Source: Yara match |
File source: C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XNHC0JWC\side[1].htm, type: DROPPED |
Source: Yara match |
File source: C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XNHC0JWC\side[1].htm, type: DROPPED |
Source: Yara match |
File source: C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\47FC82E2.htm, type: DROPPED |
Source: Yara match |
File source: C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\34450540.htm, type: DROPPED |
Source: global traffic |
HTTP traffic detected: HTTP/1.1 200 OKDate: Thu, 16 Jun 2022 11:30:45 GMTServer: Apache/2.4.29 (Ubuntu)Last-Modified: Mon, 30 May 2022 20:51:09 GMTETag: "1a76-5e040d0ca4940-gzip"Accept-Ranges: bytesVary: Accept-EncodingContent-Encoding: gzipContent-Length: 289Keep-Alive: timeout=5, max=100Connection: Keep-AliveContent-Type: text/htmlData Raw: 1f 8b 08 00 00 00 00 00 00 03 ed d9 4d 4b c3 30 18 07 f0 fb 60 df 21 16 61 db c1 06 f4 a6 ad e2 db 60 20 32 9c 30 0f 82 a4 c9 b3 36 98 36 25 89 d4 7e 7b 93 81 03 6f 9e c4 c3 3f 04 9e bc 3e bf e4 fc 14 47 ca ca 30 f6 c4 9a d0 9a cb e9 a4 48 91 19 d1 d5 65 46 5d 96 56 2a ab c6 14 bd 74 ba 0f 71 c4 f9 f5 1f 34 38 70 e0 c0 81 03 07 0e 1c 38 70 e0 c0 81 03 07 0e 1c 38 70 e0 c0 81 03 07 0e 9c ff eb b0 d8 06 dd 29 3b e4 c6 4a 11 b4 ed f2 c6 d1 8e 95 2c 6b fd 49 eb 55 38 e7 5a b1 f5 ed f6 4e 8b ba b3 3e 68 c9 b8 7f d7 3d db 59 27 89 f1 5e 38 d1 b2 d7 6c f5 fc f6 44 95 b3 83 a7 a5 75 4b 6d a8 94 c2 5c 49 16 37 36 64 48 86 b5 b3 75 3c 5b 3e da f0 a0 7d 20 95 b6 6e 7e dc 68 8e e7 ab fb 97 f9 2c de 94 39 7d d2 6c b1 d0 3c cf 7f db b7 fb af 78 be 19 63 fa f6 ec 94 b7 bd d7 b5 0f 1f 55 4a 16 1f 99 5d 4c 27 05 3f 94 8b d2 e4 bb 86 c4 f7 65 a6 2f c8 88 30 4c 76 1a 00 00 Data Ascii: MK0`!a` 2066%~{o?>G0HeF]V*tq48p8p8p);J,kIU8ZN>h=Y'^8lDuKm\I76dHu<[>} n~h,9}l<xcUJ]L'?e/0Lv |
Source: global traffic |
HTTP traffic detected: HTTP/1.1 200 OKDate: Thu, 16 Jun 2022 11:30:49 GMTServer: Apache/2.4.29 (Ubuntu)Last-Modified: Mon, 30 May 2022 20:51:09 GMTETag: "1a76-5e040d0ca4940-gzip"Accept-Ranges: bytesVary: Accept-EncodingContent-Encoding: gzipContent-Length: 289Keep-Alive: timeout=5, max=97Connection: Keep-AliveContent-Type: text/htmlData Raw: 1f 8b 08 00 00 00 00 00 00 03 ed d9 4d 4b c3 30 18 07 f0 fb 60 df 21 16 61 db c1 06 f4 a6 ad e2 db 60 20 32 9c 30 0f 82 a4 c9 b3 36 98 36 25 89 d4 7e 7b 93 81 03 6f 9e c4 c3 3f 04 9e bc 3e bf e4 fc 14 47 ca ca 30 f6 c4 9a d0 9a cb e9 a4 48 91 19 d1 d5 65 46 5d 96 56 2a ab c6 14 bd 74 ba 0f 71 c4 f9 f5 1f 34 38 70 e0 c0 81 03 07 0e 1c 38 70 e0 c0 81 03 07 0e 1c 38 70 e0 c0 81 03 07 0e 9c ff eb b0 d8 06 dd 29 3b e4 c6 4a 11 b4 ed f2 c6 d1 8e 95 2c 6b fd 49 eb 55 38 e7 5a b1 f5 ed f6 4e 8b ba b3 3e 68 c9 b8 7f d7 3d db 59 27 89 f1 5e 38 d1 b2 d7 6c f5 fc f6 44 95 b3 83 a7 a5 75 4b 6d a8 94 c2 5c 49 16 37 36 64 48 86 b5 b3 75 3c 5b 3e da f0 a0 7d 20 95 b6 6e 7e dc 68 8e e7 ab fb 97 f9 2c de 94 39 7d d2 6c b1 d0 3c cf 7f db b7 fb af 78 be 19 63 fa f6 ec 94 b7 bd d7 b5 0f 1f 55 4a 16 1f 99 5d 4c 27 05 3f 94 8b d2 e4 bb 86 c4 f7 65 a6 2f c8 88 30 4c 76 1a 00 00 Data Ascii: MK0`!a` 2066%~{o?>G0HeF]V*tq48p8p8p);J,kIU8ZN>h=Y'^8lDuKm\I76dHu<[>} n~h,9}l<xcUJ]L'?e/0Lv |
Source: unknown |
TCP traffic detected without corresponding DNS query: 194.34.232.147 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 194.34.232.147 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 194.34.232.147 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 194.34.232.147 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 194.34.232.147 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 194.34.232.147 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 194.34.232.147 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 194.34.232.147 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 194.34.232.147 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 194.34.232.147 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 194.34.232.147 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 194.34.232.147 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 194.34.232.147 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 194.34.232.147 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 194.34.232.147 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 194.34.232.147 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 194.34.232.147 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 194.34.232.147 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 194.34.232.147 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 194.34.232.147 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 194.34.232.147 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 194.34.232.147 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 194.34.232.147 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 194.34.232.147 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 194.34.232.147 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 194.34.232.147 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 194.34.232.147 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 194.34.232.147 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 194.34.232.147 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 194.34.232.147 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 194.34.232.147 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 194.34.232.147 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 194.34.232.147 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 194.34.232.147 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 194.34.232.147 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 194.34.232.147 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 194.34.232.147 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 194.34.232.147 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 194.34.232.147 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 194.34.232.147 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 194.34.232.147 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 194.34.232.147 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 194.34.232.147 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 194.34.232.147 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 194.34.232.147 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 194.34.232.147 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 194.34.232.147 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 194.34.232.147 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 194.34.232.147 |
Source: ~WRS{77360496-4BBE-44C6-A84F-CB369D560D67}.tmp.0.dr |
String found in binary or memory: http://194.34.232.147/side.html |
Source: ~WRF{F962F304-2A52-4E33-A96C-51EE6F4187D8}.tmp.0.dr |
String found in binary or memory: http://194.34.232.147/side.html% |
Source: ~WRF{F962F304-2A52-4E33-A96C-51EE6F4187D8}.tmp.0.dr |
String found in binary or memory: http://194.34.232.147/side.html%x-usc:http://194.34.232.147/side.html |
Source: ~WRF{F962F304-2A52-4E33-A96C-51EE6F4187D8}.tmp.0.dr |
String found in binary or memory: http://194.34.232.147/side.htmlyX |
Source: document.xml.rels, type: SAMPLE |
Matched rule: SUSP_Doc_WordXMLRels_May22 date = 2022-05-30, author = Tobias Michalski, Christian Burkard, Wojciech Cieslak, description = Detects a suspicious pattern in docx document.xml.rels file as seen in CVE-2022-30190 / Follina exploitation, reference = https://doublepulsar.com/follina-a-microsoft-office-code-execution-vulnerability-1a47fce5629e, score = , modified = 2022-06-02, hash = 62f262d180a5a48f89be19369a8425bec596bc6a02ed23100424930791ae3df0 |
Source: document.xml.rels, type: SAMPLE |
Matched rule: EXPL_CVE_2021_40444_Document_Rels_XML date = 2021-09-10, author = Jeremy Brown / @alteredbytes, description = Detects indicators found in weaponized documents that exploit CVE-2021-40444, reference = https://twitter.com/AlteredBytes/status/1435811407249952772 |
Source: C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XNHC0JWC\side[1].htm, type: DROPPED |
Matched rule: EXPL_Follina_CVE_2022_30190_Msdt_MSProtocolURI_May22 date = 2022-05-30, author = Tobias Michalski, Christian Burkard, description = Detects the malicious usage of the ms-msdt URI as seen in CVE-2022-30190 / Follina exploitation, reference = https://doublepulsar.com/follina-a-microsoft-office-code-execution-vulnerability-1a47fce5629e, score = , modified = 2022-05-31, hash = 4a24048f81afbe9fb62e7a6a49adbd1faf41f266b5f9feecdceb567aec096784 |
Source: C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XNHC0JWC\side[1].htm, type: DROPPED |
Matched rule: EXPL_Follina_CVE_2022_30190_Msdt_MSProtocolURI_May22 date = 2022-05-30, author = Tobias Michalski, Christian Burkard, description = Detects the malicious usage of the ms-msdt URI as seen in CVE-2022-30190 / Follina exploitation, reference = https://doublepulsar.com/follina-a-microsoft-office-code-execution-vulnerability-1a47fce5629e, score = , modified = 2022-05-31, hash = 4a24048f81afbe9fb62e7a6a49adbd1faf41f266b5f9feecdceb567aec096784 |
Source: C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\47FC82E2.htm, type: DROPPED |
Matched rule: EXPL_Follina_CVE_2022_30190_Msdt_MSProtocolURI_May22 date = 2022-05-30, author = Tobias Michalski, Christian Burkard, description = Detects the malicious usage of the ms-msdt URI as seen in CVE-2022-30190 / Follina exploitation, reference = https://doublepulsar.com/follina-a-microsoft-office-code-execution-vulnerability-1a47fce5629e, score = , modified = 2022-05-31, hash = 4a24048f81afbe9fb62e7a6a49adbd1faf41f266b5f9feecdceb567aec096784 |
Source: C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\34450540.htm, type: DROPPED |
Matched rule: EXPL_Follina_CVE_2022_30190_Msdt_MSProtocolURI_May22 date = 2022-05-30, author = Tobias Michalski, Christian Burkard, description = Detects the malicious usage of the ms-msdt URI as seen in CVE-2022-30190 / Follina exploitation, reference = https://doublepulsar.com/follina-a-microsoft-office-code-execution-vulnerability-1a47fce5629e, score = , modified = 2022-05-31, hash = 4a24048f81afbe9fb62e7a6a49adbd1faf41f266b5f9feecdceb567aec096784 |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
Process information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
Process information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
Process information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
Process information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
Process information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
Process information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
Process information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
Process information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
Process information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
Process information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
Process information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
Process information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
Process information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
Process information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
Process information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
Process information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
Process information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
Process information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
Process information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
Process information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
Process information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
Process information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
Process information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
Process information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
Process information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOX |
Jump to behavior |