Source: C:\Users\user\Desktop\555.exe |
Code function: 1_2_00408B20 mmioSeek,mmioDescend,mmioDescend,mmioDescend,mmioSeek,mmioClose,CreateFileA,GetFileSize,SetFilePointer,SetFilePointer,ReadFile,CloseHandle,SetFilePointer,SetFilePointer,ReadFile,SetFilePointer,ClientToScreen,WindowFromPoint,GetActiveWindow,PlaySoundA,_TrackMouseEvent,GetDlgItem,lstrcpyW,GetCurrentDirectoryW,midiInGetNumDevs,midiInGetDevCapsA,midiInOpen,midiInStart,midiInClose,GetDlgItem,BeginPaint,GetClientRect,CreateFontA,SelectObject,DeleteObject,SetBkMode,DrawTextA,EndPaint,VirtualQuery,VirtualQuery,VirtualQuery,GetParent,SendDlgItemMessageA,SHAutoComplete,PostMessageA,_memset,InsertMenuItemA,lstrcpyW,NetUserEnum,lstrcpyA,lstrlenW,ImageList_DragMove,lstrcpyA,PathCompactPathA,lstrcpyA,lstrlenW,lstrcpyA,WideCharToMultiByte,NetApiBufferFree,MulDiv,CreateFontW,GetModuleHandleA,CreateWindowExA,SendMessageA,SendMessageA,GlobalAlloc,ExitProcess,LoadLibraryA,EnableWindow,GlobalAlloc,ExitProcess,DefDlgProcA,FindResourceA,SizeofResource,LoadResource,LockResource,CreateFileA,GetProcAddress,WriteFile,VirtualAlloc,CloseHandle,LoadBitmapA,lstrcatA,LoadLibraryA,GetProcAddress,WSACreateEvent,WSAWaitForMultipleEvents,ShowWindow,EnumChildWindows,ChooseFontA,CreateFontIndirectA,BeginPaint,SelectObject,TextOutA,EndPaint,DefWindowProcA,StartPage,GetTextMetricsW,PostQuitMessage,#17,CreateWindowExA,ImageList_LoadImageA,ImageList_LoadImageA,SendMessageA,SendMessageA,SendMessageA,SendMessageA,SendMessageA,SendMessageA,SendMessageA,SendMessageA,SendMessageA,SendMessageA,SendMessageA,SendMessageA,SendMessageA,SendMessageA,GetTextExtentExPointW,ExtTextOutW,_memmove,EndPage,GetLocalTime,GetTimeFormatW,SendMessageW,SendMessageW,SendMessageW,GetDateFormatW,SendMessageW,HideCaret, |
1_2_00408B20 |
Source: C:\Users\user\Desktop\555.exe |
Code function: 1_2_00408B20 |
1_2_00408B20 |
Source: C:\Users\user\Desktop\555.exe |
Code function: 1_2_0040AC10 |
1_2_0040AC10 |
Source: C:\Users\user\Desktop\555.exe |
Code function: 1_2_00407DF0 |
1_2_00407DF0 |
Source: C:\Users\user\Desktop\555.exe |
Code function: 1_2_00438147 |
1_2_00438147 |
Source: C:\Users\user\Desktop\555.exe |
Code function: 1_2_00423130 |
1_2_00423130 |
Source: C:\Users\user\Desktop\555.exe |
Code function: 1_2_00430308 |
1_2_00430308 |
Source: C:\Users\user\Desktop\555.exe |
Code function: 1_2_0043943F |
1_2_0043943F |
Source: C:\Users\user\Desktop\555.exe |
Code function: 1_2_004464D0 |
1_2_004464D0 |
Source: C:\Users\user\Desktop\555.exe |
Code function: 1_2_0043751A |
1_2_0043751A |
Source: C:\Users\user\Desktop\555.exe |
Code function: 1_2_00447649 |
1_2_00447649 |
Source: C:\Users\user\Desktop\555.exe |
Code function: 1_2_004306F0 |
1_2_004306F0 |
Source: C:\Users\user\Desktop\555.exe |
Code function: 1_2_0042F703 |
1_2_0042F703 |
Source: C:\Users\user\Desktop\555.exe |
Code function: 1_2_00405900 |
1_2_00405900 |
Source: C:\Users\user\Desktop\555.exe |
Code function: 1_2_00437A6B |
1_2_00437A6B |
Source: C:\Users\user\Desktop\555.exe |
Code function: 1_2_00446AAD |
1_2_00446AAD |
Source: C:\Users\user\Desktop\555.exe |
Code function: 1_2_0042FB98 |
1_2_0042FB98 |
Source: C:\Users\user\Desktop\555.exe |
Code function: 1_2_00445DBF |
1_2_00445DBF |
Source: C:\Users\user\Desktop\555.exe |
Code function: 1_2_0042FF36 |
1_2_0042FF36 |
Source: C:\Users\user\Desktop\555.exe |
Code function: 1_2_00436FC9 |
1_2_00436FC9 |
Source: C:\Users\user\Desktop\555.exe |
Code function: 1_2_00432FF6 |
1_2_00432FF6 |
Source: C:\Users\user\Desktop\555.exe |
Code function: 4_2_0045604F |
4_2_0045604F |
Source: C:\Users\user\Desktop\555.exe |
Code function: 4_2_0046E069 |
4_2_0046E069 |
Source: C:\Users\user\Desktop\555.exe |
Code function: 4_2_0046A18D |
4_2_0046A18D |
Source: C:\Users\user\Desktop\555.exe |
Code function: 4_2_0046A575 |
4_2_0046A575 |
Source: C:\Users\user\Desktop\555.exe |
Code function: 4_2_0044C530 |
4_2_0044C530 |
Source: C:\Users\user\Desktop\555.exe |
Code function: 4_2_0046E5BA |
4_2_0046E5BA |
Source: C:\Users\user\Desktop\555.exe |
Code function: 4_2_00456AB1 |
4_2_00456AB1 |
Source: C:\Users\user\Desktop\555.exe |
Code function: 4_2_0046EB0B |
4_2_0046EB0B |
Source: C:\Users\user\Desktop\555.exe |
Code function: 4_2_00454B1E |
4_2_00454B1E |
Source: C:\Users\user\Desktop\555.exe |
Code function: 4_2_0044AB25 |
4_2_0044AB25 |
Source: C:\Users\user\Desktop\555.exe |
Code function: 4_2_00426E19 |
4_2_00426E19 |
Source: C:\Users\user\Desktop\555.exe |
Code function: 4_2_00438FBA |
4_2_00438FBA |
Source: C:\Users\user\Desktop\555.exe |
Code function: 4_2_0046F1E7 |
4_2_0046F1E7 |
Source: C:\Users\user\Desktop\555.exe |
Code function: 4_2_00459280 |
4_2_00459280 |
Source: C:\Users\user\Desktop\555.exe |
Code function: 4_2_00469588 |
4_2_00469588 |
Source: C:\Users\user\Desktop\555.exe |
Code function: 4_2_004157E1 |
4_2_004157E1 |
Source: C:\Users\user\Desktop\555.exe |
Code function: 4_2_004477E7 |
4_2_004477E7 |
Source: C:\Users\user\Desktop\555.exe |
Code function: 4_2_00469A1D |
4_2_00469A1D |
Source: C:\Users\user\Desktop\555.exe |
Code function: 4_2_00429DA3 |
4_2_00429DA3 |
Source: C:\Users\user\Desktop\555.exe |
Code function: 4_2_00469DBB |
4_2_00469DBB |
Source: C:\Users\user\Desktop\555.exe |
Code function: 4_2_0043FE0C |
4_2_0043FE0C |
Source: C:\Users\user\Desktop\555.exe |
Code function: 4_2_00449EE7 |
4_2_00449EE7 |
Source: C:\Users\user\Desktop\555.exe |
Code function: 4_2_0046FFB0 |
4_2_0046FFB0 |
Source: 555.exe, 555.exe, 00000004.00000002.294243127.0000000000474000.00000002.00000001.01000000.00000003.sdmp, 555.exe, 00000004.00000000.271412453.0000000000400000.00000004.00000001.01000000.00000003.sdmp |
Binary or memory string: SELECT 'INSERT INTO vacuum_db.' || quote(name) || ' SELECT * FROM main.' || quote(name) || ';' FROM vacuum_db.sqlite_master WHERE name=='sqlite_sequence'; |
Source: 555.exe, 555.exe, 00000004.00000002.294243127.0000000000474000.00000002.00000001.01000000.00000003.sdmp, 555.exe, 00000004.00000000.271412453.0000000000400000.00000004.00000001.01000000.00000003.sdmp |
Binary or memory string: INSERT INTO %Q.%s VALUES('index',%Q,%Q,#%d,%Q); |
Source: 555.exe, 00000001.00000002.280513930.0000000004B63000.00000004.00000800.00020000.00000000.sdmp, 555.exe, 00000001.00000002.280000448.00000000047CA000.00000004.00000800.00020000.00000000.sdmp, 555.exe, 00000001.00000002.280450164.00000000048D8000.00000004.00000800.00020000.00000000.sdmp, 555.exe, 00000004.00000002.294243127.0000000000474000.00000002.00000001.01000000.00000003.sdmp, 555.exe, 00000004.00000000.271412453.0000000000400000.00000004.00000001.01000000.00000003.sdmp |
Binary or memory string: UPDATE %Q.%s SET sql = CASE WHEN type = 'trigger' THEN sqlite_rename_trigger(sql, %Q)ELSE sqlite_rename_table(sql, %Q) END, tbl_name = %Q, name = CASE WHEN type='table' THEN %Q WHEN name LIKE 'sqlite_autoindex%%' AND type='index' THEN 'sqlite_autoindex_' || %Q || substr(name,%d+18) ELSE name END WHERE tbl_name=%Q AND (type='table' OR type='index' OR type='trigger'); |
Source: 555.exe, 555.exe, 00000004.00000002.294243127.0000000000474000.00000002.00000001.01000000.00000003.sdmp, 555.exe, 00000004.00000000.271412453.0000000000400000.00000004.00000001.01000000.00000003.sdmp |
Binary or memory string: SELECT 'INSERT INTO vacuum_db.' || quote(name) || ' SELECT * FROM main.' || quote(name) || ';'FROM main.sqlite_master WHERE type = 'table' AND name!='sqlite_sequence' AND rootpage>0 |
Source: 555.exe, 555.exe, 00000004.00000002.294243127.0000000000474000.00000002.00000001.01000000.00000003.sdmp, 555.exe, 00000004.00000000.271412453.0000000000400000.00000004.00000001.01000000.00000003.sdmp |
Binary or memory string: UPDATE "%w".%s SET sql = sqlite_rename_parent(sql, %Q, %Q) WHERE %s; |
Source: 555.exe, 555.exe, 00000004.00000002.294243127.0000000000474000.00000002.00000001.01000000.00000003.sdmp, 555.exe, 00000004.00000000.271412453.0000000000400000.00000004.00000001.01000000.00000003.sdmp |
Binary or memory string: UPDATE sqlite_temp_master SET sql = sqlite_rename_trigger(sql, %Q), tbl_name = %Q WHERE %s; |
Source: 555.exe, 555.exe, 00000004.00000002.294243127.0000000000474000.00000002.00000001.01000000.00000003.sdmp, 555.exe, 00000004.00000000.271412453.0000000000400000.00000004.00000001.01000000.00000003.sdmp |
Binary or memory string: SELECT 'DELETE FROM vacuum_db.' || quote(name) || ';' FROM vacuum_db.sqlite_master WHERE name='sqlite_sequence' |
Source: C:\Users\user\Desktop\555.exe |
Code function: 1_2_00408B20 mmioSeek,mmioDescend,mmioDescend,mmioDescend,mmioSeek,mmioClose,CreateFileA,GetFileSize,SetFilePointer,SetFilePointer,ReadFile,CloseHandle,SetFilePointer,SetFilePointer,ReadFile,SetFilePointer,ClientToScreen,WindowFromPoint,GetActiveWindow,PlaySoundA,_TrackMouseEvent,GetDlgItem,lstrcpyW,GetCurrentDirectoryW,midiInGetNumDevs,midiInGetDevCapsA,midiInOpen,midiInStart,midiInClose,GetDlgItem,BeginPaint,GetClientRect,CreateFontA,SelectObject,DeleteObject,SetBkMode,DrawTextA,EndPaint,VirtualQuery,VirtualQuery,VirtualQuery,GetParent,SendDlgItemMessageA,SHAutoComplete,PostMessageA,_memset,InsertMenuItemA,lstrcpyW,NetUserEnum,lstrcpyA,lstrlenW,ImageList_DragMove,lstrcpyA,PathCompactPathA,lstrcpyA,lstrlenW,lstrcpyA,WideCharToMultiByte,NetApiBufferFree,MulDiv,CreateFontW,GetModuleHandleA,CreateWindowExA,SendMessageA,SendMessageA,GlobalAlloc,ExitProcess,LoadLibraryA,EnableWindow,GlobalAlloc,ExitProcess,DefDlgProcA,FindResourceA,SizeofResource,LoadResource,LockResource,CreateFileA,GetProcAddress,WriteFile,VirtualAlloc,CloseHandle,LoadBitmapA,lstrcatA,LoadLibraryA,GetProcAddress,WSACreateEvent,WSAWaitForMultipleEvents,ShowWindow,EnumChildWindows,ChooseFontA,CreateFontIndirectA,BeginPaint,SelectObject,TextOutA,EndPaint,DefWindowProcA,StartPage,GetTextMetricsW,PostQuitMessage,#17,CreateWindowExA,ImageList_LoadImageA,ImageList_LoadImageA,SendMessageA,SendMessageA,SendMessageA,SendMessageA,SendMessageA,SendMessageA,SendMessageA,SendMessageA,SendMessageA,SendMessageA,SendMessageA,SendMessageA,SendMessageA,SendMessageA,GetTextExtentExPointW,ExtTextOutW,_memmove,EndPage,GetLocalTime,GetTimeFormatW,SendMessageW,SendMessageW,SendMessageW,GetDateFormatW,SendMessageW,HideCaret, |
1_2_00408B20 |
Source: C:\Users\user\Desktop\555.exe |
Code function: 1_2_00408B20 mmioSeek,mmioDescend,mmioDescend,mmioDescend,mmioSeek,mmioClose,CreateFileA,GetFileSize,SetFilePointer,SetFilePointer,ReadFile,CloseHandle,SetFilePointer,SetFilePointer,ReadFile,SetFilePointer,ClientToScreen,WindowFromPoint,GetActiveWindow,PlaySoundA,_TrackMouseEvent,GetDlgItem,lstrcpyW,GetCurrentDirectoryW,midiInGetNumDevs,midiInGetDevCapsA,midiInOpen,midiInStart,midiInClose,GetDlgItem,BeginPaint,GetClientRect,CreateFontA,SelectObject,DeleteObject,SetBkMode,DrawTextA,EndPaint,VirtualQuery,VirtualQuery,VirtualQuery,GetParent,SendDlgItemMessageA,SHAutoComplete,PostMessageA,_memset,InsertMenuItemA,lstrcpyW,NetUserEnum,lstrcpyA,lstrlenW,ImageList_DragMove,lstrcpyA,PathCompactPathA,lstrcpyA,lstrlenW,lstrcpyA,WideCharToMultiByte,NetApiBufferFree,MulDiv,CreateFontW,GetModuleHandleA,CreateWindowExA,SendMessageA,SendMessageA,GlobalAlloc,ExitProcess,LoadLibraryA,EnableWindow,GlobalAlloc,ExitProcess,DefDlgProcA,FindResourceA,SizeofResource,LoadResource,LockResource,CreateFileA,GetProcAddress,WriteFile,VirtualAlloc,CloseHandle,LoadBitmapA,lstrcatA,LoadLibraryA,GetProcAddress,WSACreateEvent,WSAWaitForMultipleEvents,ShowWindow,EnumChildWindows,ChooseFontA,CreateFontIndirectA,BeginPaint,SelectObject,TextOutA,EndPaint,DefWindowProcA,StartPage,GetTextMetricsW,PostQuitMessage,#17,CreateWindowExA,ImageList_LoadImageA,ImageList_LoadImageA,SendMessageA,SendMessageA,SendMessageA,SendMessageA,SendMessageA,SendMessageA,SendMessageA,SendMessageA,SendMessageA,SendMessageA,SendMessageA,SendMessageA,SendMessageA,SendMessageA,GetTextExtentExPointW,ExtTextOutW,_memmove,EndPage,GetLocalTime,GetTimeFormatW,SendMessageW,SendMessageW,SendMessageW,GetDateFormatW,SendMessageW,HideCaret, |
1_2_00408B20 |
Source: C:\Users\user\Desktop\555.exe |
Code function: 1_2_00408B20 mmioSeek,mmioDescend,mmioDescend,mmioDescend,mmioSeek,mmioClose,CreateFileA,GetFileSize,SetFilePointer,SetFilePointer,ReadFile,CloseHandle,SetFilePointer,SetFilePointer,ReadFile,SetFilePointer,ClientToScreen,WindowFromPoint,GetActiveWindow,PlaySoundA,_TrackMouseEvent,GetDlgItem,lstrcpyW,GetCurrentDirectoryW,midiInGetNumDevs,midiInGetDevCapsA,midiInOpen,midiInStart,midiInClose,GetDlgItem,BeginPaint,GetClientRect,CreateFontA,SelectObject,DeleteObject,SetBkMode,DrawTextA,EndPaint,VirtualQuery,VirtualQuery,VirtualQuery,GetParent,SendDlgItemMessageA,SHAutoComplete,PostMessageA,_memset,InsertMenuItemA,lstrcpyW,NetUserEnum,lstrcpyA,lstrlenW,ImageList_DragMove,lstrcpyA,PathCompactPathA,lstrcpyA,lstrlenW,lstrcpyA,WideCharToMultiByte,NetApiBufferFree,MulDiv,CreateFontW,GetModuleHandleA,CreateWindowExA,SendMessageA,SendMessageA,GlobalAlloc,ExitProcess,LoadLibraryA,EnableWindow,GlobalAlloc,ExitProcess,DefDlgProcA,FindResourceA,SizeofResource,LoadResource,LockResource,CreateFileA,GetProcAddress,WriteFile,VirtualAlloc,CloseHandle,LoadBitmapA,lstrcatA,LoadLibraryA,GetProcAddress,WSACreateEvent,WSAWaitForMultipleEvents,ShowWindow,EnumChildWindows,ChooseFontA,CreateFontIndirectA,BeginPaint,SelectObject,TextOutA,EndPaint,DefWindowProcA,StartPage,GetTextMetricsW,PostQuitMessage,#17,CreateWindowExA,ImageList_LoadImageA,ImageList_LoadImageA,SendMessageA,SendMessageA,SendMessageA,SendMessageA,SendMessageA,SendMessageA,SendMessageA,SendMessageA,SendMessageA,SendMessageA,SendMessageA,SendMessageA,SendMessageA,SendMessageA,GetTextExtentExPointW,ExtTextOutW,_memmove,EndPage,GetLocalTime,GetTimeFormatW,SendMessageW,SendMessageW,SendMessageW,GetDateFormatW,SendMessageW,HideCaret, |
1_2_00408B20 |
Source: C:\Users\user\Desktop\555.exe |
Code function: __getptd,_LcidFromHexString,GetLocaleInfoA, |
1_2_0042F0DC |
Source: C:\Users\user\Desktop\555.exe |
Code function: ___getlocaleinfo,__malloc_crt,__calloc_crt,__calloc_crt,__calloc_crt,__calloc_crt,GetCPInfo,___crtGetStringTypeA,___crtLCMapStringA,___crtLCMapStringA,_memmove,_memmove,_memmove,InterlockedDecrement,_free,_free,_free,_free,_free,_free,_free,_free,_free,InterlockedDecrement, |
1_2_00425096 |
Source: C:\Users\user\Desktop\555.exe |
Code function: ____lc_handle_func,GetLocaleInfoW, |
1_2_0044C0A2 |
Source: C:\Users\user\Desktop\555.exe |
Code function: __getptd,_LcidFromHexString,GetLocaleInfoA,GetLocaleInfoA,GetLocaleInfoA,_strlen,GetLocaleInfoA,_strlen,_TestDefaultLanguage, |
1_2_0042F1DE |
Source: C:\Users\user\Desktop\555.exe |
Code function: GetLocaleInfoW,_GetPrimaryLen,_strlen, |
1_2_0042F183 |
Source: C:\Users\user\Desktop\555.exe |
Code function: __getptd,_LcidFromHexString,GetLocaleInfoA,_TestDefaultLanguage, |
1_2_0042F3AF |
Source: C:\Users\user\Desktop\555.exe |
Code function: _strlen,_strlen,_GetPrimaryLen,EnumSystemLocalesA, |
1_2_0042F46F |
Source: C:\Users\user\Desktop\555.exe |
Code function: GetLocaleInfoW,GetLocaleInfoW,__alloca_probe_16,_malloc,GetLocaleInfoW,WideCharToMultiByte,__freea, |
1_2_0043540E |
Source: C:\Users\user\Desktop\555.exe |
Code function: _strlen,_GetPrimaryLen,EnumSystemLocalesA, |
1_2_0042F4D6 |
Source: C:\Users\user\Desktop\555.exe |
Code function: _LocaleUpdate::_LocaleUpdate,__crtGetLocaleInfoA_stat, |
1_2_004354E8 |
Source: C:\Users\user\Desktop\555.exe |
Code function: __getptd,_TranslateName,_GetLcidFromLangCountry,_GetLcidFromLanguage,_TranslateName,_GetLcidFromLangCountry,_GetLcidFromLanguage,_strlen,EnumSystemLocalesA,GetUserDefaultLCID,IsValidCodePage,IsValidLocale,GetLocaleInfoA,_strcpy_s,__invoke_watson,GetLocaleInfoA,GetLocaleInfoA,__itow_s, |
1_2_0042F512 |
Source: C:\Users\user\Desktop\555.exe |
Code function: GetLocaleInfoA, |
1_2_004276B6 |
Source: C:\Users\user\Desktop\555.exe |
Code function: __calloc_crt,__malloc_crt,_free,__malloc_crt,_free,_free,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___free_lconv_num,InterlockedDecrement,InterlockedDecrement,InterlockedDecrement,_free,_free, |
1_2_0042E815 |
Source: C:\Users\user\Desktop\555.exe |
Code function: ___crtGetLocaleInfoA,GetLastError,___crtGetLocaleInfoA,__calloc_crt,___crtGetLocaleInfoA,__calloc_crt,_free,_free,__invoke_watson,GetLocaleInfoW,GetLocaleInfoW,__calloc_crt,GetLocaleInfoW,_free,GetLocaleInfoW, |
1_2_0042D8E3 |
Source: C:\Users\user\Desktop\555.exe |
Code function: __calloc_crt,__malloc_crt,_free,__malloc_crt,_free,_free,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___free_lconv_mon,_free,_free,_free,InterlockedDecrement,InterlockedDecrement,_free,_free, |
1_2_0042EB03 |
Source: C:\Users\user\Desktop\555.exe |
Code function: ___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo, |
1_2_0042DBB9 |
Source: C:\Users\user\Desktop\555.exe |
Code function: GetLocaleInfoW,GetLocaleInfoW,GetACP, |
1_2_0042EFE7 |
Source: C:\Users\user\Desktop\555.exe |
Code function: __calloc_crt,__malloc_crt,_free,__malloc_crt,_free,_free,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___free_lconv_num,InterlockedDecrement,InterlockedDecrement,InterlockedDecrement,_free,_free, |
4_2_0046869A |
Source: C:\Users\user\Desktop\555.exe |
Code function: ___getlocaleinfo,__malloc_crt,__calloc_crt,__calloc_crt,__calloc_crt,__calloc_crt,GetCPInfo,___crtGetStringTypeA,___crtLCMapStringA,___crtLCMapStringA,_memmove,_memmove,_memmove,InterlockedDecrement,_free,_free,_free,_free,_free,_free,_free,_free,_free,InterlockedDecrement, |
4_2_0045C90A |
Source: C:\Users\user\Desktop\555.exe |
Code function: __calloc_crt,__malloc_crt,_free,__malloc_crt,_free,_free,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___free_lconv_mon,_free,_free,_free,InterlockedDecrement,InterlockedDecrement,_free,_free, |
4_2_00468988 |
Source: C:\Users\user\Desktop\555.exe |
Code function: __EH_prolog3,GetKeyboardLayoutList,GetKeyboardLayoutList,LocalAlloc,GetKeyboardLayoutList,GetLocaleInfoA,_memset,LocalFree, |
4_2_00450D1B |
Source: C:\Users\user\Desktop\555.exe |
Code function: GetLocaleInfoW,GetLocaleInfoW,GetACP, |
4_2_00468E6C |
Source: C:\Users\user\Desktop\555.exe |
Code function: __getptd,_LcidFromHexString,GetLocaleInfoA, |
4_2_00468F61 |
Source: C:\Users\user\Desktop\555.exe |
Code function: __getptd,_LcidFromHexString,GetLocaleInfoA,GetLocaleInfoA,GetLocaleInfoA,_strlen,GetLocaleInfoA,_strlen,_TestDefaultLanguage, |
4_2_00469063 |
Source: C:\Users\user\Desktop\555.exe |
Code function: GetLocaleInfoW,_GetPrimaryLen,_strlen, |
4_2_00469008 |
Source: C:\Users\user\Desktop\555.exe |
Code function: __getptd,_LcidFromHexString,GetLocaleInfoA,_TestDefaultLanguage, |
4_2_00469234 |
Source: C:\Users\user\Desktop\555.exe |
Code function: _strlen,_strlen,_GetPrimaryLen,EnumSystemLocalesA, |
4_2_004692F4 |
Source: C:\Users\user\Desktop\555.exe |
Code function: _strlen,_GetPrimaryLen,EnumSystemLocalesA, |
4_2_0046935B |
Source: C:\Users\user\Desktop\555.exe |
Code function: __getptd,_TranslateName,_GetLcidFromLangCountry,_GetLcidFromLanguage,_TranslateName,_GetLcidFromLangCountry,_GetLcidFromLanguage,_strlen,EnumSystemLocalesA,GetUserDefaultLCID,IsValidCodePage,IsValidLocale,GetLocaleInfoA,_strcpy_s,__invoke_watson,GetLocaleInfoA,GetLocaleInfoA,__itow_s, |
4_2_00469397 |
Source: C:\Users\user\Desktop\555.exe |
Code function: ___crtGetLocaleInfoA,GetLastError,___crtGetLocaleInfoA,__calloc_crt,___crtGetLocaleInfoA,__calloc_crt,_free,_free,__invoke_watson,GetLocaleInfoW,GetLocaleInfoW,__calloc_crt,GetLocaleInfoW,_free,GetLocaleInfoW, |
4_2_00467793 |
Source: C:\Users\user\Desktop\555.exe |
Code function: GetLocaleInfoW,GetLocaleInfoW,_malloc,GetLocaleInfoW,WideCharToMultiByte,__freea, |
4_2_0046DA57 |
Source: C:\Users\user\Desktop\555.exe |
Code function: ___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo, |
4_2_00467A3E |
Source: C:\Users\user\Desktop\555.exe |
Code function: _LocaleUpdate::_LocaleUpdate,__crtGetLocaleInfoA_stat, |
4_2_0046DB31 |
Source: C:\Users\user\Desktop\555.exe |
Code function: GetLocaleInfoA, |
4_2_00459E8F |
Source: C:\Users\user\Desktop\555.exe |
Code function: 1_2_00408B20 mmioSeek,mmioDescend,mmioDescend,mmioDescend,mmioSeek,mmioClose,CreateFileA,GetFileSize,SetFilePointer,SetFilePointer,ReadFile,CloseHandle,SetFilePointer,SetFilePointer,ReadFile,SetFilePointer,ClientToScreen,WindowFromPoint,GetActiveWindow,PlaySoundA,_TrackMouseEvent,GetDlgItem,lstrcpyW,GetCurrentDirectoryW,midiInGetNumDevs,midiInGetDevCapsA,midiInOpen,midiInStart,midiInClose,GetDlgItem,BeginPaint,GetClientRect,CreateFontA,SelectObject,DeleteObject,SetBkMode,DrawTextA,EndPaint,VirtualQuery,VirtualQuery,VirtualQuery,GetParent,SendDlgItemMessageA,SHAutoComplete,PostMessageA,_memset,InsertMenuItemA,lstrcpyW,NetUserEnum,lstrcpyA,lstrlenW,ImageList_DragMove,lstrcpyA,PathCompactPathA,lstrcpyA,lstrlenW,lstrcpyA,WideCharToMultiByte,NetApiBufferFree,MulDiv,CreateFontW,GetModuleHandleA,CreateWindowExA,SendMessageA,SendMessageA,GlobalAlloc,ExitProcess,LoadLibraryA,EnableWindow,GlobalAlloc,ExitProcess,DefDlgProcA,FindResourceA,SizeofResource,LoadResource,LockResource,CreateFileA,GetProcAddress,WriteFile,VirtualAlloc,CloseHandle,LoadBitmapA,lstrcatA,LoadLibraryA,GetProcAddress,WSACreateEvent,WSAWaitForMultipleEvents,ShowWindow,EnumChildWindows,ChooseFontA,CreateFontIndirectA,BeginPaint,SelectObject,TextOutA,EndPaint,DefWindowProcA,StartPage,GetTextMetricsW,PostQuitMessage,#17,CreateWindowExA,ImageList_LoadImageA,ImageList_LoadImageA,SendMessageA,SendMessageA,SendMessageA,SendMessageA,SendMessageA,SendMessageA,SendMessageA,SendMessageA,SendMessageA,SendMessageA,SendMessageA,SendMessageA,SendMessageA,SendMessageA,GetTextExtentExPointW,ExtTextOutW,_memmove,EndPage,GetLocalTime,GetTimeFormatW,SendMessageW,SendMessageW,SendMessageW,GetDateFormatW,SendMessageW,HideCaret, |
1_2_00408B20 |
Source: 555.exe, 00000001.00000002.280513930.0000000004B63000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: \Electrum-LTC\wallets\ |
Source: 555.exe, 00000001.00000002.280513930.0000000004B63000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: \ElectronCash\wallets\ |
Source: 555.exe, 00000001.00000002.280513930.0000000004B63000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: \Electrum\wallets\ |
Source: 555.exe, 00000001.00000002.280513930.0000000004B63000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: \jaxx\Local Storage\ |
Source: 555.exe, 00000001.00000002.280513930.0000000004B63000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: window-state.json |
Source: 555.exe, 00000001.00000002.280513930.0000000004B63000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: exodus.conf.json |
Source: 555.exe, 00000001.00000002.280513930.0000000004B63000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: info.seco |
Source: 555.exe, 00000001.00000002.280513930.0000000004B63000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: \Exodus\exodus.wallet\ |
Source: 555.exe, 00000001.00000002.280513930.0000000004B63000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: ElectrumLTC |
Source: 555.exe, 00000001.00000002.280513930.0000000004B63000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: \jaxx\Local Storage\ |
Source: 555.exe, 00000001.00000002.280513930.0000000004B63000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: passphrase.json |
Source: 555.exe, 00000001.00000002.280513930.0000000004B63000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: \Ethereum\ |
Source: 555.exe, 00000001.00000002.280513930.0000000004B63000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: \Exodus\exodus.wallet\ |
Source: 555.exe, 00000001.00000002.280513930.0000000004B63000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: file__0.localstorage |
Source: 555.exe, 00000001.00000002.280513930.0000000004B63000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: default_wallet |
Source: 555.exe, 00000001.00000002.280513930.0000000004B63000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: \Ethereum\ |
Source: 555.exe, 00000001.00000002.280513930.0000000004B63000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: \MultiDoge\ |
Source: 555.exe, 00000001.00000002.280513930.0000000004B63000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: \Exodus\exodus.wallet\ |
Source: 555.exe, 00000001.00000002.280513930.0000000004B63000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: seed.seco |
Source: 555.exe, 00000001.00000002.280513930.0000000004B63000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: keystore |
Source: 555.exe, 00000001.00000002.280513930.0000000004B63000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: \Electrum-LTC\wallets\ |