Source: |
Binary string: TqSDHvsKpt.PDB source: TqSDHvsKpt.exe, 00000000.00000002.248524110.00000000010F9000.00000004.00000001.sdmp |
Source: |
Binary string: zc.pdbis3B~ source: TqSDHvsKpt.exe, 00000000.00000002.248524110.00000000010F9000.00000004.00000001.sdmp |
Source: |
Binary string: wkernel32.pdb source: WerFault.exe, 00000004.00000003.258315000.00000000056C1000.00000004.00000001.sdmp |
Source: |
Binary string: sechost.pdb source: WerFault.exe, 00000004.00000003.258315000.00000000056C1000.00000004.00000001.sdmp |
Source: |
Binary string: cryptbase.pdb source: WerFault.exe, 00000004.00000003.258315000.00000000056C1000.00000004.00000001.sdmp |
Source: |
Binary string: wkernelbase.pdb source: WerFault.exe, 00000004.00000003.258315000.00000000056C1000.00000004.00000001.sdmp |
Source: |
Binary string: iLC:\Windows\Microsoft.VisualBasic.pdb source: TqSDHvsKpt.exe, 00000000.00000002.248524110.00000000010F9000.00000004.00000001.sdmp |
Source: |
Binary string: bcryptprimitives.pdb source: WerFault.exe, 00000004.00000003.258315000.00000000056C1000.00000004.00000001.sdmp |
Source: |
Binary string: mscoreei.pdb source: WerFault.exe, 00000004.00000003.258315000.00000000056C1000.00000004.00000001.sdmp |
Source: |
Binary string: shlwapi.pdb source: WerFault.exe, 00000004.00000003.258315000.00000000056C1000.00000004.00000001.sdmp |
Source: |
Binary string: msvcrt.pdb source: WerFault.exe, 00000004.00000003.258315000.00000000056C1000.00000004.00000001.sdmp |
Source: |
Binary string: iVisualBasic.pdb source: TqSDHvsKpt.exe, 00000000.00000002.248524110.00000000010F9000.00000004.00000001.sdmp |
Source: |
Binary string: wrpcrt4.pdb source: WerFault.exe, 00000004.00000003.258315000.00000000056C1000.00000004.00000001.sdmp |
Source: |
Binary string: wntdll.pdb source: WerFault.exe, 00000004.00000003.258315000.00000000056C1000.00000004.00000001.sdmp |
Source: |
Binary string: .pdb) source: TqSDHvsKpt.exe, 00000000.00000002.248524110.00000000010F9000.00000004.00000001.sdmp |
Source: |
Binary string: apphelp.pdb source: WerFault.exe, 00000004.00000003.258315000.00000000056C1000.00000004.00000001.sdmp |
Source: |
Binary string: C:\Users\user\Desktop\TqSDHvsKpt.PDB source: TqSDHvsKpt.exe, 00000000.00000002.248524110.00000000010F9000.00000004.00000001.sdmp |
Source: |
Binary string: wntdll.pdbk source: WerFault.exe, 00000004.00000003.258315000.00000000056C1000.00000004.00000001.sdmp |
Source: |
Binary string: advapi32.pdb source: WerFault.exe, 00000004.00000003.258315000.00000000056C1000.00000004.00000001.sdmp |
Source: |
Binary string: wsspicli.pdb source: WerFault.exe, 00000004.00000003.258315000.00000000056C1000.00000004.00000001.sdmp |
Source: |
Binary string: mscoree.pdb source: WerFault.exe, 00000004.00000003.258315000.00000000056C1000.00000004.00000001.sdmp |
Source: TqSDHvsKpt.exe, 00000001.00000002.519878184.0000000002D71000.00000004.00000001.sdmp |
String found in binary or memory: http://127.0.0.1:HTTP/1.1 |
Source: TqSDHvsKpt.exe, 00000001.00000002.519878184.0000000002D71000.00000004.00000001.sdmp |
String found in binary or memory: http://DynDns.comDynDNS |
Source: TqSDHvsKpt.exe, 00000001.00000002.519878184.0000000002D71000.00000004.00000001.sdmp |
String found in binary or memory: http://PPyygN.com |
Source: TqSDHvsKpt.exe, 00000001.00000002.521543421.00000000030D0000.00000004.00000001.sdmp |
String found in binary or memory: http://crl.comodoca.com/AAACertificateServices.crl04 |
Source: TqSDHvsKpt.exe, 00000001.00000002.518078908.0000000001026000.00000004.00000020.sdmp |
String found in binary or memory: http://crl.comodoca.com/AAACertificateServices.crl06 |
Source: TqSDHvsKpt.exe, 00000001.00000002.521543421.00000000030D0000.00000004.00000001.sdmp |
String found in binary or memory: http://crl.comodoca.com/COMODORSACertificationAuthority.crl0q |
Source: TqSDHvsKpt.exe, 00000001.00000002.521543421.00000000030D0000.00000004.00000001.sdmp |
String found in binary or memory: http://crl.comodoca.com/cPanelIncCertificationAuthority.crl0 |
Source: WerFault.exe, 00000004.00000002.281024250.0000000005230000.00000004.00000001.sdmp |
String found in binary or memory: http://crl.globalsign.net/root-r2.crl0 |
Source: TqSDHvsKpt.exe, 00000001.00000002.521543421.00000000030D0000.00000004.00000001.sdmp |
String found in binary or memory: http://dpobumber.com |
Source: TqSDHvsKpt.exe, 00000001.00000002.521543421.00000000030D0000.00000004.00000001.sdmp |
String found in binary or memory: http://mail.dpobumber.com |
Source: TqSDHvsKpt.exe, 00000001.00000002.518078908.0000000001026000.00000004.00000020.sdmp |
String found in binary or memory: http://ocsp.comodoca |
Source: TqSDHvsKpt.exe, 00000001.00000002.521543421.00000000030D0000.00000004.00000001.sdmp |
String found in binary or memory: http://ocsp.comodoca.com0 |
Source: TqSDHvsKpt.exe, 00000000.00000002.249252982.0000000003111000.00000004.00000001.sdmp |
String found in binary or memory: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name |
Source: Amcache.hve.4.dr |
String found in binary or memory: http://upx.sf.net |
Source: TqSDHvsKpt.exe, 00000001.00000002.519878184.0000000002D71000.00000004.00000001.sdmp, TqSDHvsKpt.exe, 00000001.00000002.521490422.00000000030C6000.00000004.00000001.sdmp, TqSDHvsKpt.exe, 00000001.00000002.521658876.00000000030FB000.00000004.00000001.sdmp |
String found in binary or memory: https://YdNYyLP8dl3DqFR.org |
Source: TqSDHvsKpt.exe, 00000000.00000002.249252982.0000000003111000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.discordapp.com |
Source: TqSDHvsKpt.exe, 00000000.00000002.249252982.0000000003111000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.discordapp.com/attachments/893177342426509335/897762616452214784/6F7A5FA1.jpg |
Source: TqSDHvsKpt.exe, 00000001.00000002.521543421.00000000030D0000.00000004.00000001.sdmp |
String found in binary or memory: https://sectigo.com/CPS0 |
Source: TqSDHvsKpt.exe, 00000000.00000002.253482513.0000000004D24000.00000004.00000001.sdmp, TqSDHvsKpt.exe, 00000001.00000002.512013569.0000000000402000.00000040.00000001.sdmp |
String found in binary or memory: https://www.theonionrouter.com/dist.torproject.org/torbrowser/9.5.3/tor-win32-0.4.3.6.zip |
Source: TqSDHvsKpt.exe, 00000001.00000002.519878184.0000000002D71000.00000004.00000001.sdmp |
String found in binary or memory: https://www.theonionrouter.com/dist.torproject.org/torbrowser/9.5.3/tor-win32-0.4.3.6.zip%tordir%%ha |
Source: |
Binary string: TqSDHvsKpt.PDB source: TqSDHvsKpt.exe, 00000000.00000002.248524110.00000000010F9000.00000004.00000001.sdmp |
Source: |
Binary string: zc.pdbis3B~ source: TqSDHvsKpt.exe, 00000000.00000002.248524110.00000000010F9000.00000004.00000001.sdmp |
Source: |
Binary string: wkernel32.pdb source: WerFault.exe, 00000004.00000003.258315000.00000000056C1000.00000004.00000001.sdmp |
Source: |
Binary string: sechost.pdb source: WerFault.exe, 00000004.00000003.258315000.00000000056C1000.00000004.00000001.sdmp |
Source: |
Binary string: cryptbase.pdb source: WerFault.exe, 00000004.00000003.258315000.00000000056C1000.00000004.00000001.sdmp |
Source: |
Binary string: wkernelbase.pdb source: WerFault.exe, 00000004.00000003.258315000.00000000056C1000.00000004.00000001.sdmp |
Source: |
Binary string: iLC:\Windows\Microsoft.VisualBasic.pdb source: TqSDHvsKpt.exe, 00000000.00000002.248524110.00000000010F9000.00000004.00000001.sdmp |
Source: |
Binary string: bcryptprimitives.pdb source: WerFault.exe, 00000004.00000003.258315000.00000000056C1000.00000004.00000001.sdmp |
Source: |
Binary string: mscoreei.pdb source: WerFault.exe, 00000004.00000003.258315000.00000000056C1000.00000004.00000001.sdmp |
Source: |
Binary string: shlwapi.pdb source: WerFault.exe, 00000004.00000003.258315000.00000000056C1000.00000004.00000001.sdmp |
Source: |
Binary string: msvcrt.pdb source: WerFault.exe, 00000004.00000003.258315000.00000000056C1000.00000004.00000001.sdmp |
Source: |
Binary string: iVisualBasic.pdb source: TqSDHvsKpt.exe, 00000000.00000002.248524110.00000000010F9000.00000004.00000001.sdmp |
Source: |
Binary string: wrpcrt4.pdb source: WerFault.exe, 00000004.00000003.258315000.00000000056C1000.00000004.00000001.sdmp |
Source: |
Binary string: wntdll.pdb source: WerFault.exe, 00000004.00000003.258315000.00000000056C1000.00000004.00000001.sdmp |
Source: |
Binary string: .pdb) source: TqSDHvsKpt.exe, 00000000.00000002.248524110.00000000010F9000.00000004.00000001.sdmp |
Source: |
Binary string: apphelp.pdb source: WerFault.exe, 00000004.00000003.258315000.00000000056C1000.00000004.00000001.sdmp |
Source: |
Binary string: C:\Users\user\Desktop\TqSDHvsKpt.PDB source: TqSDHvsKpt.exe, 00000000.00000002.248524110.00000000010F9000.00000004.00000001.sdmp |
Source: |
Binary string: wntdll.pdbk source: WerFault.exe, 00000004.00000003.258315000.00000000056C1000.00000004.00000001.sdmp |
Source: |
Binary string: advapi32.pdb source: WerFault.exe, 00000004.00000003.258315000.00000000056C1000.00000004.00000001.sdmp |
Source: |
Binary string: wsspicli.pdb source: WerFault.exe, 00000004.00000003.258315000.00000000056C1000.00000004.00000001.sdmp |
Source: |
Binary string: mscoree.pdb source: WerFault.exe, 00000004.00000003.258315000.00000000056C1000.00000004.00000001.sdmp |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe |
Process information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX |
Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: Amcache.hve.4.dr |
Binary or memory string: VMware |
Source: Amcache.hve.4.dr |
Binary or memory string: scsi/disk&ven_vmware&prod_virtual_disk/5&1ec51bf7&0&000000 |
Source: Amcache.hve.4.dr |
Binary or memory string: @scsi/cdrom&ven_necvmwar&prod_vmware_sata_cd00/5&280b647&0&000000 |
Source: Amcache.hve.4.dr |
Binary or memory string: VMware Virtual USB Mouse |
Source: Amcache.hve.4.dr |
Binary or memory string: VMware, Inc. |
Source: Amcache.hve.4.dr |
Binary or memory string: VMware Virtual disk SCSI Disk Devicehbin |
Source: Amcache.hve.4.dr |
Binary or memory string: Microsoft Hyper-V Generation Counter |
Source: Amcache.hve.4.dr |
Binary or memory string: VMware7,1 |
Source: Amcache.hve.4.dr |
Binary or memory string: NECVMWar VMware SATA CD00 |
Source: Amcache.hve.4.dr |
Binary or memory string: VMware Virtual disk SCSI Disk Device |
Source: Amcache.hve.4.dr |
Binary or memory string: BiosVendor:VMware, Inc.,BiosVersion:VMW71.00V.13989454.B64.1906190538,BiosReleaseDate:06/19/2019,BiosMajorRelease:0xff,BiosMinorRelease:0xff,SystemManufacturer:VMware, Inc.,SystemProduct:VMware7,1,SystemFamily:,SystemSKUNumber:,BaseboardManufacturer:,BaseboardProduct:,BaseboardVersion:,EnclosureType:0x1 |
Source: WerFault.exe, 00000004.00000002.280814469.00000000035FC000.00000004.00000001.sdmp |
Binary or memory string: Hyper-V RAW |
Source: WerFault.exe, 00000004.00000002.280814469.00000000035FC000.00000004.00000001.sdmp |
Binary or memory string: Hyper-V RAWing Pseudo-Interface7 |
Source: Amcache.hve.4.dr |
Binary or memory string: scsi\cdromnecvmwarvmware_sata_cd001.00,scsi\cdromnecvmwarvmware_sata_cd00,scsi\cdromnecvmwar,scsi\necvmwarvmware_sata_cd001,necvmwarvmware_sata_cd001,gencdrom |
Source: Amcache.hve.4.dr |
Binary or memory string: scsi\diskvmware__virtual_disk____2.0_,scsi\diskvmware__virtual_disk____,scsi\diskvmware__,scsi\vmware__virtual_disk____2,vmware__virtual_disk____2,gendisk |
Source: Amcache.hve.4.dr |
Binary or memory string: VMware, Inc.me |
Source: Amcache.hve.4.dr |
Binary or memory string: scsi/cdrom&ven_necvmwar&prod_vmware_sata_cd00/5&280b647&0&000000 |
Source: Amcache.hve.4.dr |
Binary or memory string: VMware-42 35 44 6e 75 85 11 47-bd a2 bb ed 21 43 9f 89 |
Source: TqSDHvsKpt.exe, 00000001.00000002.518078908.0000000001026000.00000004.00000020.sdmp |
Binary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll |
Source: Amcache.hve.4.dr |
Binary or memory string: :scsi/disk&ven_vmware&prod_virtual_disk/5&1ec51bf7&0&000000 |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Queries volume information: C:\Users\user\Desktop\TqSDHvsKpt.exe VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Queries volume information: C:\Users\user\Desktop\TqSDHvsKpt.exe VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll VolumeInformation |
Jump to behavior |
Source: C:\Users\user\Desktop\TqSDHvsKpt.exe |
Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll VolumeInformation |
Jump to behavior |