | |
Source: C:\Windows\explorer.exe | Process created: C:\Users\user\AppData\Local\NakOm\wscript.exe C:\Users\user\AppData\Local\NakOm\wscript.exe | |
Source: C:\Windows\explorer.exe | Process created: C:\Windows\System32\BitLockerWizardElev.exe C:\Windows\system32\BitLockerWizardElev.exe | |
Source: C:\Windows\explorer.exe | Process created: C:\Users\user\AppData\Local\Uh9eo\BitLockerWizardElev.exe C:\Users\user\AppData\Local\Uh9eo\BitLockerWizardElev.exe | |
Source: C:\Windows\explorer.exe | Process created: C:\Windows\System32\upfc.exe C:\Windows\system32\upfc.exe | |
Source: C:\Windows\explorer.exe | Process created: C:\Users\user\AppData\Local\mFxP\upfc.exe C:\Users\user\AppData\Local\mFxP\upfc.exe | |
Source: C:\Windows\explorer.exe | Process created: C:\Windows\System32\SystemPropertiesDataExecutionPrevention.exe C:\Windows\system32\SystemPropertiesDataExecutionPrevention.exe | |
Source: C:\Windows\System32\loaddll64.exe | Process created: C:\Windows\System32\cmd.exe cmd.exe /C rundll32.exe 'C:\Users\user\Desktop\Y7KrNvSxWx.dll',#1 | Jump to behavior |
Source: C:\Windows\System32\loaddll64.exe | Process created: C:\Windows\System32\rundll32.exe rundll32.exe C:\Users\user\Desktop\Y7KrNvSxWx.dll,CloseDriver | Jump to behavior |
Source: C:\Windows\System32\loaddll64.exe | Process created: C:\Windows\System32\rundll32.exe rundll32.exe C:\Users\user\Desktop\Y7KrNvSxWx.dll,DefDriverProc | Jump to behavior |
Source: C:\Windows\System32\loaddll64.exe | Process created: C:\Windows\System32\rundll32.exe rundll32.exe C:\Users\user\Desktop\Y7KrNvSxWx.dll,DriverCallback | Jump to behavior |
Source: C:\Windows\System32\cmd.exe | Process created: C:\Windows\System32\rundll32.exe rundll32.exe 'C:\Users\user\Desktop\Y7KrNvSxWx.dll',#1 | Jump to behavior |
Source: C:\Windows\explorer.exe | Process created: C:\Windows\System32\SndVol.exe C:\Windows\system32\SndVol.exe | Jump to behavior |
Source: C:\Windows\explorer.exe | Process created: C:\Users\user\AppData\Local\KXZtu\SndVol.exe C:\Users\user\AppData\Local\KXZtu\SndVol.exe | Jump to behavior |
Source: C:\Windows\explorer.exe | Process created: C:\Windows\System32\bdeunlock.exe C:\Windows\system32\bdeunlock.exe | Jump to behavior |
Source: C:\Windows\explorer.exe | Process created: C:\Users\user\AppData\Local\mlAKVTuFf\bdeunlock.exe C:\Users\user\AppData\Local\mlAKVTuFf\bdeunlock.exe | Jump to behavior |
Source: C:\Windows\explorer.exe | Process created: C:\Windows\System32\SystemPropertiesPerformance.exe C:\Windows\system32\SystemPropertiesPerformance.exe | Jump to behavior |
Source: C:\Windows\explorer.exe | Process created: C:\Users\user\AppData\Local\UjbH0ZEv\SystemPropertiesPerformance.exe C:\Users\user\AppData\Local\UjbH0ZEv\SystemPropertiesPerformance.exe | Jump to behavior |
Source: C:\Windows\explorer.exe | Process created: C:\Windows\System32\GamePanel.exe C:\Windows\system32\GamePanel.exe | Jump to behavior |
Source: C:\Windows\explorer.exe | Process created: C:\Users\user\AppData\Local\cZk0IMu\GamePanel.exe C:\Users\user\AppData\Local\cZk0IMu\GamePanel.exe | Jump to behavior |
Source: C:\Windows\explorer.exe | Process created: C:\Windows\System32\tcmsetup.exe C:\Windows\system32\tcmsetup.exe | Jump to behavior |
Source: C:\Windows\explorer.exe | Process created: C:\Users\user\AppData\Local\2oEy\tcmsetup.exe C:\Users\user\AppData\Local\2oEy\tcmsetup.exe | Jump to behavior |
Source: C:\Windows\explorer.exe | Process created: C:\Windows\System32\wscript.exe C:\Windows\system32\wscript.exe | Jump to behavior |
Source: C:\Windows\explorer.exe | Process created: C:\Users\user\AppData\Local\NakOm\wscript.exe C:\Users\user\AppData\Local\NakOm\wscript.exe | Jump to behavior |
Source: C:\Windows\explorer.exe | Process created: C:\Windows\System32\BitLockerWizardElev.exe C:\Windows\system32\BitLockerWizardElev.exe | Jump to behavior |
Source: C:\Windows\explorer.exe | Process created: C:\Users\user\AppData\Local\Uh9eo\BitLockerWizardElev.exe C:\Users\user\AppData\Local\Uh9eo\BitLockerWizardElev.exe | Jump to behavior |
Source: C:\Windows\explorer.exe | Process created: C:\Windows\System32\upfc.exe C:\Windows\system32\upfc.exe | Jump to behavior |
Source: C:\Windows\explorer.exe | Process created: C:\Users\user\AppData\Local\mFxP\upfc.exe C:\Users\user\AppData\Local\mFxP\upfc.exe | Jump to behavior |
Source: C:\Windows\explorer.exe | Process created: C:\Windows\System32\SystemPropertiesDataExecutionPrevention.exe C:\Windows\system32\SystemPropertiesDataExecutionPrevention.exe | Jump to behavior |
Source: C:\Windows\explorer.exe | Process created: unknown unknown | Jump to behavior |
Source: C:\Windows\explorer.exe | Process created: unknown unknown | Jump to behavior |
Source: C:\Windows\explorer.exe | Process created: unknown unknown | Jump to behavior |
Source: C:\Windows\explorer.exe | Process created: unknown unknown | Jump to behavior |
Source: C:\Windows\explorer.exe | Process created: unknown unknown | Jump to behavior |
Source: C:\Windows\explorer.exe | Process created: unknown unknown | Jump to behavior |
Source: C:\Windows\explorer.exe | Process created: unknown unknown | Jump to behavior |
Source: Y7KrNvSxWx.dll | Static PE information: section name: .qkm |
Source: Y7KrNvSxWx.dll | Static PE information: section name: .cvjb |
Source: Y7KrNvSxWx.dll | Static PE information: section name: .tlmkv |
Source: Y7KrNvSxWx.dll | Static PE information: section name: .wucsxe |
Source: Y7KrNvSxWx.dll | Static PE information: section name: .wnx |
Source: Y7KrNvSxWx.dll | Static PE information: section name: .weqy |
Source: Y7KrNvSxWx.dll | Static PE information: section name: .yby |
Source: Y7KrNvSxWx.dll | Static PE information: section name: .ormx |
Source: Y7KrNvSxWx.dll | Static PE information: section name: .dhclu |
Source: Y7KrNvSxWx.dll | Static PE information: section name: .xmiul |
Source: Y7KrNvSxWx.dll | Static PE information: section name: .tlwcxe |
Source: Y7KrNvSxWx.dll | Static PE information: section name: .get |
Source: Y7KrNvSxWx.dll | Static PE information: section name: .hzrd |
Source: Y7KrNvSxWx.dll | Static PE information: section name: .gulz |
Source: Y7KrNvSxWx.dll | Static PE information: section name: .ybavfq |
Source: Y7KrNvSxWx.dll | Static PE information: section name: .hzccq |
Source: Y7KrNvSxWx.dll | Static PE information: section name: .kmnqh |
Source: Y7KrNvSxWx.dll | Static PE information: section name: .sqadf |
Source: Y7KrNvSxWx.dll | Static PE information: section name: .uans |
Source: Y7KrNvSxWx.dll | Static PE information: section name: .gelkgq |
Source: Y7KrNvSxWx.dll | Static PE information: section name: .jbviw |
Source: Y7KrNvSxWx.dll | Static PE information: section name: .ypg |
Source: Y7KrNvSxWx.dll | Static PE information: section name: .qqs |
Source: Y7KrNvSxWx.dll | Static PE information: section name: .dsy |
Source: Y7KrNvSxWx.dll | Static PE information: section name: .fgy |
Source: Y7KrNvSxWx.dll | Static PE information: section name: .onfp |
Source: Y7KrNvSxWx.dll | Static PE information: section name: .clcj |
Source: Y7KrNvSxWx.dll | Static PE information: section name: .fhc |
Source: Y7KrNvSxWx.dll | Static PE information: section name: .ghxb |
Source: Y7KrNvSxWx.dll | Static PE information: section name: .icyh |
Source: Y7KrNvSxWx.dll | Static PE information: section name: .wguyua |
Source: SndVol.exe.4.dr | Static PE information: section name: .imrsiv |
Source: SndVol.exe.4.dr | Static PE information: section name: .didat |
Source: bdeunlock.exe.4.dr | Static PE information: section name: .imrsiv |
Source: GamePanel.exe.4.dr | Static PE information: section name: .imrsiv |
Source: GamePanel.exe.4.dr | Static PE information: section name: .didat |
Source: FileHistory.exe.4.dr | Static PE information: section name: .nep |
Source: dwmapi.dll.4.dr | Static PE information: section name: .qkm |
Source: dwmapi.dll.4.dr | Static PE information: section name: .cvjb |
Source: dwmapi.dll.4.dr | Static PE information: section name: .tlmkv |
Source: dwmapi.dll.4.dr | Static PE information: section name: .wucsxe |
Source: dwmapi.dll.4.dr | Static PE information: section name: .wnx |
Source: dwmapi.dll.4.dr | Static PE information: section name: .weqy |
Source: dwmapi.dll.4.dr | Static PE information: section name: .yby |
Source: dwmapi.dll.4.dr | Static PE information: section name: .ormx |
Source: dwmapi.dll.4.dr | Static PE information: section name: .dhclu |
Source: dwmapi.dll.4.dr | Static PE information: section name: .xmiul |
Source: dwmapi.dll.4.dr | Static PE information: section name: .tlwcxe |
Source: dwmapi.dll.4.dr | Static PE information: section name: .get |
Source: dwmapi.dll.4.dr | Static PE information: section name: .hzrd |
Source: dwmapi.dll.4.dr | Static PE information: section name: .gulz |
Source: dwmapi.dll.4.dr | Static PE information: section name: .ybavfq |
Source: dwmapi.dll.4.dr | Static PE information: section name: .hzccq |
Source: dwmapi.dll.4.dr | Static PE information: section name: .kmnqh |
Source: dwmapi.dll.4.dr | Static PE information: section name: .sqadf |
Source: dwmapi.dll.4.dr | Static PE information: section name: .uans |
Source: dwmapi.dll.4.dr | Static PE information: section name: .gelkgq |
Source: dwmapi.dll.4.dr | Static PE information: section name: .jbviw |
Source: dwmapi.dll.4.dr | Static PE information: section name: .ypg |
Source: dwmapi.dll.4.dr | Static PE information: section name: .qqs |
Source: dwmapi.dll.4.dr | Static PE information: section name: .dsy |
Source: dwmapi.dll.4.dr | Static PE information: section name: .fgy |
Source: dwmapi.dll.4.dr | Static PE information: section name: .onfp |
Source: dwmapi.dll.4.dr | Static PE information: section name: .clcj |
Source: dwmapi.dll.4.dr | Static PE information: section name: .fhc |
Source: dwmapi.dll.4.dr | Static PE information: section name: .ghxb |
Source: dwmapi.dll.4.dr | Static PE information: section name: .icyh |
Source: dwmapi.dll.4.dr | Static PE information: section name: .wguyua |
Source: dwmapi.dll.4.dr | Static PE information: section name: .mkadq |
Source: DUser.dll.4.dr | Static PE information: section name: .qkm |
Source: DUser.dll.4.dr | Static PE information: section name: .cvjb |
Source: DUser.dll.4.dr | Static PE information: section name: .tlmkv |
Source: DUser.dll.4.dr | Static PE information: section name: .wucsxe |
Source: DUser.dll.4.dr | Static PE information: section name: .wnx |
Source: DUser.dll.4.dr | Static PE information: section name: .weqy |
Source: DUser.dll.4.dr | Static PE information: section name: .yby |
Source: DUser.dll.4.dr | Static PE information: section name: .ormx |
Source: DUser.dll.4.dr | Static PE information: section name: .dhclu |
Source: DUser.dll.4.dr | Static PE information: section name: .xmiul |
Source: DUser.dll.4.dr | Static PE information: section name: .tlwcxe |
Source: DUser.dll.4.dr | Static PE information: section name: .get |
Source: DUser.dll.4.dr | Static PE information: section name: .hzrd |
Source: DUser.dll.4.dr | Static PE information: section name: .gulz |
Source: DUser.dll.4.dr | Static PE information: section name: .ybavfq |
Source: DUser.dll.4.dr | Static PE information: section name: .hzccq |
Source: DUser.dll.4.dr | Static PE information: section name: .kmnqh |
Source: DUser.dll.4.dr | Static PE information: section name: .sqadf |
Source: DUser.dll.4.dr | Static PE information: section name: .uans |
Source: DUser.dll.4.dr | Static PE information: section name: .gelkgq |
Source: DUser.dll.4.dr | Static PE information: section name: .jbviw |
Source: DUser.dll.4.dr | Static PE information: section name: .ypg |
Source: DUser.dll.4.dr | Static PE information: section name: .qqs |
Source: DUser.dll.4.dr | Static PE information: section name: .dsy |
Source: DUser.dll.4.dr | Static PE information: section name: .fgy |
Source: DUser.dll.4.dr | Static PE information: section name: .onfp |
Source: DUser.dll.4.dr | Static PE information: section name: .clcj |
Source: DUser.dll.4.dr | Static PE information: section name: .fhc |
Source: DUser.dll.4.dr | Static PE information: section name: .ghxb |
Source: DUser.dll.4.dr | Static PE information: section name: .icyh |
Source: DUser.dll.4.dr | Static PE information: section name: .wguyua |
Source: DUser.dll.4.dr | Static PE information: section name: .utdog |
Source: SYSDM.CPL.4.dr | Static PE information: section name: .qkm |
Source: SYSDM.CPL.4.dr | Static PE information: section name: .cvjb |
Source: SYSDM.CPL.4.dr | Static PE information: section name: .tlmkv |
Source: SYSDM.CPL.4.dr | Static PE information: section name: .wucsxe |
Source: SYSDM.CPL.4.dr | Static PE information: section name: .wnx |
Source: SYSDM.CPL.4.dr | Static PE information: section name: .weqy |
Source: SYSDM.CPL.4.dr | Static PE information: section name: .yby |
Source: SYSDM.CPL.4.dr | Static PE information: section name: .ormx |
Source: SYSDM.CPL.4.dr | Static PE information: section name: .dhclu |
Source: SYSDM.CPL.4.dr | Static PE information: section name: .xmiul |
Source: SYSDM.CPL.4.dr | Static PE information: section name: .tlwcxe |
Source: SYSDM.CPL.4.dr | Static PE information: section name: .get |
Source: SYSDM.CPL.4.dr | Static PE information: section name: .hzrd |
Source: SYSDM.CPL.4.dr | Static PE information: section name: .gulz |
Source: SYSDM.CPL.4.dr | Static PE information: section name: .ybavfq |
Source: SYSDM.CPL.4.dr | Static PE information: section name: .hzccq |
Source: SYSDM.CPL.4.dr | Static PE information: section name: .kmnqh |
Source: SYSDM.CPL.4.dr | Static PE information: section name: .sqadf |
Source: SYSDM.CPL.4.dr | Static PE information: section name: .uans |
Source: SYSDM.CPL.4.dr | Static PE information: section name: .gelkgq |
Source: SYSDM.CPL.4.dr | Static PE information: section name: .jbviw |
Source: SYSDM.CPL.4.dr | Static PE information: section name: .ypg |
Source: SYSDM.CPL.4.dr | Static PE information: section name: .qqs |
Source: SYSDM.CPL.4.dr | Static PE information: section name: .dsy |
Source: SYSDM.CPL.4.dr | Static PE information: section name: .fgy |
Source: SYSDM.CPL.4.dr | Static PE information: section name: .onfp |
Source: SYSDM.CPL.4.dr | Static PE information: section name: .clcj |
Source: SYSDM.CPL.4.dr | Static PE information: section name: .fhc |
Source: SYSDM.CPL.4.dr | Static PE information: section name: .ghxb |
Source: SYSDM.CPL.4.dr | Static PE information: section name: .icyh |
Source: SYSDM.CPL.4.dr | Static PE information: section name: .wguyua |
Source: SYSDM.CPL.4.dr | Static PE information: section name: .xjg |
Source: dwmapi.dll0.4.dr | Static PE information: section name: .qkm |
Source: dwmapi.dll0.4.dr | Static PE information: section name: .cvjb |
Source: dwmapi.dll0.4.dr | Static PE information: section name: .tlmkv |
Source: dwmapi.dll0.4.dr | Static PE information: section name: .wucsxe |
Source: dwmapi.dll0.4.dr | Static PE information: section name: .wnx |
Source: dwmapi.dll0.4.dr | Static PE information: section name: .weqy |
Source: dwmapi.dll0.4.dr | Static PE information: section name: .yby |
Source: dwmapi.dll0.4.dr | Static PE information: section name: .ormx |
Source: dwmapi.dll0.4.dr | Static PE information: section name: .dhclu |
Source: dwmapi.dll0.4.dr | Static PE information: section name: .xmiul |
Source: dwmapi.dll0.4.dr | Static PE information: section name: .tlwcxe |
Source: dwmapi.dll0.4.dr | Static PE information: section name: .get |
Source: dwmapi.dll0.4.dr | Static PE information: section name: .hzrd |
Source: dwmapi.dll0.4.dr | Static PE information: section name: .gulz |
Source: dwmapi.dll0.4.dr | Static PE information: section name: .ybavfq |
Source: dwmapi.dll0.4.dr | Static PE information: section name: .hzccq |
Source: dwmapi.dll0.4.dr | Static PE information: section name: .kmnqh |
Source: dwmapi.dll0.4.dr | Static PE information: section name: .sqadf |
Source: dwmapi.dll0.4.dr | Static PE information: section name: .uans |
Source: dwmapi.dll0.4.dr | Static PE information: section name: .gelkgq |
Source: dwmapi.dll0.4.dr | Static PE information: section name: .jbviw |
Source: dwmapi.dll0.4.dr | Static PE information: section name: .ypg |
Source: dwmapi.dll0.4.dr | Static PE information: section name: .qqs |
Source: dwmapi.dll0.4.dr | Static PE information: section name: .dsy |
Source: dwmapi.dll0.4.dr | Static PE information: section name: .fgy |
Source: dwmapi.dll0.4.dr | Static PE information: section name: .onfp |
Source: dwmapi.dll0.4.dr | Static PE information: section name: .clcj |
Source: dwmapi.dll0.4.dr | Static PE information: section name: .fhc |
Source: dwmapi.dll0.4.dr | Static PE information: section name: .ghxb |
Source: dwmapi.dll0.4.dr | Static PE information: section name: .icyh |
Source: dwmapi.dll0.4.dr | Static PE information: section name: .wguyua |
Source: dwmapi.dll0.4.dr | Static PE information: section name: .scnrap |
Source: TAPI32.dll.4.dr | Static PE information: section name: .qkm |
Source: TAPI32.dll.4.dr | Static PE information: section name: .cvjb |
Source: TAPI32.dll.4.dr | Static PE information: section name: .tlmkv |
Source: TAPI32.dll.4.dr | Static PE information: section name: .wucsxe |
Source: TAPI32.dll.4.dr | Static PE information: section name: .wnx |
Source: TAPI32.dll.4.dr | Static PE information: section name: .weqy |
Source: TAPI32.dll.4.dr | Static PE information: section name: .yby |
Source: TAPI32.dll.4.dr | Static PE information: section name: .ormx |
Source: TAPI32.dll.4.dr | Static PE information: section name: .dhclu |
Source: TAPI32.dll.4.dr | Static PE information: section name: .xmiul |
Source: TAPI32.dll.4.dr | Static PE information: section name: .tlwcxe |
Source: TAPI32.dll.4.dr | Static PE information: section name: .get |
Source: TAPI32.dll.4.dr | Static PE information: section name: .hzrd |
Source: TAPI32.dll.4.dr | Static PE information: section name: .gulz |
Source: TAPI32.dll.4.dr | Static PE information: section name: .ybavfq |
Source: TAPI32.dll.4.dr | Static PE information: section name: .hzccq |
Source: TAPI32.dll.4.dr | Static PE information: section name: .kmnqh |
Source: TAPI32.dll.4.dr | Static PE information: section name: .sqadf |
Source: TAPI32.dll.4.dr | Static PE information: section name: .uans |
Source: TAPI32.dll.4.dr | Static PE information: section name: .gelkgq |
Source: TAPI32.dll.4.dr | Static PE information: section name: .jbviw |
Source: TAPI32.dll.4.dr | Static PE information: section name: .ypg |
Source: TAPI32.dll.4.dr | Static PE information: section name: .qqs |
Source: TAPI32.dll.4.dr | Static PE information: section name: .dsy |
Source: TAPI32.dll.4.dr | Static PE information: section name: .fgy |
Source: TAPI32.dll.4.dr | Static PE information: section name: .onfp |
Source: TAPI32.dll.4.dr | Static PE information: section name: .clcj |
Source: TAPI32.dll.4.dr | Static PE information: section name: .fhc |
Source: TAPI32.dll.4.dr | Static PE information: section name: .ghxb |
Source: TAPI32.dll.4.dr | Static PE information: section name: .icyh |
Source: TAPI32.dll.4.dr | Static PE information: section name: .wguyua |
Source: TAPI32.dll.4.dr | Static PE information: section name: .lisssh |
Source: VERSION.dll.4.dr | Static PE information: section name: .qkm |
Source: VERSION.dll.4.dr | Static PE information: section name: .cvjb |
Source: VERSION.dll.4.dr | Static PE information: section name: .tlmkv |
Source: VERSION.dll.4.dr | Static PE information: section name: .wucsxe |
Source: VERSION.dll.4.dr | Static PE information: section name: .wnx |
Source: VERSION.dll.4.dr | Static PE information: section name: .weqy |
Source: VERSION.dll.4.dr | Static PE information: section name: .yby |
Source: VERSION.dll.4.dr | Static PE information: section name: .ormx |
Source: VERSION.dll.4.dr | Static PE information: section name: .dhclu |
Source: VERSION.dll.4.dr | Static PE information: section name: .xmiul |
Source: VERSION.dll.4.dr | Static PE information: section name: .tlwcxe |
Source: VERSION.dll.4.dr | Static PE information: section name: .get |
Source: VERSION.dll.4.dr | Static PE information: section name: .hzrd |
Source: VERSION.dll.4.dr | Static PE information: section name: .gulz |
Source: VERSION.dll.4.dr | Static PE information: section name: .ybavfq |
Source: VERSION.dll.4.dr | Static PE information: section name: .hzccq |
Source: VERSION.dll.4.dr | Static PE information: section name: .kmnqh |
Source: VERSION.dll.4.dr | Static PE information: section name: .sqadf |
Source: VERSION.dll.4.dr | Static PE information: section name: .uans |
Source: VERSION.dll.4.dr | Static PE information: section name: .gelkgq |
Source: VERSION.dll.4.dr | Static PE information: section name: .jbviw |
Source: VERSION.dll.4.dr | Static PE information: section name: .ypg |
Source: VERSION.dll.4.dr | Static PE information: section name: .qqs |
Source: VERSION.dll.4.dr | Static PE information: section name: .dsy |
Source: VERSION.dll.4.dr | Static PE information: section name: .fgy |
Source: VERSION.dll.4.dr | Static PE information: section name: .onfp |
Source: VERSION.dll.4.dr | Static PE information: section name: .clcj |
Source: VERSION.dll.4.dr | Static PE information: section name: .fhc |
Source: VERSION.dll.4.dr | Static PE information: section name: .ghxb |
Source: VERSION.dll.4.dr | Static PE information: section name: .icyh |
Source: VERSION.dll.4.dr | Static PE information: section name: .wguyua |
Source: VERSION.dll.4.dr | Static PE information: section name: .pkopjx |
Source: FVEWIZ.dll.4.dr | Static PE information: section name: .qkm |
Source: FVEWIZ.dll.4.dr | Static PE information: section name: .cvjb |
Source: FVEWIZ.dll.4.dr | Static PE information: section name: .tlmkv |
Source: FVEWIZ.dll.4.dr | Static PE information: section name: .wucsxe |
Source: FVEWIZ.dll.4.dr | Static PE information: section name: .wnx |
Source: FVEWIZ.dll.4.dr | Static PE information: section name: .weqy |
Source: FVEWIZ.dll.4.dr | Static PE information: section name: .yby |
Source: FVEWIZ.dll.4.dr | Static PE information: section name: .ormx |
Source: FVEWIZ.dll.4.dr | Static PE information: section name: .dhclu |
Source: FVEWIZ.dll.4.dr | Static PE information: section name: .xmiul |
Source: FVEWIZ.dll.4.dr | Static PE information: section name: .tlwcxe |
Source: FVEWIZ.dll.4.dr | Static PE information: section name: .get |
Source: FVEWIZ.dll.4.dr | Static PE information: section name: .hzrd |
Source: FVEWIZ.dll.4.dr | Static PE information: section name: .gulz |
Source: FVEWIZ.dll.4.dr | Static PE information: section name: .ybavfq |
Source: FVEWIZ.dll.4.dr | Static PE information: section name: .hzccq |
Source: FVEWIZ.dll.4.dr | Static PE information: section name: .kmnqh |
Source: FVEWIZ.dll.4.dr | Static PE information: section name: .sqadf |
Source: FVEWIZ.dll.4.dr | Static PE information: section name: .uans |
Source: FVEWIZ.dll.4.dr | Static PE information: section name: .gelkgq |
Source: FVEWIZ.dll.4.dr | Static PE information: section name: .jbviw |
Source: FVEWIZ.dll.4.dr | Static PE information: section name: .ypg |
Source: FVEWIZ.dll.4.dr | Static PE information: section name: .qqs |
Source: FVEWIZ.dll.4.dr | Static PE information: section name: .dsy |
Source: FVEWIZ.dll.4.dr | Static PE information: section name: .fgy |
Source: FVEWIZ.dll.4.dr | Static PE information: section name: .onfp |
Source: FVEWIZ.dll.4.dr | Static PE information: section name: .clcj |
Source: FVEWIZ.dll.4.dr | Static PE information: section name: .fhc |
Source: FVEWIZ.dll.4.dr | Static PE information: section name: .ghxb |
Source: FVEWIZ.dll.4.dr | Static PE information: section name: .icyh |
Source: FVEWIZ.dll.4.dr | Static PE information: section name: .wguyua |
Source: FVEWIZ.dll.4.dr | Static PE information: section name: .yza |
Source: XmlLite.dll.4.dr | Static PE information: section name: .qkm |
Source: XmlLite.dll.4.dr | Static PE information: section name: .cvjb |
Source: XmlLite.dll.4.dr | Static PE information: section name: .tlmkv |
Source: XmlLite.dll.4.dr | Static PE information: section name: .wucsxe |
Source: XmlLite.dll.4.dr | Static PE information: section name: .wnx |
Source: XmlLite.dll.4.dr | Static PE information: section name: .weqy |
Source: XmlLite.dll.4.dr | Static PE information: section name: .yby |
Source: XmlLite.dll.4.dr | Static PE information: section name: .ormx |
Source: XmlLite.dll.4.dr | Static PE information: section name: .dhclu |
Source: XmlLite.dll.4.dr | Static PE information: section name: .xmiul |
Source: XmlLite.dll.4.dr | Static PE information: section name: .tlwcxe |
Source: XmlLite.dll.4.dr | Static PE information: section name: .get |
Source: XmlLite.dll.4.dr | Static PE information: section name: .hzrd |
Source: XmlLite.dll.4.dr | Static PE information: section name: .gulz |
Source: XmlLite.dll.4.dr | Static PE information: section name: .ybavfq |
Source: XmlLite.dll.4.dr | Static PE information: section name: .hzccq |
Source: XmlLite.dll.4.dr | Static PE information: section name: .kmnqh |
Source: XmlLite.dll.4.dr | Static PE information: section name: .sqadf |
Source: XmlLite.dll.4.dr | Static PE information: section name: .uans |
Source: XmlLite.dll.4.dr | Static PE information: section name: .gelkgq |
Source: XmlLite.dll.4.dr | Static PE information: section name: .jbviw |
Source: XmlLite.dll.4.dr | Static PE information: section name: .ypg |
Source: XmlLite.dll.4.dr | Static PE information: section name: .qqs |
Source: XmlLite.dll.4.dr | Static PE information: section name: .dsy |
Source: XmlLite.dll.4.dr | Static PE information: section name: .fgy |
Source: XmlLite.dll.4.dr | Static PE information: section name: .onfp |
Source: XmlLite.dll.4.dr | Static PE information: section name: .clcj |
Source: XmlLite.dll.4.dr | Static PE information: section name: .fhc |
Source: XmlLite.dll.4.dr | Static PE information: section name: .ghxb |
Source: XmlLite.dll.4.dr | Static PE information: section name: .icyh |
Source: XmlLite.dll.4.dr | Static PE information: section name: .wguyua |
Source: XmlLite.dll.4.dr | Static PE information: section name: .oxh |
Source: SYSDM.CPL0.4.dr | Static PE information: section name: .qkm |
Source: SYSDM.CPL0.4.dr | Static PE information: section name: .cvjb |
Source: SYSDM.CPL0.4.dr | Static PE information: section name: .tlmkv |
Source: SYSDM.CPL0.4.dr | Static PE information: section name: .wucsxe |
Source: SYSDM.CPL0.4.dr | Static PE information: section name: .wnx |
Source: SYSDM.CPL0.4.dr | Static PE information: section name: .weqy |
Source: SYSDM.CPL0.4.dr | Static PE information: section name: .yby |
Source: SYSDM.CPL0.4.dr | Static PE information: section name: .ormx |
Source: SYSDM.CPL0.4.dr | Static PE information: section name: .dhclu |
Source: SYSDM.CPL0.4.dr | Static PE information: section name: .xmiul |
Source: SYSDM.CPL0.4.dr | Static PE information: section name: .tlwcxe |
Source: SYSDM.CPL0.4.dr | Static PE information: section name: .get |
Source: SYSDM.CPL0.4.dr | Static PE information: section name: .hzrd |
Source: SYSDM.CPL0.4.dr | Static PE information: section name: .gulz |
Source: SYSDM.CPL0.4.dr | Static PE information: section name: .ybavfq |
Source: SYSDM.CPL0.4.dr | Static PE information: section name: .hzccq |
Source: SYSDM.CPL0.4.dr | Static PE information: section name: .kmnqh |
Source: SYSDM.CPL0.4.dr | Static PE information: section name: .sqadf |
Source: SYSDM.CPL0.4.dr | Static PE information: section name: .uans |
Source: SYSDM.CPL0.4.dr | Static PE information: section name: .gelkgq |
Source: SYSDM.CPL0.4.dr | Static PE information: section name: .jbviw |
Source: SYSDM.CPL0.4.dr | Static PE information: section name: .ypg |
Source: SYSDM.CPL0.4.dr | Static PE information: section name: .qqs |
Source: SYSDM.CPL0.4.dr | Static PE information: section name: .dsy |
Source: SYSDM.CPL0.4.dr | Static PE information: section name: .fgy |
Source: SYSDM.CPL0.4.dr | Static PE information: section name: .onfp |
Source: SYSDM.CPL0.4.dr | Static PE information: section name: .clcj |
Source: SYSDM.CPL0.4.dr | Static PE information: section name: .fhc |
Source: SYSDM.CPL0.4.dr | Static PE information: section name: .ghxb |
Source: SYSDM.CPL0.4.dr | Static PE information: section name: .icyh |
Source: SYSDM.CPL0.4.dr | Static PE information: section name: .wguyua |
Source: SYSDM.CPL0.4.dr | Static PE information: section name: .dcq |
Source: VERSION.dll0.4.dr | Static PE information: section name: .qkm |
Source: VERSION.dll0.4.dr | Static PE information: section name: .cvjb |
Source: VERSION.dll0.4.dr | Static PE information: section name: .tlmkv |
Source: VERSION.dll0.4.dr | Static PE information: section name: .wucsxe |
Source: VERSION.dll0.4.dr | Static PE information: section name: .wnx |
Source: VERSION.dll0.4.dr | Static PE information: section name: .weqy |
Source: VERSION.dll0.4.dr | Static PE information: section name: .yby |
Source: VERSION.dll0.4.dr | Static PE information: section name: .ormx |
Source: VERSION.dll0.4.dr | Static PE information: section name: .dhclu |
Source: VERSION.dll0.4.dr | Static PE information: section name: .xmiul |
Source: VERSION.dll0.4.dr | Static PE information: section name: .tlwcxe |
Source: VERSION.dll0.4.dr | Static PE information: section name: .get |
Source: VERSION.dll0.4.dr | Static PE information: section name: .hzrd |
Source: VERSION.dll0.4.dr | Static PE information: section name: .gulz |
Source: VERSION.dll0.4.dr | Static PE information: section name: .ybavfq |
Source: VERSION.dll0.4.dr | Static PE information: section name: .hzccq |
Source: VERSION.dll0.4.dr | Static PE information: section name: .kmnqh |
Source: VERSION.dll0.4.dr | Static PE information: section name: .sqadf |
Source: VERSION.dll0.4.dr | Static PE information: section name: .uans |
Source: VERSION.dll0.4.dr | Static PE information: section name: .gelkgq |
Source: VERSION.dll0.4.dr | Static PE information: section name: .jbviw |
Source: VERSION.dll0.4.dr | Static PE information: section name: .ypg |
Source: VERSION.dll0.4.dr | Static PE information: section name: .qqs |
Source: VERSION.dll0.4.dr | Static PE information: section name: .dsy |
Source: VERSION.dll0.4.dr | Static PE information: section name: .fgy |
Source: VERSION.dll0.4.dr | Static PE information: section name: .onfp |
Source: VERSION.dll0.4.dr | Static PE information: section name: .clcj |
Source: VERSION.dll0.4.dr | Static PE information: section name: .fhc |
Source: VERSION.dll0.4.dr | Static PE information: section name: .ghxb |
Source: VERSION.dll0.4.dr | Static PE information: section name: .icyh |
Source: VERSION.dll0.4.dr | Static PE information: section name: .wguyua |
Source: VERSION.dll0.4.dr | Static PE information: section name: .sgswxz |
Source: UxTheme.dll.4.dr | Static PE information: section name: .qkm |
Source: UxTheme.dll.4.dr | Static PE information: section name: .cvjb |
Source: UxTheme.dll.4.dr | Static PE information: section name: .tlmkv |
Source: UxTheme.dll.4.dr | Static PE information: section name: .wucsxe |
Source: UxTheme.dll.4.dr | Static PE information: section name: .wnx |
Source: UxTheme.dll.4.dr | Static PE information: section name: .weqy |
Source: UxTheme.dll.4.dr | Static PE information: section name: .yby |
Source: UxTheme.dll.4.dr | Static PE information: section name: .ormx |
Source: UxTheme.dll.4.dr | Static PE information: section name: .dhclu |
Source: UxTheme.dll.4.dr | Static PE information: section name: .xmiul |
Source: UxTheme.dll.4.dr | Static PE information: section name: .tlwcxe |
Source: UxTheme.dll.4.dr | Static PE information: section name: .get |
Source: UxTheme.dll.4.dr | Static PE information: section name: .hzrd |
Source: UxTheme.dll.4.dr | Static PE information: section name: .gulz |
Source: UxTheme.dll.4.dr | Static PE information: section name: .ybavfq |
Source: UxTheme.dll.4.dr | Static PE information: section name: .hzccq |
Source: UxTheme.dll.4.dr | Static PE information: section name: .kmnqh |
Source: UxTheme.dll.4.dr | Static PE information: section name: .sqadf |
Source: UxTheme.dll.4.dr | Static PE information: section name: .uans |
Source: UxTheme.dll.4.dr | Static PE information: section name: .gelkgq |
Source: UxTheme.dll.4.dr | Static PE information: section name: .jbviw |
Source: UxTheme.dll.4.dr | Static PE information: section name: .ypg |
Source: UxTheme.dll.4.dr | Static PE information: section name: .qqs |
Source: UxTheme.dll.4.dr | Static PE information: section name: .dsy |
Source: UxTheme.dll.4.dr | Static PE information: section name: .fgy |
Source: UxTheme.dll.4.dr | Static PE information: section name: .onfp |
Source: UxTheme.dll.4.dr | Static PE information: section name: .clcj |
Source: UxTheme.dll.4.dr | Static PE information: section name: .fhc |
Source: UxTheme.dll.4.dr | Static PE information: section name: .ghxb |
Source: UxTheme.dll.4.dr | Static PE information: section name: .icyh |
Source: UxTheme.dll.4.dr | Static PE information: section name: .wguyua |
Source: UxTheme.dll.4.dr | Static PE information: section name: .fygqp |
Source: WTSAPI32.dll.4.dr | Static PE information: section name: .qkm |
Source: WTSAPI32.dll.4.dr | Static PE information: section name: .cvjb |
Source: WTSAPI32.dll.4.dr | Static PE information: section name: .tlmkv |
Source: WTSAPI32.dll.4.dr | Static PE information: section name: .wucsxe |
Source: WTSAPI32.dll.4.dr | Static PE information: section name: .wnx |
Source: WTSAPI32.dll.4.dr | Static PE information: section name: .weqy |
Source: WTSAPI32.dll.4.dr | Static PE information: section name: .yby |
Source: WTSAPI32.dll.4.dr | Static PE information: section name: .ormx |
Source: WTSAPI32.dll.4.dr | Static PE information: section name: .dhclu |
Source: WTSAPI32.dll.4.dr | Static PE information: section name: .xmiul |
Source: WTSAPI32.dll.4.dr | Static PE information: section name: .tlwcxe |
Source: WTSAPI32.dll.4.dr | Static PE information: section name: .get |
Source: WTSAPI32.dll.4.dr | Static PE information: section name: .hzrd |
Source: WTSAPI32.dll.4.dr | Static PE information: section name: .gulz |
Source: WTSAPI32.dll.4.dr | Static PE information: section name: .ybavfq |
Source: WTSAPI32.dll.4.dr | Static PE information: section name: .hzccq |
Source: WTSAPI32.dll.4.dr | Static PE information: section name: .kmnqh |
Source: WTSAPI32.dll.4.dr | Static PE information: section name: .sqadf |
Source: WTSAPI32.dll.4.dr | Static PE information: section name: .uans |
Source: WTSAPI32.dll.4.dr | Static PE information: section name: .gelkgq |
Source: WTSAPI32.dll.4.dr | Static PE information: section name: .jbviw |
Source: WTSAPI32.dll.4.dr | Static PE information: section name: .ypg |
Source: WTSAPI32.dll.4.dr | Static PE information: section name: .qqs |
Source: WTSAPI32.dll.4.dr | Static PE information: section name: .dsy |
Source: WTSAPI32.dll.4.dr | Static PE information: section name: .fgy |
Source: WTSAPI32.dll.4.dr | Static PE information: section name: .onfp |
Source: WTSAPI32.dll.4.dr | Static PE information: section name: .clcj |
Source: WTSAPI32.dll.4.dr | Static PE information: section name: .fhc |
Source: WTSAPI32.dll.4.dr | Static PE information: section name: .ghxb |
Source: WTSAPI32.dll.4.dr | Static PE information: section name: .icyh |
Source: WTSAPI32.dll.4.dr | Static PE information: section name: .wguyua |
Source: WTSAPI32.dll.4.dr | Static PE information: section name: .nouixc |
Source: C:\Users\user\AppData\Local\mlAKVTuFf\bdeunlock.exe | Code function: 20_2_00007FF68D872EF4 GetProcessHeap,HeapAlloc,GetProcessHeap,HeapFree,memset,GetModuleHandleExW,GetProcAddress,GetProcessHeap,HeapFree,FreeLibrary,memset,memcpy,GetLastError,GetLastError,GetProcessHeap,HeapAlloc,GetCurrentThreadId,GetLastError,GetProcessHeap,HeapAlloc,wcscmp,wcscmp,GetCurrentProcess,GetProcessMitigationPolicy,LocalAlloc,~SyncLockT,FreeLibrary,memset,memcpy,~SyncLockT,GetProcessHeap,HeapAlloc,GetProcessHeap,HeapAlloc,memcpy,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,GetModuleFileNameW,GetLastError,GetLastError,GetProcessHeap,HeapAlloc,memcpy,memcpy,memcpy,GetProcessHeap,HeapAlloc,memcpy,GetProcessHeap,HeapFree,GetProcessHeap,HeapAlloc,GetProcessHeap,HeapAlloc,GetProcessHeap,HeapAlloc,memcpy,GetProcessHeap,HeapAlloc,GetProcessHeap,HeapAlloc,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapAlloc,memcpy,memcpy,memcpy,GetProcessHeap,HeapFree,GetProcessHeap,HeapAlloc,GetModuleHandleExW,GetLastError,GetProcAddress,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapAlloc,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapAlloc,memcpy,memset,memset,GetProcessHeap,HeapAlloc,GetProcessHeap,HeapFree,memset,GetModuleHandleExW,GetProcAddress,GetProcessHeap,HeapFree,FreeLibrary,memset,memcpy,GetProcessHeap,HeapAlloc,GetProcessHeap,HeapFree,memset,GetModuleHandleExW,GetProcAddress,GetProcessHeap,HeapFree,FreeLibrary,memset,memcpy,memset,GetLastError,GetLastError,GetProcessHeap,HeapAlloc,GetProcessHeap,HeapAlloc,GetProcessHeap,HeapAlloc,GetProcessHeap,HeapFree,GetProcessHeap,HeapAlloc,GetProcessHeap,HeapAlloc,GetLastError,GetProcessHeap,HeapFree,GetLastError,memset,memset,GetLastError,GetLastError,memset,GetLastError,memset,GetLastError,memset,memset,FreeLibrary,memset,memcpy,memset,memset,memset,memset,GetLastError,memset,GetLastError,memset,memset,memset,memset,GetLastError,GetLastError,memset,GetLastError,memset,memset,memset,GetLastError,memset,GetLastError,memset,memset,memset,memse |