Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | DLL: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools 3.4.0.2\install\0CE0CF4\icuio58.dll | Jump to behavior |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | DLL: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools 3.4.0.2\install\0CE0CF4\libeay32.dll | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\plcd-player.exe | DLL: bcrypt.dll | |
Source: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\plcd-player.exe | DLL: GLU32.dll | |
Source: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\plcd-player.exe | DLL: Secur32.dll | |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | DLL: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools 3.4.0.2\install\0CE0CF4\AWSSDK.SimpleDB.dll | Jump to behavior |
Source: C:\Windows\System32\msiexec.exe | DLL: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\Microsoft.Azure.KeyVault.Core.dll | Jump to behavior |
Source: C:\Windows\System32\msiexec.exe | DLL: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\libeay32.dll | Jump to behavior |
Source: C:\Windows\System32\msiexec.exe | DLL: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\AWSSDK.SimpleDB.dll | Jump to behavior |
Source: C:\Windows\System32\msiexec.exe | DLL: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\ssleay32.dll | Jump to behavior |
Source: C:\Windows\System32\msiexec.exe | DLL: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\icuio58.dll | Jump to behavior |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | DLL: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools 3.4.0.2\install\0CE0CF4\SslCertBinding.Net.dll | Jump to behavior |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | DLL: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools 3.4.0.2\install\0CE0CF4\lcms-5.0.dll | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\plcd-player.exe | DLL: WININET.dll | |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | DLL: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools 3.4.0.2\install\0CE0CF4\ssleay32.dll | Jump to behavior |
Source: C:\Windows\System32\msiexec.exe | DLL: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\System.Threading.Tasks.dll | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\plcd-player.exe | DLL: OPENGL32.dll | |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | DLL: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools 3.4.0.2\install\decoder.dll | Jump to behavior |
Source: C:\Windows\System32\msiexec.exe | DLL: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\SslCertBinding.Net.dll | Jump to behavior |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | DLL: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools 3.4.0.2\install\0CE0CF4\System.Threading.Tasks.dll | Jump to behavior |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | DLL: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools 3.4.0.2\install\0CE0CF4\ICSharpCode.SharpZipLib.dll | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\plcd-player.exe | DLL: iertutil.dll | |
Source: C:\Windows\System32\msiexec.exe | DLL: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\ICSharpCode.SharpZipLib.dll | Jump to behavior |
Source: C:\Windows\System32\msiexec.exe | DLL: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\Delimon.Win32.IO.dll | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\plcd-player.exe | DLL: urlmon.dll | |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | DLL: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools 3.4.0.2\install\0CE0CF4\Microsoft.Azure.KeyVault.Core.dll | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\plcd-player.exe | DLL: libftl2.dll | |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | DLL: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools 3.4.0.2\install\0CE0CF4\Delimon.Win32.IO.dll | Jump to behavior |
Source: C:\Windows\System32\msiexec.exe | DLL: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\lcms-5.0.dll | Jump to behavior |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | DLL: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools 3.4.0.2\install\0CE0CF4\icuio58.dll | Jump to behavior |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | DLL: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools 3.4.0.2\install\0CE0CF4\libeay32.dll | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\plcd-player.exe | DLL: bcrypt.dll | |
Source: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\plcd-player.exe | DLL: GLU32.dll | |
Source: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\plcd-player.exe | DLL: Secur32.dll | |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | DLL: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools 3.4.0.2\install\0CE0CF4\AWSSDK.SimpleDB.dll | Jump to behavior |
Source: C:\Windows\System32\msiexec.exe | DLL: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\Microsoft.Azure.KeyVault.Core.dll | Jump to behavior |
Source: C:\Windows\System32\msiexec.exe | DLL: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\libeay32.dll | Jump to behavior |
Source: C:\Windows\System32\msiexec.exe | DLL: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\AWSSDK.SimpleDB.dll | Jump to behavior |
Source: C:\Windows\System32\msiexec.exe | DLL: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\ssleay32.dll | Jump to behavior |
Source: C:\Windows\System32\msiexec.exe | DLL: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\icuio58.dll | Jump to behavior |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | DLL: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools 3.4.0.2\install\0CE0CF4\SslCertBinding.Net.dll | Jump to behavior |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | DLL: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools 3.4.0.2\install\0CE0CF4\lcms-5.0.dll | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\plcd-player.exe | DLL: WININET.dll | |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | DLL: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools 3.4.0.2\install\0CE0CF4\ssleay32.dll | Jump to behavior |
Source: C:\Windows\System32\msiexec.exe | DLL: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\System.Threading.Tasks.dll | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\plcd-player.exe | DLL: OPENGL32.dll | |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | DLL: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools 3.4.0.2\install\decoder.dll | Jump to behavior |
Source: C:\Windows\System32\msiexec.exe | DLL: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\SslCertBinding.Net.dll | Jump to behavior |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | DLL: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools 3.4.0.2\install\0CE0CF4\System.Threading.Tasks.dll | Jump to behavior |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | DLL: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools 3.4.0.2\install\0CE0CF4\ICSharpCode.SharpZipLib.dll | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\plcd-player.exe | DLL: iertutil.dll | |
Source: C:\Windows\System32\msiexec.exe | DLL: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\ICSharpCode.SharpZipLib.dll | Jump to behavior |
Source: C:\Windows\System32\msiexec.exe | DLL: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\Delimon.Win32.IO.dll | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\plcd-player.exe | DLL: urlmon.dll | |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | DLL: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools 3.4.0.2\install\0CE0CF4\Microsoft.Azure.KeyVault.Core.dll | Jump to behavior |
Source: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\plcd-player.exe | DLL: libftl2.dll | |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | DLL: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools 3.4.0.2\install\0CE0CF4\Delimon.Win32.IO.dll | Jump to behavior |
Source: C:\Windows\System32\msiexec.exe | DLL: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\lcms-5.0.dll | Jump to behavior |
Source: | Binary string: wininet.pdb source: o4c8AUtX1g.exe, 00000001.00000003.673805273.0000000003E90000.00000004.00000001.sdmp |
Source: | Binary string: c:\Data\SkyDrive\Programming\Projects\Delimon\Delimon.Win32.IO 2013\Win32FileLibrary\obj\Release\Delimon.Win32.IO.pdb source: o4c8AUtX1g.exe, 00000001.00000003.706113597.0000000005A36000.00000004.00000001.sdmp, Delimon.Win32.IO.dll.3.dr |
Source: | Binary string: C:\JobRelease\win\Release\stubs\x86\Decoder.pdb source: o4c8AUtX1g.exe |
Source: | Binary string: C:\OpenSSL\Temp\openssl-1.0.2g-x32\out32dll\ssleay32.pdb @ source: o4c8AUtX1g.exe, 00000001.00000003.706357287.0000000005BBE000.00000004.00000001.sdmp, ssleay32.dll.3.dr |
Source: | Binary string: C:\JobRelease\win\Release\stubs\x86\Decoder.pdb2 source: o4c8AUtX1g.exe |
Source: | Binary string: C:\JobRelease\win\Release\custact\x86\SoftwareDetector.pdb source: o4c8AUtX1g.exe, 00000001.00000003.666504324.0000000003C10000.00000004.00000001.sdmp, MSI79F9.tmp.1.dr |
Source: | Binary string: E:\JenkinsWorkspaces\v3-trebuchet-release\AWSDotNetPublic\sdk\src\Services\SimpleDB\obj\net35\Release\net35\AWSSDK.SimpleDB.pdbp source: o4c8AUtX1g.exe, 00000001.00000003.706113597.0000000005A36000.00000004.00000001.sdmp, AWSSDK.SimpleDB.dll.1.dr |
Source: | Binary string: C:\JobRelease\win\Release\custact\x86\SoftwareDetector.pdb] source: o4c8AUtX1g.exe, 00000001.00000003.666504324.0000000003C10000.00000004.00000001.sdmp, MSI79F9.tmp.1.dr |
Source: | Binary string: C:\JobRelease\win\Release\stubs\x86\ExternalUi.pdbk source: o4c8AUtX1g.exe |
Source: | Binary string: C:\JobRelease\win\Release\custact\x86\AICustAct.pdb source: o4c8AUtX1g.exe, 00000001.00000003.666504324.0000000003C10000.00000004.00000001.sdmp, 440bbd.msi.3.dr |
Source: | Binary string: D:\a\1\s\artifacts\obj\Microsoft.Azure.KeyVault.Core\Release\net452\Microsoft.Azure.KeyVault.Core.pdb source: o4c8AUtX1g.exe, 00000001.00000003.706357287.0000000005BBE000.00000004.00000001.sdmp, Microsoft.Azure.KeyVault.Core.dll.1.dr |
Source: | Binary string: C:\JobRelease\win\Release\stubs\x86\ExternalUi.pdb source: o4c8AUtX1g.exe |
Source: | Binary string: C:\JobRelease\win\Release\custact\x86\Prereq.pdb source: o4c8AUtX1g.exe, 00000001.00000003.666756331.0000000003D73000.00000004.00000001.sdmp, 440bbd.msi.3.dr |
Source: | Binary string: C:\Users\User\AppData\Local\Temp\icu_32\lib\icuio.pdb source: o4c8AUtX1g.exe, 00000001.00000003.706357287.0000000005BBE000.00000004.00000001.sdmp, icuio58.dll.3.dr |
Source: | Binary string: C:\JobRelease\win\Release\custact\x86\Prereq.pdbi source: o4c8AUtX1g.exe, 00000001.00000003.666756331.0000000003D73000.00000004.00000001.sdmp, 440bbd.msi.3.dr |
Source: | Binary string: E:\JenkinsWorkspaces\v3-trebuchet-release\AWSDotNetPublic\sdk\src\Services\SimpleDB\obj\net35\Release\net35\AWSSDK.SimpleDB.pdb source: o4c8AUtX1g.exe, 00000001.00000003.706113597.0000000005A36000.00000004.00000001.sdmp, AWSSDK.SimpleDB.dll.1.dr |
Source: | Binary string: C:\Users\User\AppData\Local\Temp\icu_32\lib\icuio.pdb"" source: o4c8AUtX1g.exe, 00000001.00000003.706357287.0000000005BBE000.00000004.00000001.sdmp, icuio58.dll.3.dr |
Source: | Binary string: C:\OpenSSL\Temp\openssl-1.0.2g-x32\out32dll\libeay32.pdb0k source: o4c8AUtX1g.exe, 00000001.00000003.706357287.0000000005BBE000.00000004.00000001.sdmp |
Source: | Binary string: C:\OpenSSL\Temp\openssl-1.0.2g-x32\out32dll\ssleay32.pdb source: o4c8AUtX1g.exe, 00000001.00000003.706357287.0000000005BBE000.00000004.00000001.sdmp, ssleay32.dll.3.dr |
Source: | Binary string: C:\OpenSSL\Temp\openssl-1.0.2g-x32\out32dll\libeay32.pdb source: o4c8AUtX1g.exe, 00000001.00000003.706357287.0000000005BBE000.00000004.00000001.sdmp |
Source: | Binary string: c:\b\4741\2125\src\intermediate\System.Threading.Tasks.v2.5.csproj_75e1c727\Release\System.Threading.Tasks.pdb source: o4c8AUtX1g.exe, 00000001.00000003.706357287.0000000005BBE000.00000004.00000001.sdmp, System.Threading.Tasks.dll.1.dr |
Source: | Binary string: D:\a\1\s\artifacts\obj\Microsoft.Azure.KeyVault.Core\Release\net452\Microsoft.Azure.KeyVault.Core.pdbSHA256 source: o4c8AUtX1g.exe, 00000001.00000003.706357287.0000000005BBE000.00000004.00000001.sdmp, Microsoft.Azure.KeyVault.Core.dll.1.dr |
Source: | Binary string: C:\JobRelease\win\Release\custact\x86\AICustAct.pdbj source: o4c8AUtX1g.exe, 00000001.00000003.666504324.0000000003C10000.00000004.00000001.sdmp, 440bbd.msi.3.dr |
Source: | Binary string: wininet.pdbUGP source: o4c8AUtX1g.exe, 00000001.00000003.673805273.0000000003E90000.00000004.00000001.sdmp |
Source: | Binary string: d:\projects\SslCertBinding.Net\src\SslCertBinding.Net\obj\Release\SslCertBinding.Net.pdb source: o4c8AUtX1g.exe, 00000001.00000003.706357287.0000000005BBE000.00000004.00000001.sdmp, SslCertBinding.Net.dll.1.dr |
Source: | Binary string: C:\JobRelease\win\Release\custact\x86\lzmaextractor.pdb source: o4c8AUtX1g.exe, 00000001.00000003.666504324.0000000003C10000.00000004.00000001.sdmp, 440bbd.msi.3.dr |
Source: C:\Windows\SysWOW64\msiexec.exe | File opened: z: |
Source: C:\Windows\SysWOW64\msiexec.exe | File opened: x: |
Source: C:\Windows\SysWOW64\msiexec.exe | File opened: v: |
Source: C:\Windows\SysWOW64\msiexec.exe | File opened: t: |
Source: C:\Windows\SysWOW64\msiexec.exe | File opened: r: |
Source: C:\Windows\SysWOW64\msiexec.exe | File opened: p: |
Source: C:\Windows\SysWOW64\msiexec.exe | File opened: n: |
Source: C:\Windows\SysWOW64\msiexec.exe | File opened: l: |
Source: C:\Windows\SysWOW64\msiexec.exe | File opened: j: |
Source: C:\Windows\SysWOW64\msiexec.exe | File opened: h: |
Source: C:\Windows\SysWOW64\msiexec.exe | File opened: f: |
Source: C:\Windows\SysWOW64\msiexec.exe | File opened: b: |
Source: C:\Windows\SysWOW64\msiexec.exe | File opened: y: |
Source: C:\Windows\SysWOW64\msiexec.exe | File opened: w: |
Source: C:\Windows\SysWOW64\msiexec.exe | File opened: u: |
Source: C:\Windows\SysWOW64\msiexec.exe | File opened: s: |
Source: C:\Windows\SysWOW64\msiexec.exe | File opened: q: |
Source: C:\Windows\SysWOW64\msiexec.exe | File opened: o: |
Source: C:\Windows\SysWOW64\msiexec.exe | File opened: m: |
Source: C:\Windows\SysWOW64\msiexec.exe | File opened: k: |
Source: C:\Windows\SysWOW64\msiexec.exe | File opened: i: |
Source: C:\Windows\SysWOW64\msiexec.exe | File opened: g: |
Source: C:\Windows\SysWOW64\msiexec.exe | File opened: e: |
Source: C:\Windows\SysWOW64\msiexec.exe | File opened: c: |
Source: C:\Windows\SysWOW64\msiexec.exe | File opened: a: |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | Code function: 1_2_01342910 FindFirstFileW,FindClose, |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | Code function: 1_2_01345B80 FindFirstFileW,FindClose,CloseHandle,CloseHandle,CloseHandle,CreateEventW,CreateThread,WaitForSingleObject,GetExitCodeThread,CloseHandle,CloseHandle,CloseHandle,CloseHandle,CloseHandle,CloseHandle,CloseHandle, |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | Code function: 1_2_01346A30 FindFirstFileW,FindClose, |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | Code function: 1_2_013294D0 FindFirstFileW,GetLastError,FindClose, |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | Code function: 1_2_012A8740 FindClose,PathIsUNCW,FindFirstFileW,GetFullPathNameW,GetFullPathNameW,FindClose,SetLastError,PathIsUNCW, |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | Code function: 1_2_013529C0 FindFirstFileW,FindClose, |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | Code function: 1_2_013640F0 FindFirstFileW,FindNextFileW,FindFirstFileW,FindNextFileW,FindNextFileW,FindClose, |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | Code function: 1_2_01328B70 FindFirstFileW,FindFirstFileW,FindFirstFileW,FindClose,FindClose, |
Source: o4c8AUtX1g.exe, 00000001.00000003.673805273.0000000003E90000.00000004.00000001.sdmp | String found in binary or memory: http://.css |
Source: o4c8AUtX1g.exe, 00000001.00000003.673805273.0000000003E90000.00000004.00000001.sdmp | String found in binary or memory: http://.jpg |
Source: o4c8AUtX1g.exe, 00000001.00000003.706357287.0000000005BBE000.00000004.00000001.sdmp, ssleay32.dll.3.dr | String found in binary or memory: http://aia.startssl.com/certs/ca.crt02 |
Source: o4c8AUtX1g.exe, 00000001.00000003.706357287.0000000005BBE000.00000004.00000001.sdmp, ssleay32.dll.3.dr | String found in binary or memory: http://aia.startssl.com/certs/sub.class2.code.ca.crt0# |
Source: o4c8AUtX1g.exe, 00000001.00000003.706016324.0000000005969000.00000004.00000001.sdmp, plcd-player.exe, 00000009.00000002.934202867.0000000000CDA000.00000002.00020000.sdmp, plcd-player.exe.3.dr | String found in binary or memory: http://apache.org/xml/UnknownNSUCS4UCS-4UCS_4UTF-32ISO-10646-UCS-4UCS-4 |
Source: o4c8AUtX1g.exe, 00000001.00000003.706016324.0000000005969000.00000004.00000001.sdmp, plcd-player.exe, 00000009.00000002.934202867.0000000000CDA000.00000002.00020000.sdmp, plcd-player.exe.3.dr | String found in binary or memory: http://apache.org/xml/messages/XML4CErrors#FIXEDEBCDIC-CP-USIBM037IBM1047IBM-1047IBM1140IBM01140CCSI |
Source: o4c8AUtX1g.exe, 00000001.00000003.706016324.0000000005969000.00000004.00000001.sdmp, plcd-player.exe, 00000009.00000002.934202867.0000000000CDA000.00000002.00020000.sdmp, plcd-player.exe.3.dr | String found in binary or memory: http://apache.org/xml/messages/XMLValidityWINDOWS-1252XERCES-XMLCHhttp://apache.org/xml/messages/XML |
Source: o4c8AUtX1g.exe | String found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0 |
Source: o4c8AUtX1g.exe | String found in binary or memory: http://cacerts.digicert.com/DigiCertSHA2AssuredIDTimestampingCA.crt0 |
Source: o4c8AUtX1g.exe | String found in binary or memory: http://crl.comodoca.com/AAACertificateServices.crl04 |
Source: o4c8AUtX1g.exe | String found in binary or memory: http://crl.comodoca.com/AAACertificateServices.crl06 |
Source: o4c8AUtX1g.exe, 00000001.00000003.706113597.0000000005A36000.00000004.00000001.sdmp, AWSSDK.SimpleDB.dll.1.dr | String found in binary or memory: http://crl.comodoca.com/COMODORSACertificationAuthority.crl0q |
Source: o4c8AUtX1g.exe, 00000001.00000003.706113597.0000000005A36000.00000004.00000001.sdmp, AWSSDK.SimpleDB.dll.1.dr | String found in binary or memory: http://crl.comodoca.com/COMODORSAExtendedValidationCodeSigningCA.crl0 |
Source: o4c8AUtX1g.exe, 00000001.00000003.706357287.0000000005BBE000.00000004.00000001.sdmp, ssleay32.dll.3.dr | String found in binary or memory: http://crl.globalsign.com/gs/gstimestampingg2.crl0T |
Source: o4c8AUtX1g.exe, 00000001.00000003.707309857.0000000003B11000.00000004.00000001.sdmp | String found in binary or memory: http://crl.globalsign.net/root-r2.crl0 |
Source: o4c8AUtX1g.exe, 00000001.00000003.706357287.0000000005BBE000.00000004.00000001.sdmp, ssleay32.dll.3.dr | String found in binary or memory: http://crl.globalsign.net/root.crl0 |
Source: o4c8AUtX1g.exe | String found in binary or memory: http://crl.sectigo.com/SectigoPublicCodeSigningCAEVR36.crl0 |
Source: o4c8AUtX1g.exe | String found in binary or memory: http://crl.sectigo.com/SectigoPublicCodeSigningRootR46.crl0 |
Source: o4c8AUtX1g.exe, 00000001.00000003.706357287.0000000005BBE000.00000004.00000001.sdmp, icuio58.dll.3.dr | String found in binary or memory: http://crl.sectigo.com/SectigoRSATimeStampingCA.crl0t |
Source: o4c8AUtX1g.exe, 00000001.00000003.706357287.0000000005BBE000.00000004.00000001.sdmp, ssleay32.dll.3.dr | String found in binary or memory: http://crl.startssl.com/crtc2-crl.crl0 |
Source: o4c8AUtX1g.exe, 00000001.00000003.706357287.0000000005BBE000.00000004.00000001.sdmp, ssleay32.dll.3.dr | String found in binary or memory: http://crl.startssl.com/sfsca.crl0C |
Source: o4c8AUtX1g.exe | String found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0P |
Source: o4c8AUtX1g.exe | String found in binary or memory: http://crl3.digicert.com/sha2-assured-ts.crl02 |
Source: o4c8AUtX1g.exe | String found in binary or memory: http://crl4.digicert.com/DigiCertAssuredIDRootCA.crl0: |
Source: o4c8AUtX1g.exe | String found in binary or memory: http://crl4.digicert.com/sha2-assured-ts.crl0 |
Source: o4c8AUtX1g.exe | String found in binary or memory: http://crt.sectigo.com/SectigoPublicCodeSigningCAEVR36.crt0# |
Source: o4c8AUtX1g.exe | String found in binary or memory: http://crt.sectigo.com/SectigoPublicCodeSigningRootR46.p7c0# |
Source: o4c8AUtX1g.exe, 00000001.00000003.706357287.0000000005BBE000.00000004.00000001.sdmp, icuio58.dll.3.dr | String found in binary or memory: http://crt.sectigo.com/SectigoRSATimeStampingCA.crt0# |
Source: o4c8AUtX1g.exe, 00000001.00000003.707309857.0000000003B11000.00000004.00000001.sdmp | String found in binary or memory: http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en |
Source: o4c8AUtX1g.exe, 00000001.00000003.673805273.0000000003E90000.00000004.00000001.sdmp | String found in binary or memory: http://html4/loose.dtd |
Source: o4c8AUtX1g.exe, 00000001.00000003.706357287.0000000005BBE000.00000004.00000001.sdmp, icuio58.dll.3.dr | String found in binary or memory: http://icu-project.org |
Source: o4c8AUtX1g.exe, 00000001.00000003.706357287.0000000005BBE000.00000004.00000001.sdmp, ssleay32.dll.3.dr | String found in binary or memory: http://mybusinesscatalog.com0 |
Source: o4c8AUtX1g.exe | String found in binary or memory: http://ocsp.comodoca.com0 |
Source: o4c8AUtX1g.exe, 00000001.00000003.706113597.0000000005A36000.00000004.00000001.sdmp, AWSSDK.SimpleDB.dll.1.dr | String found in binary or memory: http://ocsp.comodoca.com0B |
Source: o4c8AUtX1g.exe | String found in binary or memory: http://ocsp.digicert.com0C |
Source: o4c8AUtX1g.exe | String found in binary or memory: http://ocsp.digicert.com0O |
Source: o4c8AUtX1g.exe, icuio58.dll.3.dr | String found in binary or memory: http://ocsp.sectigo.com0 |
Source: o4c8AUtX1g.exe | String found in binary or memory: http://ocsp.sectigo.com0) |
Source: o4c8AUtX1g.exe, 00000001.00000003.706357287.0000000005BBE000.00000004.00000001.sdmp, ssleay32.dll.3.dr | String found in binary or memory: http://ocsp.startssl.com/ca00 |
Source: o4c8AUtX1g.exe, 00000001.00000003.706357287.0000000005BBE000.00000004.00000001.sdmp, ssleay32.dll.3.dr | String found in binary or memory: http://ocsp.startssl.com/sub/class2/code/ca0 |
Source: o4c8AUtX1g.exe, 00000001.00000003.706357287.0000000005BBE000.00000004.00000001.sdmp, ssleay32.dll.3.dr | String found in binary or memory: http://secure.globalsign.com/cacert/gstimestampingg2.crt0 |
Source: o4c8AUtX1g.exe, 00000001.00000003.666504324.0000000003C10000.00000004.00000001.sdmp, MSI79F9.tmp.1.dr | String found in binary or memory: http://t1.symcb.com/ThawtePCA.crl0 |
Source: o4c8AUtX1g.exe, 00000001.00000003.666504324.0000000003C10000.00000004.00000001.sdmp, MSI79F9.tmp.1.dr | String found in binary or memory: http://t2.symcb.com0 |
Source: o4c8AUtX1g.exe, 00000001.00000003.666504324.0000000003C10000.00000004.00000001.sdmp, MSI79F9.tmp.1.dr | String found in binary or memory: http://tl.symcb.com/tl.crl0 |
Source: o4c8AUtX1g.exe, 00000001.00000003.666504324.0000000003C10000.00000004.00000001.sdmp, MSI79F9.tmp.1.dr | String found in binary or memory: http://tl.symcb.com/tl.crt0 |
Source: o4c8AUtX1g.exe, 00000001.00000003.666504324.0000000003C10000.00000004.00000001.sdmp, MSI79F9.tmp.1.dr | String found in binary or memory: http://tl.symcd.com0& |
Source: o4c8AUtX1g.exe, 00000001.00000003.703979629.0000000005640000.00000004.00000001.sdmp, License.txt.1.dr | String found in binary or memory: http://www.MyBusinessCatalog.com |
Source: o4c8AUtX1g.exe | String found in binary or memory: http://www.digicert.com/CPS0 |
Source: o4c8AUtX1g.exe, 00000001.00000003.703979629.0000000005640000.00000004.00000001.sdmp, ecb-eurofxref-daily.xml.3.dr | String found in binary or memory: http://www.ecb.int/vocabulary/2002-08-01/eurofxref |
Source: o4c8AUtX1g.exe, 00000001.00000003.703979629.0000000005640000.00000004.00000001.sdmp, ecb-eurofxref-daily.xml.3.dr | String found in binary or memory: http://www.gesmes.org/xml/2002-08-01 |
Source: o4c8AUtX1g.exe, 00000001.00000003.706357287.0000000005BBE000.00000004.00000001.sdmp, ssleay32.dll.3.dr | String found in binary or memory: http://www.openssl.org/V |
Source: o4c8AUtX1g.exe, 00000001.00000003.706357287.0000000005BBE000.00000004.00000001.sdmp | String found in binary or memory: http://www.openssl.org/support/faq.html |
Source: o4c8AUtX1g.exe, 00000001.00000003.706357287.0000000005BBE000.00000004.00000001.sdmp | String found in binary or memory: http://www.openssl.org/support/faq.html....................rbwb.rndC:HOMERANDFILEPRNG |
Source: o4c8AUtX1g.exe, 00000001.00000003.706357287.0000000005BBE000.00000004.00000001.sdmp, ssleay32.dll.3.dr | String found in binary or memory: http://www.startssl.com/0 |
Source: o4c8AUtX1g.exe, 00000001.00000003.706357287.0000000005BBE000.00000004.00000001.sdmp, ssleay32.dll.3.dr | String found in binary or memory: http://www.startssl.com/policy.pdf0 |
Source: icuio58.dll.3.dr | String found in binary or memory: http://www.unicode.org/copyright.html |
Source: o4c8AUtX1g.exe, 00000001.00000003.706357287.0000000005BBE000.00000004.00000001.sdmp, Microsoft.Azure.KeyVault.Core.dll.1.dr | String found in binary or memory: https://aka.ms/azsdkvalueprop. |
Source: currencysystem5.json.3.dr | String found in binary or memory: https://currencysystem.com |
Source: o4c8AUtX1g.exe, 00000001.00000003.703979629.0000000005640000.00000004.00000001.sdmp, currencysystem4.js.3.dr | String found in binary or memory: https://currencysystem.com/gfx/pub/script-button-88x31.gif |
Source: o4c8AUtX1g.exe, 00000001.00000003.703979629.0000000005640000.00000004.00000001.sdmp, currencysystem5.js.3.dr, currencysystem5.json.3.dr | String found in binary or memory: https://currencysystem.com/gfx/pub/script-button-88x31.png |
Source: o4c8AUtX1g.exe, 00000001.00000003.703979629.0000000005640000.00000004.00000001.sdmp, currencysystem4.js.3.dr | String found in binary or memory: https://currencysystem.com/gfx/pub/script-icon-16x16.gif |
Source: o4c8AUtX1g.exe, 00000001.00000003.703979629.0000000005640000.00000004.00000001.sdmp, currencysystem5.js.3.dr, currencysystem5.json.3.dr | String found in binary or memory: https://currencysystem.com/gfx/pub/script-icon-16x16.png |
Source: o4c8AUtX1g.exe | String found in binary or memory: https://sectigo.com/CPS0 |
Source: o4c8AUtX1g.exe, 00000001.00000003.706357287.0000000005BBE000.00000004.00000001.sdmp, icuio58.dll.3.dr | String found in binary or memory: https://sectigo.com/CPS0D |
Source: o4c8AUtX1g.exe, 00000001.00000003.706113597.0000000005A36000.00000004.00000001.sdmp, AWSSDK.SimpleDB.dll.1.dr | String found in binary or memory: https://secure.comodo.com/CPS0L |
Source: o4c8AUtX1g.exe, 00000001.00000003.666504324.0000000003C10000.00000004.00000001.sdmp, MSI79F9.tmp.1.dr | String found in binary or memory: https://www.advancedinstaller.com |
Source: o4c8AUtX1g.exe | String found in binary or memory: https://www.digicert.com/CPS0 |
Source: o4c8AUtX1g.exe, 00000001.00000003.706357287.0000000005BBE000.00000004.00000001.sdmp, ssleay32.dll.3.dr | String found in binary or memory: https://www.globalsign.com/repository/0 |
Source: o4c8AUtX1g.exe, 00000001.00000003.706357287.0000000005BBE000.00000004.00000001.sdmp, ssleay32.dll.3.dr | String found in binary or memory: https://www.globalsign.com/repository/03 |
Source: o4c8AUtX1g.exe, 00000001.00000003.706357287.0000000005BBE000.00000004.00000001.sdmp, Microsoft.Azure.KeyVault.Core.dll.1.dr | String found in binary or memory: https://www.nuget.org/packages/Azure.Security.KeyVault.Certificates |
Source: o4c8AUtX1g.exe, 00000001.00000003.706357287.0000000005BBE000.00000004.00000001.sdmp, Microsoft.Azure.KeyVault.Core.dll.1.dr | String found in binary or memory: https://www.nuget.org/packages/Azure.Security.KeyVault.Keys |
Source: o4c8AUtX1g.exe, 00000001.00000003.706357287.0000000005BBE000.00000004.00000001.sdmp, Microsoft.Azure.KeyVault.Core.dll.1.dr | String found in binary or memory: https://www.nuget.org/packages/Azure.Security.KeyVault.Secrets |
Source: o4c8AUtX1g.exe, 00000001.00000003.666504324.0000000003C10000.00000004.00000001.sdmp, MSI79F9.tmp.1.dr | String found in binary or memory: https://www.thawte.com/cps0/ |
Source: o4c8AUtX1g.exe, 00000001.00000003.666504324.0000000003C10000.00000004.00000001.sdmp, MSI79F9.tmp.1.dr | String found in binary or memory: https://www.thawte.com/repository0W |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | Code function: 1_2_01342910 |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | Code function: 1_2_012A8740 |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | Code function: 1_2_013446B0 |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | Code function: 1_2_01292080 |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | Code function: 1_2_012AC080 |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | Code function: 1_2_013038F0 |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | Code function: 1_2_013D7354 |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | Code function: 1_2_013C2241 |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | Code function: 1_2_012A6AC0 |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | Code function: 1_2_012BF560 |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | Code function: 1_2_013D8F4E |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | Code function: 1_2_013D8E2E |
Source: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\plcd-player.exe | Code function: 9_2_00AB0130 |
Source: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\plcd-player.exe | Code function: 9_2_00ACB960 |
Source: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\plcd-player.exe | Code function: 9_2_00AA6AF0 |
Source: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\plcd-player.exe | Code function: 9_2_00C43483 |
Source: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\plcd-player.exe | Code function: 9_2_00C344AF |
Source: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\plcd-player.exe | Code function: 9_2_00C274B9 |
Source: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\plcd-player.exe | Code function: 9_2_00C3FC19 |
Source: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\plcd-player.exe | Code function: 9_2_00C435A3 |
Source: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\plcd-player.exe | Code function: 9_2_00AA75D0 |
Source: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\plcd-player.exe | Code function: 9_2_00AD5D70 |
Source: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\plcd-player.exe | Code function: 9_2_00AAAF30 |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | Code function: 1_2_0129D890 NtdllDefWindowProc_W, |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | Code function: 1_2_012A0320 NtdllDefWindowProc_W, |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | Code function: 1_2_0129D260 SysFreeString,SysAllocString,NtdllDefWindowProc_W,GlobalAlloc,GlobalLock,GlobalUnlock,SysFreeString,NtdllDefWindowProc_W,SysFreeString, |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | Code function: 1_2_012AA2E0 NtdllDefWindowProc_W,DeleteCriticalSection, |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | Code function: 1_2_0129FD60 NtdllDefWindowProc_W, |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | Code function: 1_2_0129CCB0 NtdllDefWindowProc_W,GlobalAlloc,GlobalLock,GlobalUnlock,NtdllDefWindowProc_W, |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | Code function: 1_2_012C7CF0 NtdllDefWindowProc_W, |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | Code function: 1_2_012A6760 NtdllDefWindowProc_W, |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | Code function: 1_2_0129F740 NtdllDefWindowProc_W, |
Source: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\plcd-player.exe | Code function: 9_2_00A719A0 NtQuerySystemInformation,Sleep,GetLongPathNameW,GetLongPathNameW,GetLongPathNameW,CreateThread,GetLastError,QueueUserAPC,CloseHandle,GetLastError,TerminateThread,CloseHandle,SetLastError,WaitForSingleObject,GetExitCodeThread,CloseHandle,GetLastError,GetLastError, |
Source: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\plcd-player.exe | Code function: 9_2_00A71703 NtMapViewOfSection, |
Source: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\plcd-player.exe | Code function: 9_2_00A71C90 GetProcAddress,NtCreateSection,memset, |
Source: o4c8AUtX1g.exe, 00000001.00000002.723507064.000000000147D000.00000002.00020000.sdmp | Binary or memory string: OriginalFileNameplcd-player.exe> vs o4c8AUtX1g.exe |
Source: o4c8AUtX1g.exe, 00000001.00000003.673805273.0000000003E90000.00000004.00000001.sdmp | Binary or memory string: OriginalFilenamewininet.dllD vs o4c8AUtX1g.exe |
Source: o4c8AUtX1g.exe, 00000001.00000003.666504324.0000000003C10000.00000004.00000001.sdmp | Binary or memory string: OriginalFilenamelzmaextractor.dllF vs o4c8AUtX1g.exe |
Source: o4c8AUtX1g.exe, 00000001.00000003.666504324.0000000003C10000.00000004.00000001.sdmp | Binary or memory string: OriginalFilenameAICustAct.dllF vs o4c8AUtX1g.exe |
Source: o4c8AUtX1g.exe, 00000001.00000003.706113597.0000000005A36000.00000004.00000001.sdmp | Binary or memory string: OriginalFilenameJDesktop.tools vs o4c8AUtX1g.exe |
Source: o4c8AUtX1g.exe, 00000001.00000003.706113597.0000000005A36000.00000004.00000001.sdmp | Binary or memory string: OriginalFilenameAWSSDK.SimpleDB.dllb! vs o4c8AUtX1g.exe |
Source: o4c8AUtX1g.exe, 00000001.00000003.706113597.0000000005A36000.00000004.00000001.sdmp | Binary or memory string: OriginalFilenameDelimon.Win32.IO.dllD vs o4c8AUtX1g.exe |
Source: o4c8AUtX1g.exe, 00000001.00000003.706113597.0000000005A36000.00000004.00000001.sdmp | Binary or memory string: OriginalFilenameICSharpCode.SharpZipLib.dll8 vs o4c8AUtX1g.exe |
Source: o4c8AUtX1g.exe, 00000001.00000003.666756331.0000000003D73000.00000004.00000001.sdmp | Binary or memory string: OriginalFilenameSoftwareDetector.dllF vs o4c8AUtX1g.exe |
Source: o4c8AUtX1g.exe, 00000001.00000003.666756331.0000000003D73000.00000004.00000001.sdmp | Binary or memory string: OriginalFilenamePrereq.dllF vs o4c8AUtX1g.exe |
Source: o4c8AUtX1g.exe, 00000001.00000003.706357287.0000000005BBE000.00000004.00000001.sdmp | Binary or memory string: OriginalFilenameicuio58.dll vs o4c8AUtX1g.exe |
Source: o4c8AUtX1g.exe, 00000001.00000003.706357287.0000000005BBE000.00000004.00000001.sdmp | Binary or memory string: OriginalFilenameUtilities_HelperlL vs o4c8AUtX1g.exe |
Source: o4c8AUtX1g.exe, 00000001.00000003.706357287.0000000005BBE000.00000004.00000001.sdmp | Binary or memory string: OriginalFilenamelibeay32.dllH vs o4c8AUtX1g.exe |
Source: o4c8AUtX1g.exe, 00000001.00000003.706357287.0000000005BBE000.00000004.00000001.sdmp | Binary or memory string: OriginalFilenameMicrosoft.Azure.KeyVault.Core.dll> vs o4c8AUtX1g.exe |
Source: o4c8AUtX1g.exe, 00000001.00000003.706357287.0000000005BBE000.00000004.00000001.sdmp | Binary or memory string: OriginalFilenameSslCertBinding.Net.dllH vs o4c8AUtX1g.exe |
Source: o4c8AUtX1g.exe, 00000001.00000003.706357287.0000000005BBE000.00000004.00000001.sdmp | Binary or memory string: OriginalFilenamessleay32.dllH vs o4c8AUtX1g.exe |
Source: o4c8AUtX1g.exe, 00000001.00000003.706357287.0000000005BBE000.00000004.00000001.sdmp | Binary or memory string: OriginalFilenameSystem.Threading.Tasks.dllP vs o4c8AUtX1g.exe |
Source: o4c8AUtX1g.exe | Binary or memory string: OriginalFileNameplcd-player.exe> vs o4c8AUtX1g.exe |
Source: o4c8AUtX1g.exe | Binary or memory string: OriginalFilenameDecoder.dllF vs o4c8AUtX1g.exe |
Source: unknown | Process created: C:\Users\user\Desktop\o4c8AUtX1g.exe 'C:\Users\user\Desktop\o4c8AUtX1g.exe' |
Source: unknown | Process created: C:\Windows\System32\msiexec.exe C:\Windows\system32\msiexec.exe /V |
Source: C:\Windows\System32\msiexec.exe | Process created: C:\Windows\SysWOW64\msiexec.exe C:\Windows\syswow64\MsiExec.exe -Embedding D90C408BAA115D1625882500CC5A128E C |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | Process created: C:\Windows\SysWOW64\msiexec.exe 'C:\Windows\system32\msiexec.exe' /i 'C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools 3.4.0.2\install\0CE0CF4\adv.msi' AI_SETUPEXEPATH=C:\Users\user\Desktop\o4c8AUtX1g.exe SETUPEXEDIR=C:\Users\user\Desktop\ EXE_CMD_LINE='/exenoupdates /forcecleanup /wintime 1635154532 ' AI_EUIMSI='' |
Source: C:\Windows\System32\msiexec.exe | Process created: C:\Windows\SysWOW64\msiexec.exe C:\Windows\syswow64\MsiExec.exe -Embedding 97E0B76AE09D0E82CE071E7BABCE98E1 |
Source: C:\Windows\System32\msiexec.exe | Process created: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\plcd-player.exe C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\plcd-player.exe |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | Process created: C:\Windows\SysWOW64\msiexec.exe 'C:\Windows\system32\msiexec.exe' /i 'C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools 3.4.0.2\install\0CE0CF4\adv.msi' AI_SETUPEXEPATH=C:\Users\user\Desktop\o4c8AUtX1g.exe SETUPEXEDIR=C:\Users\user\Desktop\ EXE_CMD_LINE='/exenoupdates /forcecleanup /wintime 1635154532 ' AI_EUIMSI='' |
Source: C:\Windows\System32\msiexec.exe | Process created: C:\Windows\SysWOW64\msiexec.exe C:\Windows\syswow64\MsiExec.exe -Embedding D90C408BAA115D1625882500CC5A128E C |
Source: C:\Windows\System32\msiexec.exe | Process created: C:\Windows\SysWOW64\msiexec.exe C:\Windows\syswow64\MsiExec.exe -Embedding 97E0B76AE09D0E82CE071E7BABCE98E1 |
Source: C:\Windows\System32\msiexec.exe | Process created: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\plcd-player.exe C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\plcd-player.exe |
Source: | Binary string: wininet.pdb source: o4c8AUtX1g.exe, 00000001.00000003.673805273.0000000003E90000.00000004.00000001.sdmp |
Source: | Binary string: c:\Data\SkyDrive\Programming\Projects\Delimon\Delimon.Win32.IO 2013\Win32FileLibrary\obj\Release\Delimon.Win32.IO.pdb source: o4c8AUtX1g.exe, 00000001.00000003.706113597.0000000005A36000.00000004.00000001.sdmp, Delimon.Win32.IO.dll.3.dr |
Source: | Binary string: C:\JobRelease\win\Release\stubs\x86\Decoder.pdb source: o4c8AUtX1g.exe |
Source: | Binary string: C:\OpenSSL\Temp\openssl-1.0.2g-x32\out32dll\ssleay32.pdb @ source: o4c8AUtX1g.exe, 00000001.00000003.706357287.0000000005BBE000.00000004.00000001.sdmp, ssleay32.dll.3.dr |
Source: | Binary string: C:\JobRelease\win\Release\stubs\x86\Decoder.pdb2 source: o4c8AUtX1g.exe |
Source: | Binary string: C:\JobRelease\win\Release\custact\x86\SoftwareDetector.pdb source: o4c8AUtX1g.exe, 00000001.00000003.666504324.0000000003C10000.00000004.00000001.sdmp, MSI79F9.tmp.1.dr |
Source: | Binary string: E:\JenkinsWorkspaces\v3-trebuchet-release\AWSDotNetPublic\sdk\src\Services\SimpleDB\obj\net35\Release\net35\AWSSDK.SimpleDB.pdbp source: o4c8AUtX1g.exe, 00000001.00000003.706113597.0000000005A36000.00000004.00000001.sdmp, AWSSDK.SimpleDB.dll.1.dr |
Source: | Binary string: C:\JobRelease\win\Release\custact\x86\SoftwareDetector.pdb] source: o4c8AUtX1g.exe, 00000001.00000003.666504324.0000000003C10000.00000004.00000001.sdmp, MSI79F9.tmp.1.dr |
Source: | Binary string: C:\JobRelease\win\Release\stubs\x86\ExternalUi.pdbk source: o4c8AUtX1g.exe |
Source: | Binary string: C:\JobRelease\win\Release\custact\x86\AICustAct.pdb source: o4c8AUtX1g.exe, 00000001.00000003.666504324.0000000003C10000.00000004.00000001.sdmp, 440bbd.msi.3.dr |
Source: | Binary string: D:\a\1\s\artifacts\obj\Microsoft.Azure.KeyVault.Core\Release\net452\Microsoft.Azure.KeyVault.Core.pdb source: o4c8AUtX1g.exe, 00000001.00000003.706357287.0000000005BBE000.00000004.00000001.sdmp, Microsoft.Azure.KeyVault.Core.dll.1.dr |
Source: | Binary string: C:\JobRelease\win\Release\stubs\x86\ExternalUi.pdb source: o4c8AUtX1g.exe |
Source: | Binary string: C:\JobRelease\win\Release\custact\x86\Prereq.pdb source: o4c8AUtX1g.exe, 00000001.00000003.666756331.0000000003D73000.00000004.00000001.sdmp, 440bbd.msi.3.dr |
Source: | Binary string: C:\Users\User\AppData\Local\Temp\icu_32\lib\icuio.pdb source: o4c8AUtX1g.exe, 00000001.00000003.706357287.0000000005BBE000.00000004.00000001.sdmp, icuio58.dll.3.dr |
Source: | Binary string: C:\JobRelease\win\Release\custact\x86\Prereq.pdbi source: o4c8AUtX1g.exe, 00000001.00000003.666756331.0000000003D73000.00000004.00000001.sdmp, 440bbd.msi.3.dr |
Source: | Binary string: E:\JenkinsWorkspaces\v3-trebuchet-release\AWSDotNetPublic\sdk\src\Services\SimpleDB\obj\net35\Release\net35\AWSSDK.SimpleDB.pdb source: o4c8AUtX1g.exe, 00000001.00000003.706113597.0000000005A36000.00000004.00000001.sdmp, AWSSDK.SimpleDB.dll.1.dr |
Source: | Binary string: C:\Users\User\AppData\Local\Temp\icu_32\lib\icuio.pdb"" source: o4c8AUtX1g.exe, 00000001.00000003.706357287.0000000005BBE000.00000004.00000001.sdmp, icuio58.dll.3.dr |
Source: | Binary string: C:\OpenSSL\Temp\openssl-1.0.2g-x32\out32dll\libeay32.pdb0k source: o4c8AUtX1g.exe, 00000001.00000003.706357287.0000000005BBE000.00000004.00000001.sdmp |
Source: | Binary string: C:\OpenSSL\Temp\openssl-1.0.2g-x32\out32dll\ssleay32.pdb source: o4c8AUtX1g.exe, 00000001.00000003.706357287.0000000005BBE000.00000004.00000001.sdmp, ssleay32.dll.3.dr |
Source: | Binary string: C:\OpenSSL\Temp\openssl-1.0.2g-x32\out32dll\libeay32.pdb source: o4c8AUtX1g.exe, 00000001.00000003.706357287.0000000005BBE000.00000004.00000001.sdmp |
Source: | Binary string: c:\b\4741\2125\src\intermediate\System.Threading.Tasks.v2.5.csproj_75e1c727\Release\System.Threading.Tasks.pdb source: o4c8AUtX1g.exe, 00000001.00000003.706357287.0000000005BBE000.00000004.00000001.sdmp, System.Threading.Tasks.dll.1.dr |
Source: | Binary string: D:\a\1\s\artifacts\obj\Microsoft.Azure.KeyVault.Core\Release\net452\Microsoft.Azure.KeyVault.Core.pdbSHA256 source: o4c8AUtX1g.exe, 00000001.00000003.706357287.0000000005BBE000.00000004.00000001.sdmp, Microsoft.Azure.KeyVault.Core.dll.1.dr |
Source: | Binary string: C:\JobRelease\win\Release\custact\x86\AICustAct.pdbj source: o4c8AUtX1g.exe, 00000001.00000003.666504324.0000000003C10000.00000004.00000001.sdmp, 440bbd.msi.3.dr |
Source: | Binary string: wininet.pdbUGP source: o4c8AUtX1g.exe, 00000001.00000003.673805273.0000000003E90000.00000004.00000001.sdmp |
Source: | Binary string: d:\projects\SslCertBinding.Net\src\SslCertBinding.Net\obj\Release\SslCertBinding.Net.pdb source: o4c8AUtX1g.exe, 00000001.00000003.706357287.0000000005BBE000.00000004.00000001.sdmp, SslCertBinding.Net.dll.1.dr |
Source: | Binary string: C:\JobRelease\win\Release\custact\x86\lzmaextractor.pdb source: o4c8AUtX1g.exe, 00000001.00000003.666504324.0000000003C10000.00000004.00000001.sdmp, 440bbd.msi.3.dr |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | File created: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools 3.4.0.2\install\0CE0CF4\icuio58.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | File created: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools 3.4.0.2\install\0CE0CF4\libeay32.dll | Jump to dropped file |
Source: C:\Windows\System32\msiexec.exe | File created: C:\Windows\Installer\MSI11D7.tmp | Jump to dropped file |
Source: C:\Windows\System32\msiexec.exe | File created: C:\Windows\Installer\MSI193F.tmp | Jump to dropped file |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | File created: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools 3.4.0.2\install\0CE0CF4\AWSSDK.SimpleDB.dll | Jump to dropped file |
Source: C:\Windows\System32\msiexec.exe | File created: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\Microsoft.Azure.KeyVault.Core.dll | Jump to dropped file |
Source: C:\Windows\System32\msiexec.exe | File created: C:\Windows\Installer\MSI1488.tmp | Jump to dropped file |
Source: C:\Windows\System32\msiexec.exe | File created: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\libeay32.dll | Jump to dropped file |
Source: C:\Windows\System32\msiexec.exe | File created: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\AWSSDK.SimpleDB.dll | Jump to dropped file |
Source: C:\Windows\System32\msiexec.exe | File created: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\ssleay32.dll | Jump to dropped file |
Source: C:\Windows\System32\msiexec.exe | File created: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\icuio58.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | File created: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools 3.4.0.2\install\0CE0CF4\SslCertBinding.Net.dll | Jump to dropped file |
Source: C:\Windows\System32\msiexec.exe | File created: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\plcd-player.exe | Jump to dropped file |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | File created: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools 3.4.0.2\install\0CE0CF4\lcms-5.0.dll | Jump to dropped file |
Source: C:\Windows\System32\msiexec.exe | File created: C:\Windows\Installer\MSI1815.tmp | Jump to dropped file |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | File created: C:\Users\user\AppData\Local\Temp\shi7515.tmp | Jump to dropped file |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | File created: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools 3.4.0.2\install\0CE0CF4\ssleay32.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | File created: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools 3.4.0.2\install\0CE0CF4\plcd-player.exe | Jump to dropped file |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | File created: C:\Users\user\AppData\Local\Temp\MSI76CC.tmp | Jump to dropped file |
Source: C:\Windows\System32\msiexec.exe | File created: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\System.Threading.Tasks.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | File created: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools 3.4.0.2\install\decoder.dll | Jump to dropped file |
Source: C:\Windows\System32\msiexec.exe | File created: C:\Windows\Installer\MSI16EB.tmp | Jump to dropped file |
Source: C:\Windows\System32\msiexec.exe | File created: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\SslCertBinding.Net.dll | Jump to dropped file |
Source: C:\Windows\System32\msiexec.exe | File created: C:\Windows\Installer\MSI15F0.tmp | Jump to dropped file |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | File created: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools 3.4.0.2\install\0CE0CF4\ICSharpCode.SharpZipLib.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | File created: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools 3.4.0.2\install\0CE0CF4\System.Threading.Tasks.dll | Jump to dropped file |
Source: C:\Windows\System32\msiexec.exe | File created: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\ICSharpCode.SharpZipLib.dll | Jump to dropped file |
Source: C:\Windows\System32\msiexec.exe | File created: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\Delimon.Win32.IO.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | File created: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools 3.4.0.2\install\0CE0CF4\Microsoft.Azure.KeyVault.Core.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | File created: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools 3.4.0.2\install\0CE0CF4\Delimon.Win32.IO.dll | Jump to dropped file |
Source: C:\Windows\System32\msiexec.exe | File created: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\lcms-5.0.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | File created: C:\Users\user\AppData\Local\Temp\MSI79F9.tmp | Jump to dropped file |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\System32\msiexec.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\System32\msiexec.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\System32\msiexec.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\System32\msiexec.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\System32\msiexec.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\System32\msiexec.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\System32\msiexec.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\System32\msiexec.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\System32\msiexec.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\System32\msiexec.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\System32\msiexec.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\System32\msiexec.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\System32\msiexec.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\System32\msiexec.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\System32\msiexec.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\System32\msiexec.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\System32\msiexec.exe | Process information set: NOGPFAULTERRORBOX |
Source: C:\Windows\SysWOW64\msiexec.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\plcd-player.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\plcd-player.exe | Process information set: NOGPFAULTERRORBOX |
Source: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\plcd-player.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\plcd-player.exe | Process information set: NOGPFAULTERRORBOX |
Source: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\plcd-player.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\plcd-player.exe | Process information set: NOGPFAULTERRORBOX |
Source: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\plcd-player.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\plcd-player.exe | Process information set: NOGPFAULTERRORBOX |
Source: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\plcd-player.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\plcd-player.exe | Process information set: NOGPFAULTERRORBOX |
Source: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\plcd-player.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\plcd-player.exe | Process information set: NOGPFAULTERRORBOX |
Source: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\plcd-player.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\plcd-player.exe | Process information set: NOGPFAULTERRORBOX |
Source: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\plcd-player.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\plcd-player.exe | Process information set: NOGPFAULTERRORBOX |
Source: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\plcd-player.exe | Process information set: NOGPFAULTERRORBOX |
Source: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\plcd-player.exe | Process information set: NOGPFAULTERRORBOX |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | Dropped PE file which has not been started: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools 3.4.0.2\install\0CE0CF4\icuio58.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | Dropped PE file which has not been started: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools 3.4.0.2\install\0CE0CF4\libeay32.dll | Jump to dropped file |
Source: C:\Windows\System32\msiexec.exe | Dropped PE file which has not been started: C:\Windows\Installer\MSI15F0.tmp | Jump to dropped file |
Source: C:\Windows\System32\msiexec.exe | Dropped PE file which has not been started: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\SslCertBinding.Net.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | Dropped PE file which has not been started: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools 3.4.0.2\install\0CE0CF4\System.Threading.Tasks.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | Dropped PE file which has not been started: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools 3.4.0.2\install\0CE0CF4\ICSharpCode.SharpZipLib.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | Dropped PE file which has not been started: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools 3.4.0.2\install\0CE0CF4\AWSSDK.SimpleDB.dll | Jump to dropped file |
Source: C:\Windows\System32\msiexec.exe | Dropped PE file which has not been started: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\Microsoft.Azure.KeyVault.Core.dll | Jump to dropped file |
Source: C:\Windows\System32\msiexec.exe | Dropped PE file which has not been started: C:\Windows\Installer\MSI1488.tmp | Jump to dropped file |
Source: C:\Windows\System32\msiexec.exe | Dropped PE file which has not been started: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\libeay32.dll | Jump to dropped file |
Source: C:\Windows\System32\msiexec.exe | Dropped PE file which has not been started: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\AWSSDK.SimpleDB.dll | Jump to dropped file |
Source: C:\Windows\System32\msiexec.exe | Dropped PE file which has not been started: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\ssleay32.dll | Jump to dropped file |
Source: C:\Windows\System32\msiexec.exe | Dropped PE file which has not been started: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\ICSharpCode.SharpZipLib.dll | Jump to dropped file |
Source: C:\Windows\System32\msiexec.exe | Dropped PE file which has not been started: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\Delimon.Win32.IO.dll | Jump to dropped file |
Source: C:\Windows\System32\msiexec.exe | Dropped PE file which has not been started: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\icuio58.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | Dropped PE file which has not been started: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools 3.4.0.2\install\0CE0CF4\Microsoft.Azure.KeyVault.Core.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | Dropped PE file which has not been started: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools 3.4.0.2\install\0CE0CF4\SslCertBinding.Net.dll | Jump to dropped file |
Source: C:\Windows\System32\msiexec.exe | Dropped PE file which has not been started: C:\Windows\Installer\MSI1815.tmp | Jump to dropped file |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | Dropped PE file which has not been started: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools 3.4.0.2\install\0CE0CF4\ssleay32.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\shi7515.tmp | Jump to dropped file |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | Dropped PE file which has not been started: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools 3.4.0.2\install\0CE0CF4\Delimon.Win32.IO.dll | Jump to dropped file |
Source: C:\Windows\System32\msiexec.exe | Dropped PE file which has not been started: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\System.Threading.Tasks.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | Code function: 1_2_01342910 FindFirstFileW,FindClose, |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | Code function: 1_2_01345B80 FindFirstFileW,FindClose,CloseHandle,CloseHandle,CloseHandle,CreateEventW,CreateThread,WaitForSingleObject,GetExitCodeThread,CloseHandle,CloseHandle,CloseHandle,CloseHandle,CloseHandle,CloseHandle,CloseHandle, |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | Code function: 1_2_01346A30 FindFirstFileW,FindClose, |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | Code function: 1_2_013294D0 FindFirstFileW,GetLastError,FindClose, |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | Code function: 1_2_012A8740 FindClose,PathIsUNCW,FindFirstFileW,GetFullPathNameW,GetFullPathNameW,FindClose,SetLastError,PathIsUNCW, |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | Code function: 1_2_013529C0 FindFirstFileW,FindClose, |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | Code function: 1_2_013640F0 FindFirstFileW,FindNextFileW,FindFirstFileW,FindNextFileW,FindNextFileW,FindClose, |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | Code function: 1_2_01328B70 FindFirstFileW,FindFirstFileW,FindFirstFileW,FindClose,FindClose, |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | File Volume queried: C:\Users\user\AppData\Roaming FullSizeInformation |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | File Volume queried: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools 3.4.0.2\install FullSizeInformation |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | File Volume queried: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools 3.4.0.2\install\0CE0CF4 FullSizeInformation |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | File Volume queried: C:\ FullSizeInformation |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | File Volume queried: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools 3.4.0.2\install\0CE0CF4 FullSizeInformation |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | File Volume queried: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools 3.4.0.2\install\0CE0CF4 FullSizeInformation |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | File Volume queried: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools 3.4.0.2\install\0CE0CF4 FullSizeInformation |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | File Volume queried: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools 3.4.0.2\install\0CE0CF4 FullSizeInformation |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | File Volume queried: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools 3.4.0.2\install\0CE0CF4 FullSizeInformation |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | File Volume queried: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools 3.4.0.2\install\0CE0CF4 FullSizeInformation |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | File Volume queried: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools 3.4.0.2\install\0CE0CF4 FullSizeInformation |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | File Volume queried: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools 3.4.0.2\install\0CE0CF4 FullSizeInformation |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | File Volume queried: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools 3.4.0.2\install\0CE0CF4 FullSizeInformation |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | File Volume queried: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools 3.4.0.2\install\0CE0CF4 FullSizeInformation |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | File Volume queried: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools 3.4.0.2\install\0CE0CF4 FullSizeInformation |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | File Volume queried: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools 3.4.0.2\install\0CE0CF4 FullSizeInformation |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | File Volume queried: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools 3.4.0.2\install\0CE0CF4 FullSizeInformation |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | File Volume queried: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools 3.4.0.2\install\0CE0CF4 FullSizeInformation |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | File Volume queried: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools 3.4.0.2\install\0CE0CF4 FullSizeInformation |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | File Volume queried: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools 3.4.0.2\install\0CE0CF4 FullSizeInformation |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | File Volume queried: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools 3.4.0.2\install\0CE0CF4 FullSizeInformation |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | File Volume queried: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools 3.4.0.2\install\0CE0CF4 FullSizeInformation |
Source: C:\Windows\System32\msiexec.exe | File Volume queried: C:\ FullSizeInformation |
Source: C:\Windows\System32\msiexec.exe | File Volume queried: C:\ FullSizeInformation |
Source: C:\Windows\System32\msiexec.exe | File Volume queried: C:\ FullSizeInformation |
Source: C:\Windows\System32\msiexec.exe | File Volume queried: C:\ FullSizeInformation |
Source: C:\Windows\System32\msiexec.exe | File Volume queried: C:\ FullSizeInformation |
Source: C:\Windows\System32\msiexec.exe | File Volume queried: C:\ FullSizeInformation |
Source: C:\Windows\SysWOW64\msiexec.exe | File Volume queried: C:\ FullSizeInformation |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | Code function: 1_2_013C03A3 IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter, |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | Code function: 1_2_013BBE30 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess, |
Source: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\plcd-player.exe | Code function: 9_2_6D837D41 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess, |
Source: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\plcd-player.exe | Code function: 9_2_6D846FED IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter, |
Source: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\plcd-player.exe | Code function: 9_2_00C29C76 IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter, |
Source: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\plcd-player.exe | Code function: 9_2_00C17C2C SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess, |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | Code function: GetLocaleInfoW, |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | Code function: GetLocaleInfoW,GetLocaleInfoW,GetACP, |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | Code function: GetACP,IsValidCodePage,_wcschr,_wcschr,GetLocaleInfoW, |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | Code function: EnumSystemLocalesW, |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | Code function: EnumSystemLocalesW, |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | Code function: GetUserDefaultLCID,IsValidCodePage,IsValidLocale,GetLocaleInfoW,GetLocaleInfoW, |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | Code function: EnumSystemLocalesW, |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | Code function: EnumSystemLocalesW, |
Source: C:\Users\user\Desktop\o4c8AUtX1g.exe | Code function: GetLocaleInfoW,GetLocaleInfoW,RegCloseKey, |
Source: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\plcd-player.exe | Code function: GetACP,IsValidCodePage,_wcschr,_wcschr,GetLocaleInfoW, |
Source: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\plcd-player.exe | Code function: GetLocaleInfoW,GetLocaleInfoW,GetACP, |
Source: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\plcd-player.exe | Code function: GetLocaleInfoW, |
Source: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\plcd-player.exe | Code function: GetUserDefaultLCID,IsValidCodePage,IsValidLocale,GetLocaleInfoW,GetLocaleInfoW, |
Source: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\plcd-player.exe | Code function: EnumSystemLocalesW, |
Source: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\plcd-player.exe | Code function: EnumSystemLocalesW, |
Source: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\plcd-player.exe | Code function: EnumSystemLocalesW, |
Source: C:\Users\user\AppData\Roaming\JDesktop Integration Components (JDIC) Project\JDesktop Tools\plcd-player.exe | Code function: EnumSystemLocalesW, |