Windows Analysis Report
https://www.adobe.com/go/ConnectShell11

Overview

General Information

Sample URL:	https://www.adobe.com/go/ConnectShell11
Analysis ID:	791294
Infos:

Detection

Score:	4
Range:	0 - 100
Whitelisted:	false
Confidence:	40%

Signatures

Drops files with a non-matching file extension (content does not match file extension)

Queries the volume information (name, serial number etc) of a device

Drops certificate files (DER)

Drops PE files

Tries to load missing DLLs

Stores files to the Windows start menu directory

Found dropped PE file which has not been started or loaded

Abnormal high CPU Usage

Classification

Signatures

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

Directory created: C:\Program Files\Google\GoogleUpdater

Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe

File created: C:\Users\eyup\AppData\Local\Temp\ConnectInstallDebug.log

Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe

Registry value created: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Connect App

Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File opened: C:\Users\eyup\AppData\Local
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File opened: C:\Users\eyup\Documents\desktop.ini
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File opened: C:\Users\eyup\AppData\Local\Temp
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File opened: C:\Users\eyup\Desktop\desktop.ini
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File opened: C:\Users\eyup\AppData
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File opened: C:\Users\eyup

Drops certificate files (DER)

Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe

File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\digest.s

Jump to dropped file

Tries to load missing DLLs

Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Section loaded: linkinfo.dll
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Section loaded: ntshrui.dll
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Section loaded: srvcli.dll
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Section loaded: cscapi.dll
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Section loaded: netutils.dll

Abnormal high CPU Usage

Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe

Process Stats: CPU usage > 98%

Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe

Key opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://www.adobe.com/go/ConnectShell11
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2060 --field-trial-handle=1776,i,12495699109451929491,2760430471534754406,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5628 --field-trial-handle=1776,i,12495699109451929491,2760430471534754406,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5684 --field-trial-handle=1776,i,12495699109451929491,2760430471534754406,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5924 --field-trial-handle=1776,i,12495699109451929491,2760430471534754406,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5188 --field-trial-handle=1776,i,12495699109451929491,2760430471534754406,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Users\eyup\Downloads\ConnectShellSetup11.exe "C:\Users\eyup\Downloads\ConnectShellSetup11.exe"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2060 --field-trial-handle=1776,i,12495699109451929491,2760430471534754406,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5628 --field-trial-handle=1776,i,12495699109451929491,2760430471534754406,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5684 --field-trial-handle=1776,i,12495699109451929491,2760430471534754406,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Process created: C:\Users\eyup\AppData\Roaming\Adobe\Connect\ConnectDetector.exe C:\Users\eyup\AppData\Roaming\Adobe\Connect\connectdetector.exe
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5924 --field-trial-handle=1776,i,12495699109451929491,2760430471534754406,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5188 --field-trial-handle=1776,i,12495699109451929491,2760430471534754406,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Users\eyup\Downloads\ConnectShellSetup11.exe "C:\Users\eyup\Downloads\ConnectShellSetup11.exe"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: unknown	Process created: C:\Users\eyup\AppData\Roaming\Adobe\Connect\Connect.exe "C:\Users\eyup\AppData\Roaming\Adobe\Connect\Connect.exe"
Source: unknown	Process created: C:\Users\eyup\AppData\Roaming\Adobe\Connect\Connect.exe "C:\Users\eyup\AppData\Roaming\Adobe\Connect\Connect.exe"
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Process created: C:\Users\eyup\AppData\Roaming\Adobe\Connect\ConnectDetector.exe C:\Users\eyup\AppData\Roaming\Adobe\Connect\connectdetector.exe
Source: unknown	Process created: C:\Users\eyup\AppData\Roaming\Adobe\Connect\Connect.exe "C:\Users\eyup\AppData\Roaming\Adobe\Connect\Connect.exe"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown

Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe

Key value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\InProcServer32

Source: C:\Users\eyup\AppData\Roaming\Adobe\Connect\ConnectDetector.exe

Mutant created: \Sessions\1\BaseNamedObjects\Local\{F45F2585-6943-4DD9-8740-1602C5BF9D13}

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Program Files\Google\GoogleUpdater

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\eyup\Downloads\6bcc8cff-6afa-4c34-b8b1-3a042b0a5bd0.tmp

Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe

File created: C:\Users\eyup\AppData\Local\Temp\Con553D.tmp

Source: classification engine

Classification label: clean4.win@39/50@0/86

Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe

File read: C:\Users\desktop.ini

Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File read: C:\Windows\System32\drivers\etc\hosts
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File read: C:\Windows\System32\drivers\etc\hosts
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File read: C:\Windows\System32\drivers\etc\hosts

Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe

File opened: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\cr_win_client_config.cfg

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

Directory created: C:\Program Files\Google\GoogleUpdater

Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe

Registry value created: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Connect App

Drops files with a non-matching file extension (content does not match file extension)

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\eyup\Downloads\Unconfirmed 658627.crdownload

Jump to dropped file

Drops PE files

Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\libcef.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\FM.LiveSwitch.Dmo.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\FM.LiveSwitch.Opus.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\concrt140.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: unknown (copy)	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\libcrypto-1_1-x64.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\libvpxfm.dll	Jump to dropped file
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\eyup\Downloads\6bcc8cff-6afa-4c34-b8b1-3a042b0a5bd0.tmp	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\FM.LiveSwitch.AudioProcessing.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\FM.LiveSwitch.JsonNet.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\libyuvfm.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\ConnectDetector.exe	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\CRWindowsClientService.exe	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\libaudioprocessingfm.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\libopusfm.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\AForge.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\librnnoise.dll	Jump to dropped file
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\eyup\Downloads\ConnectShellSetup11.exe (copy)	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\FM.LiveSwitch.Log4Net.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\FM.LiveSwitch.Yuv.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\d3dcompiler_47.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\libGLESv2.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\FM.LiveSwitch.Vpx.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\CRClient.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\libopenh264fm.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\FM.LiveSwitch.WinForms.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\libnvidiafm.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\FM.LiveSwitch.NAudio.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\chrome_elf.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\FM.LiveSwitch.AForge.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\AForge.Video.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\Connect.exe	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\CRLogTransport.exe	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\BouncyCastle.dll	Jump to dropped file
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\eyup\Downloads\Unconfirmed 658627.crdownload	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\FM.LiveSwitch.SharpDX.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\FM.LiveSwitch.Wpf.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\FM.LiveSwitch.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\FM.LiveSwitch.Nvidia.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\FM.LiveSwitch.XirSys.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\EncoderHelper.exe	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\AForge.Video.DirectShow.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\libssl-1_1-x64.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\libEGL.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\FM.LiveSwitch.OpenH264.dll	Jump to dropped file

Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe

File created: C:\Users\eyup\AppData\Local\Temp\ConnectInstallDebug.log

Stores files to the Windows start menu directory

Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe

File created: C:\Users\eyup\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Adobe Connect.lnk

Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Registry value created or modified: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run ConnectDetector
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Registry value created or modified: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run ConnectDetector

Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe

Process information set: NOOPENFILEERRORBOX

Found dropped PE file which has not been started or loaded

Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Dropped PE file which has not been started: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\libcef.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Dropped PE file which has not been started: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\FM.LiveSwitch.Dmo.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Dropped PE file which has not been started: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\FM.LiveSwitch.Opus.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Dropped PE file which has not been started: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\concrt140.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Dropped PE file which has not been started: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\libcrypto-1_1-x64.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Dropped PE file which has not been started: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\libvpxfm.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Dropped PE file which has not been started: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\FM.LiveSwitch.AudioProcessing.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Dropped PE file which has not been started: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\FM.LiveSwitch.JsonNet.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Dropped PE file which has not been started: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\libyuvfm.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Dropped PE file which has not been started: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\CRWindowsClientService.exe	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Dropped PE file which has not been started: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\libaudioprocessingfm.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Dropped PE file which has not been started: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\libopusfm.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Dropped PE file which has not been started: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\AForge.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Dropped PE file which has not been started: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\librnnoise.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Dropped PE file which has not been started: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\FM.LiveSwitch.Log4Net.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Dropped PE file which has not been started: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\FM.LiveSwitch.Yuv.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Dropped PE file which has not been started: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\d3dcompiler_47.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Dropped PE file which has not been started: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\libGLESv2.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Dropped PE file which has not been started: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\CRClient.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Dropped PE file which has not been started: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\FM.LiveSwitch.Vpx.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Dropped PE file which has not been started: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\libopenh264fm.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Dropped PE file which has not been started: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\FM.LiveSwitch.WinForms.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Dropped PE file which has not been started: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\libnvidiafm.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Dropped PE file which has not been started: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\FM.LiveSwitch.NAudio.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Dropped PE file which has not been started: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\chrome_elf.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Dropped PE file which has not been started: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\FM.LiveSwitch.AForge.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Dropped PE file which has not been started: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\AForge.Video.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Dropped PE file which has not been started: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\CRLogTransport.exe	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Dropped PE file which has not been started: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\Connect.exe	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Dropped PE file which has not been started: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\BouncyCastle.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Dropped PE file which has not been started: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\FM.LiveSwitch.Wpf.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Dropped PE file which has not been started: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\FM.LiveSwitch.SharpDX.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Dropped PE file which has not been started: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\FM.LiveSwitch.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Dropped PE file which has not been started: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\FM.LiveSwitch.XirSys.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Dropped PE file which has not been started: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\FM.LiveSwitch.Nvidia.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Dropped PE file which has not been started: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\EncoderHelper.exe	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Dropped PE file which has not been started: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\AForge.Video.DirectShow.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Dropped PE file which has not been started: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\libssl-1_1-x64.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Dropped PE file which has not been started: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\libEGL.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Dropped PE file which has not been started: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\FM.LiveSwitch.OpenH264.dll	Jump to dropped file

Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe

Process information queried: ProcessInformation

Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe

File Volume queried: C:\Users\eyup\AppData\Local\Temp FullSizeInformation

Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File opened: C:\Users\eyup\AppData\Local
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File opened: C:\Users\eyup\Documents\desktop.ini
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File opened: C:\Users\eyup\AppData\Local\Temp
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File opened: C:\Users\eyup\Desktop\desktop.ini
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File opened: C:\Users\eyup\AppData
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File opened: C:\Users\eyup

Queries the volume information (name, serial number etc) of a device

Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation

Screenshots

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
142.250.186.67	unknown	United States	15169	GOOGLEUS	false
142.250.185.78	unknown	United States	15169	GOOGLEUS	false
1.1.1.1	unknown	Australia	13335	CLOUDFLARENETUS	false
34.104.35.123	unknown	United States	15169	GOOGLEUS	false
2.16.238.27	unknown	European Union	20940	AKAMAI-ASN1EU	false
172.217.18.4	unknown	United States	15169	GOOGLEUS	false
2.19.126.84	unknown	European Union	16625	AKAMAI-ASUS	false
2.16.238.9	unknown	European Union	20940	AKAMAI-ASN1EU	false
2.19.126.92	unknown	European Union	16625	AKAMAI-ASUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
142.250.184.205	unknown	United States	15169	GOOGLEUS	false
142.250.186.99	unknown	United States	15169	GOOGLEUS	false
142.250.74.196	unknown	United States	15169	GOOGLEUS	false

Private

IP
192.168.2.1
127.0.0.1

Name	Type	MD5	SHA1	SHA256
C:\Users\eyup\AppData\Local\Microsoft\Windows\INetCache\IE\R9BYEINB\Payload11_2022_10_42[1].zip	Zip archive data, at least v2.0 to extract, compression method=deflate	B14D7997ED15894BEFF9D994E5324B41	1930AB83F8E635CCB0F6696F71BC2925B1C633B4	15826C13312125EAB6EA3C42F873D45A19D09F05E2BA7099BC19B4A93B0C7511
C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\AForge.Video.DirectShow.dll	PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows	F2D4A234480D899864AD5D702890F1B7	A5D7C5D44BFC44769D02C4736A86EC5119B8E6C9	DFF6E2D4BDCEE7D012FBDE3A161C42F9FA15295A98C49A3D45CDF2AED395F3F7
C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\AForge.Video.dll	PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows	53402447207D3969CCBD5D42D4DC448B	881E39FA58A44EEDBD9660A070096FC87BDFF730	65C709F5511B10F41013AE71B04999BD61EE1209199E8CC1D498E17287C04FB0
C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\AForge.dll	PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows	7ABFC5592FA3F1F3107D44854D11CD5A	75C52AF7A2365CE6194A9181C4F49A5749FEED71	D7FB60D87973C85F3B3E5E2160F576ABFAC1B1D0C2F8F0BF199393EB32B6EC75
C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\BouncyCastle.dll	PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows	5A476B11A9309B6071B305136B28DDF6	E8AFE5C560B37BAC951F0CDA44C3CD51A82416E2	36F7ED5D21CEB669FFE3645EBB9AEA2BBF20E12ECB198ED869FEA240793BFC73
C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\CRClient.dll	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	8E5BBF03A5535F0150D8CF8F0527E640	54E28824D81D6B9369F081652157FB68FAEACF70	6D581AA932104C5B8C198536D85708054EFF1BB106D5E161C857DD2F81AD1FD5
C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\CRLogTransport.exe	PE32 executable (console) Intel 80386, for MS Windows	793EF24C0B30AC343E9F5DD2550B7E7D	DDDAAA80E2C6EE2D8C321B8FBABEEFBEBB27D365	1EAD67900D3A3DA1AF364899B944E0DE4A101BC3C8CAFA8F179A0BF32911ECD1
C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\CRWindowsClientService.exe	PE32+ executable (GUI) x86-64, for MS Windows	B1D2B5079FC5859CA3D5149EE7AEACCF	0EC38B6E2B29B56D62C565241D97DD143BB50EBA	EF5FFDEFB493DA1898246C8D9F202E218188C28C6FCD695F34B0D12A2136D995
C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\Connect.exe	PE32+ executable (GUI) x86-64, for MS Windows	6B2652F2F1395CC69F6059D5E8248D8B	0510D81EE1EEAF0CEE41A54A3ECCB3C01314E635	62FE0232955662E7F06351A8B7DADC7FDF0B603B1F42F2CA7953A2398E2664AE
C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\ConnectDetector.exe	PE32+ executable (GUI) x86-64, for MS Windows	77A4C18414964E80B8BBBADF52319578	389A72B64274B2C171548A6C899D4BBB0EE17CDF	1BB861DCA97F170E7B454E136936A9838133EE7977887403F45362E019BA9F2F
C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\EncoderHelper.exe	PE32 executable (console) Intel 80386, for MS Windows	136A540ED3C87AF402401646FF8C09A7	9C3228A4634039D826144FCB880234394B1CACAA	C6616BD25BA2DF064BF9A7CF18C301BE03472CE73CF9A998FC9682914BD2BA92
C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\FM.LiveSwitch.AForge.dll	PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows	042721E52D2319341D6DFA68142A178F	F7921E86921AE26B73EC2F46DC27E00DD4958810	CBF3FDED17EB548969B3C295A6537487AE28DE69A6C91466690A571C21061C27
C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\FM.LiveSwitch.AudioProcessing.dll	PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows	65DD938E2C4FB23F965426639A12472E	7AA7E4E8C552409E0E6B41778FFE811E1378F2E9	FA58BE83A100D8B1E52E25B3A35A433BC2A7A90309A7ECDA3B4A368A49A7FE47
C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\FM.LiveSwitch.Dmo.dll	PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows	797408A86A1E26BA934E1717089D19F0	77070A968A2AC31E6EAB201A9811D158B83314A2	BD7CAFA1840E21DEABA9EDFDED81FC19074F642315B4ADC6D4FF5726B6D74D3F
C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\FM.LiveSwitch.JsonNet.dll	PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows	E5E414993A811DA7D0E0168B24568905	1DA475B68A926829DE06C84AEEB5090176895BAA	B07A1A9EB60BFA8353996915CB2775A2943C5F911E0F5D8697A169B8CB37062F
C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\FM.LiveSwitch.Log4Net.dll	PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows	BC04AD8DA42F4066065D11ECC571691D	096C3502D59BF8B2FEAD503CE350EAF5DE83A32D	3151AEF429915E30AA7DB46F19AE53A5DDDBDDA12B7116CAAB2369CA841DCA21
C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\FM.LiveSwitch.NAudio.dll	PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows	A3BB2B8E6A73CF5D3C152AF36FA93C0F	9057CF1BDEB7BF7A84C8E5E52F6C67620E06ACE5	74593E4567F6064E77CF9E3CCD951FAAFFB28911539BFE99DDCCBC66FBC24E19
C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\FM.LiveSwitch.Nvidia.dll	PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows	E6855C04E63490063D0EDF9054254115	E89165247310A02FEA14A51F9EECC4739F85E369	C3FB9F335930168B73F1D3500AA7944398C42EC2EB6F17B78388B70FBA8EFC39
C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\FM.LiveSwitch.OpenH264.dll	PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows	D0C3EE892C6A228769790CA621A930A1	54A15CBD69C5558853DD6BFDF48D8AB2FAE9EAE4	5F9C2005FE2717DF76C73F56C3966E080A1F48BFF033652587DECC97F111D35E
C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\FM.LiveSwitch.Opus.dll	PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows	30031A90FCB9CBD701D7B76738EEB497	78E68C62B4C4B7CD9C2EB695C9DBB01C6232F50E	616A9C369F92A3263959F78861956D8DFC12B1CAA8125ED0BC920B5799684ED7
C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\FM.LiveSwitch.SharpDX.dll	PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows	EDD820F6AABF88214032398717E5B3F3	A4AEE2576C3014307722BC5AD3FB3CF180A36438	87DDDE6A84B04E63D5BDECF71667945321B4AECCD7F98E5128F49A666C3E3F0B
C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\FM.LiveSwitch.Vpx.dll	PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows	41878D1047F5D27B470D4968736AF2A3	076ADFD9A02063113405BDB0D3D18050022B0CD5	C2AA79494B3389EF5315D0E8783359EE5BE688C12E19597ADB2607BFCA43B19B
C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\FM.LiveSwitch.WinForms.dll	PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows	0F15CBBF554E12B62F5FB4A8CD2253E3	0F4D36FBB83C403B07CE29B8B0D96BB55FE3B77B	A056FC0CED4006867E2574CBD0EA4AE8272DDFFA87762D85B17DE30C643071E8
C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\FM.LiveSwitch.Wpf.dll	PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows	EB5D3923C13EE0B9F5137D86B680310D	A01BFE4DEAB28471878A0304B51DDCF26A2E3D57	9CC587C2AA3899500A79BBBA7C2240574C5611EB5EF8CA20B9AD17361BB5BC4C
C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\FM.LiveSwitch.XirSys.dll	PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows	B18A5755E3F42D5B00C0DC82C82D5E00	C4981E3EB180FFD616B864546FBBD5A59E61B16A	CCBF2B5596D3AA4F75EF9BB98D7F1DD2F5650DDFCEFD1CB615264D89C5E23514
C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\FM.LiveSwitch.Yuv.dll	PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows	BFDAE019489EEA9ED2048DD3EE087147	E8DFA882CD929414B0415650E59AF9F1FE8632CC	5321FE3EB073F7A3441FD2DC91A8D3B5E6215F8CDC39CFABF4E3D1E1519D4074
C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\FM.LiveSwitch.dll	PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows	D4A244965DA27169F4540F9A3E32FED7	3A9331F67427F88A0A0D7166CC25A8C2163E0A62	6724C5009AE426CAA1C3AD4A4C80BA609A2CE586E28984EAA022B63CFB520052
C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\chrome_100_percent.pak	data	E71E9363E542BBB9A25B46FBD4CD9865	C99CF477EAE30F5F04DA31513A9E92E16E43F858	225207498D45DA5CA15705A98C7197521114AF0A5526DFB21BF89E56647676E3
C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\chrome_200_percent.pak	data	D84BE5F1BB86BD7F04E01CDBF183A247	868534E57E74D830729C66EBAFCF9816A8E0D14B	C35FCF898F5D406E0F3BC3720EB6920617D0C2FE04F25AA57BA4D2C851F8DE4B
C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\chrome_elf.dll	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	B872E030CCAE6134A9B12AE86F69BDEE	FD6D91F8127D11046F5BD9181FDD46DE6023DA45	6438515197781187BCAE1EDF19B160AEE1E5B807703AA865439D3A6094CA893F
C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\concrt140.dll	PE32+ executable (DLL) (console) x86-64, for MS Windows	DE9EDD37564BF089900CA3AB7B55262D	7986976BCBBA012963E92EE8009D6CD44D85D636	929F0AB59E68BF68D64497AADC7D0D8F0821CD5FC563EBDB1ED35E6F04A892BE
C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\cr_win_client_config.cfg	ASCII text, with CRLF line terminators	0A5F7737B4D557942779D447A7D73F19	6105FBBE46C41639848F5A87804025CE2C33026D	75D1E0CAF25ACA7AF0D4CC83E53694B4F1E65B7CFD8508D9AB1D9BC0F2F45778
C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\d3dcompiler_47.dll	PE32+ executable (DLL) (console) x86-64, for MS Windows	6DCEF834269270335651849DBBFA4EDF	511F631AA97690FFDAF20CDAC77AFDB8A4327CC2	B8AF8C7D667A272075973A50A0B886FDDA060A65596E3E8AA9398EE78936884E
C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\digest.s	data	E41B11E4B777BED0033EE2B4C19B2FFC	D2DA219868807941D0B99612E9A38D9B4FE28F98	20DE433450C490C71FEDB9B499B66744B66E20FBD439230116E0FE62AEC3AC81
C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\libEGL.dll	PE32+ executable (DLL) (console) x86-64, for MS Windows	22B6BA6240495597D1F0F2F6AEBD3E94	B4770DEAD75F026FED7878919EA104FD3CDA6576	D0CC62BBD9887254E4F00044A8883F9094C58A2308F8EFDC7831597520F0EE85
C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\libGLESv2.dll	PE32+ executable (DLL) (console) x86-64, for MS Windows	28360667A17213D239B7F9040BC83431	BFE99B7584436D16D27D694939995D7493D29923	C852898353C19D903B67C3D8EC71C377C8A50F3DAB9D2A8EAEBBC5B58DA182FB
C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\libaudioprocessingfm.dll	PE32+ executable (DLL) (console) x86-64, for MS Windows	EBD1D9C0C38A2E8DEC423CBF483EBE5A	74839F7748EFCA2825FDF35B246E6526E92F8753	00C5391ACD30F320F75F76F841AE186E7B4D43B3262456DC410EA19BED6BCF29
C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\libcef.dll	PE32+ executable (DLL) (console) x86-64, for MS Windows	9F903159A932D7805E9BEE2EDCD142C1	C1D347E11ACCEC1E64AECF564B33AB776E19E3E1	3CAB045E9542BBB2E03D524C49B62E67B5BE4E6D3D1C553A434E4E8DD368B896
C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\libcrypto-1_1-x64.dll	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	8A4B40A18CD80A0A884B150C45861242	CD0FD960574519610A4831EFB6D7967FDEDA515A	F69E2ACED60DFFA43BAB11394C7E211B41EBADC6FDE617BD4A018FA03B1D3CD2
C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\libnvidiafm.dll	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	152B9B5CFD073255CD573579AFCF1B6C	CBBDDB2DF944F4B2F3608DF849DE7B7FE096B354	6A1E7BCBA7D0A36A3B2D5A4DFB1FB7D2E3C9D3B6074884D2DF33BE0AF4A94F61
C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\libopenh264fm.dll	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	87EBFC7BBC73564E86F4C29C7CDAA188	D150E6149858C79E276B229932B594D1C7836532	066D0C980BE9474627129AA75BF684100511133BD419A7C207688F182BF14DDA
C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\libopusfm.dll	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	D89109B8DE68329A0EDCE9908A4B3066	28C70BA2DBA2FBA514EB467ACB1452A269704E52	C3CBCB1725A6C87FAC2C4EFEEDB4138B769953942E4A08836CFB213C0629FB78
C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\librnnoise.dll	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	9C694B1150A0459E9299D69D857CEB9C	560DA90E2885F341C4C01DDD08D1B2E5E1731244	72FC0DA1FF38CDE730CE05FE5B910DD5E3DFDA88F1D87645876B221B7FF65E4E
C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\libssl-1_1-x64.dll	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	65C5EEDA06BC04BC0259B37C3BCB99A4	97BEFF8AD9B589E9932C6D08DFF7C3E6DE2AE434	B01A264FA3C5F013CC7E01FB5D73166671D269EB74E91B01B02239CCB8CF03C3
C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\libvpxfm.dll	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	9DCB576C9F513FC70C3AFF2B27DA19C7	C96A5C033A1A7EF0977A646A4987A7E8E7CA239E	7477362A1AF048D99A87EFF771F79CD590183964422060FA43C150A200FDC390
C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\libyuvfm.dll	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	BF74361A1F5705ADFB3C1E1A9E4A4B3B	AD4F2027A4BBFC46A54BD8532ED85E1D41C48C0B	055C976838EBBFDB88FF4FFD02A87D6181B055C60FFCA6D1BF514AB5BAAB3283
C:\Users\eyup\Downloads\6bcc8cff-6afa-4c34-b8b1-3a042b0a5bd0.tmp	PE32 executable (GUI) Intel 80386, for MS Windows	292A904E7EEB0FE1530B77CB3B7D1884	90BD2B0030272257CEE9745753B89A3A28B74401	BA28BDC67EAD566663FBBD9711E5D568C30E1014FDD6D12D7533678623E50431
C:\Users\eyup\Downloads\ConnectShellSetup11.exe (copy)	PE32 executable (GUI) Intel 80386, for MS Windows	00B6898BF01716F6FE6C1FC1E7256905	AEDD9210F27091F9B8AD654B4558609C2688379D	919ECA4E74525FE9A5CAAFCB0BE729BE64A9773D4607A2FB615F128F64B1FAAF
C:\Users\eyup\Downloads\Unconfirmed 658627.crdownload	PE32 executable (GUI) Intel 80386, for MS Windows	00B6898BF01716F6FE6C1FC1E7256905	AEDD9210F27091F9B8AD654B4558609C2688379D	919ECA4E74525FE9A5CAAFCB0BE729BE64A9773D4607A2FB615F128F64B1FAAF
unknown (copy)	PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows	7ABFC5592FA3F1F3107D44854D11CD5A	75C52AF7A2365CE6194A9181C4F49A5749FEED71	D7FB60D87973C85F3B3E5E2160F576ABFAC1B1D0C2F8F0BF199393EB32B6EC75

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

Directory created: C:\Program Files\Google\GoogleUpdater

Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe

File created: C:\Users\eyup\AppData\Local\Temp\ConnectInstallDebug.log

Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe

Registry value created: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Connect App

Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File opened: C:\Users\eyup\AppData\Local
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File opened: C:\Users\eyup\Documents\desktop.ini
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File opened: C:\Users\eyup\AppData\Local\Temp
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File opened: C:\Users\eyup\Desktop\desktop.ini
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File opened: C:\Users\eyup\AppData
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File opened: C:\Users\eyup

Drops certificate files (DER)

Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe

File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\digest.s

Jump to dropped file

Tries to load missing DLLs

Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Section loaded: linkinfo.dll
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Section loaded: ntshrui.dll
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Section loaded: srvcli.dll
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Section loaded: cscapi.dll
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Section loaded: netutils.dll

Abnormal high CPU Usage

Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe

Process Stats: CPU usage > 98%

Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe

Key opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://www.adobe.com/go/ConnectShell11
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2060 --field-trial-handle=1776,i,12495699109451929491,2760430471534754406,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5628 --field-trial-handle=1776,i,12495699109451929491,2760430471534754406,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5684 --field-trial-handle=1776,i,12495699109451929491,2760430471534754406,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5924 --field-trial-handle=1776,i,12495699109451929491,2760430471534754406,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5188 --field-trial-handle=1776,i,12495699109451929491,2760430471534754406,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Users\eyup\Downloads\ConnectShellSetup11.exe "C:\Users\eyup\Downloads\ConnectShellSetup11.exe"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2060 --field-trial-handle=1776,i,12495699109451929491,2760430471534754406,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5628 --field-trial-handle=1776,i,12495699109451929491,2760430471534754406,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5684 --field-trial-handle=1776,i,12495699109451929491,2760430471534754406,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Process created: C:\Users\eyup\AppData\Roaming\Adobe\Connect\ConnectDetector.exe C:\Users\eyup\AppData\Roaming\Adobe\Connect\connectdetector.exe
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5924 --field-trial-handle=1776,i,12495699109451929491,2760430471534754406,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5188 --field-trial-handle=1776,i,12495699109451929491,2760430471534754406,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Users\eyup\Downloads\ConnectShellSetup11.exe "C:\Users\eyup\Downloads\ConnectShellSetup11.exe"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: unknown	Process created: C:\Users\eyup\AppData\Roaming\Adobe\Connect\Connect.exe "C:\Users\eyup\AppData\Roaming\Adobe\Connect\Connect.exe"
Source: unknown	Process created: C:\Users\eyup\AppData\Roaming\Adobe\Connect\Connect.exe "C:\Users\eyup\AppData\Roaming\Adobe\Connect\Connect.exe"
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Process created: C:\Users\eyup\AppData\Roaming\Adobe\Connect\ConnectDetector.exe C:\Users\eyup\AppData\Roaming\Adobe\Connect\connectdetector.exe
Source: unknown	Process created: C:\Users\eyup\AppData\Roaming\Adobe\Connect\Connect.exe "C:\Users\eyup\AppData\Roaming\Adobe\Connect\Connect.exe"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown

Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe

Key value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\InProcServer32

Source: C:\Users\eyup\AppData\Roaming\Adobe\Connect\ConnectDetector.exe

Mutant created: \Sessions\1\BaseNamedObjects\Local\{F45F2585-6943-4DD9-8740-1602C5BF9D13}

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Program Files\Google\GoogleUpdater

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\eyup\Downloads\6bcc8cff-6afa-4c34-b8b1-3a042b0a5bd0.tmp

Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe

File created: C:\Users\eyup\AppData\Local\Temp\Con553D.tmp

Source: classification engine

Classification label: clean4.win@39/50@0/86

Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe

File read: C:\Users\desktop.ini

Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File read: C:\Windows\System32\drivers\etc\hosts
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File read: C:\Windows\System32\drivers\etc\hosts
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File read: C:\Windows\System32\drivers\etc\hosts

Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe

File opened: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\cr_win_client_config.cfg

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

Directory created: C:\Program Files\Google\GoogleUpdater

Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe

Registry value created: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Connect App

Drops files with a non-matching file extension (content does not match file extension)

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\eyup\Downloads\Unconfirmed 658627.crdownload

Jump to dropped file

Drops PE files

Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\libcef.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\FM.LiveSwitch.Dmo.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\FM.LiveSwitch.Opus.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\concrt140.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: unknown (copy)	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\libcrypto-1_1-x64.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\libvpxfm.dll	Jump to dropped file
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\eyup\Downloads\6bcc8cff-6afa-4c34-b8b1-3a042b0a5bd0.tmp	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\FM.LiveSwitch.AudioProcessing.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\FM.LiveSwitch.JsonNet.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\libyuvfm.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\ConnectDetector.exe	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\CRWindowsClientService.exe	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\libaudioprocessingfm.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\libopusfm.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\AForge.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\librnnoise.dll	Jump to dropped file
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\eyup\Downloads\ConnectShellSetup11.exe (copy)	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\FM.LiveSwitch.Log4Net.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\FM.LiveSwitch.Yuv.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\d3dcompiler_47.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\libGLESv2.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\FM.LiveSwitch.Vpx.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\CRClient.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\libopenh264fm.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\FM.LiveSwitch.WinForms.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\libnvidiafm.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\FM.LiveSwitch.NAudio.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\chrome_elf.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\FM.LiveSwitch.AForge.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\AForge.Video.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\Connect.exe	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\CRLogTransport.exe	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\BouncyCastle.dll	Jump to dropped file
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\eyup\Downloads\Unconfirmed 658627.crdownload	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\FM.LiveSwitch.SharpDX.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\FM.LiveSwitch.Wpf.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\FM.LiveSwitch.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\FM.LiveSwitch.Nvidia.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\FM.LiveSwitch.XirSys.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\EncoderHelper.exe	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\AForge.Video.DirectShow.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\libssl-1_1-x64.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\libEGL.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File created: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\FM.LiveSwitch.OpenH264.dll	Jump to dropped file

Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe

File created: C:\Users\eyup\AppData\Local\Temp\ConnectInstallDebug.log

Stores files to the Windows start menu directory

Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe

File created: C:\Users\eyup\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Adobe Connect.lnk

Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Registry value created or modified: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run ConnectDetector
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Registry value created or modified: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run ConnectDetector

Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe

Process information set: NOOPENFILEERRORBOX

Found dropped PE file which has not been started or loaded

Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Dropped PE file which has not been started: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\libcef.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Dropped PE file which has not been started: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\FM.LiveSwitch.Dmo.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Dropped PE file which has not been started: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\FM.LiveSwitch.Opus.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Dropped PE file which has not been started: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\concrt140.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Dropped PE file which has not been started: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\libcrypto-1_1-x64.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Dropped PE file which has not been started: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\libvpxfm.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Dropped PE file which has not been started: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\FM.LiveSwitch.AudioProcessing.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Dropped PE file which has not been started: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\FM.LiveSwitch.JsonNet.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Dropped PE file which has not been started: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\libyuvfm.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Dropped PE file which has not been started: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\CRWindowsClientService.exe	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Dropped PE file which has not been started: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\libaudioprocessingfm.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Dropped PE file which has not been started: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\libopusfm.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Dropped PE file which has not been started: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\AForge.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Dropped PE file which has not been started: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\librnnoise.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Dropped PE file which has not been started: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\FM.LiveSwitch.Log4Net.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Dropped PE file which has not been started: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\FM.LiveSwitch.Yuv.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Dropped PE file which has not been started: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\d3dcompiler_47.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Dropped PE file which has not been started: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\libGLESv2.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Dropped PE file which has not been started: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\CRClient.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Dropped PE file which has not been started: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\FM.LiveSwitch.Vpx.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Dropped PE file which has not been started: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\libopenh264fm.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Dropped PE file which has not been started: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\FM.LiveSwitch.WinForms.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Dropped PE file which has not been started: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\libnvidiafm.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Dropped PE file which has not been started: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\FM.LiveSwitch.NAudio.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Dropped PE file which has not been started: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\chrome_elf.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Dropped PE file which has not been started: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\FM.LiveSwitch.AForge.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Dropped PE file which has not been started: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\AForge.Video.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Dropped PE file which has not been started: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\CRLogTransport.exe	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Dropped PE file which has not been started: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\Connect.exe	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Dropped PE file which has not been started: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\BouncyCastle.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Dropped PE file which has not been started: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\FM.LiveSwitch.Wpf.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Dropped PE file which has not been started: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\FM.LiveSwitch.SharpDX.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Dropped PE file which has not been started: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\FM.LiveSwitch.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Dropped PE file which has not been started: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\FM.LiveSwitch.XirSys.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Dropped PE file which has not been started: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\FM.LiveSwitch.Nvidia.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Dropped PE file which has not been started: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\EncoderHelper.exe	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Dropped PE file which has not been started: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\AForge.Video.DirectShow.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Dropped PE file which has not been started: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\libssl-1_1-x64.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Dropped PE file which has not been started: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\libEGL.dll	Jump to dropped file
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Dropped PE file which has not been started: C:\Users\eyup\AppData\Local\Temp\ConB14B.tmp\FM.LiveSwitch.OpenH264.dll	Jump to dropped file

Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe

Process information queried: ProcessInformation

Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe

File Volume queried: C:\Users\eyup\AppData\Local\Temp FullSizeInformation

Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File opened: C:\Users\eyup\AppData\Local
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File opened: C:\Users\eyup\Documents\desktop.ini
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File opened: C:\Users\eyup\AppData\Local\Temp
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File opened: C:\Users\eyup\Desktop\desktop.ini
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File opened: C:\Users\eyup\AppData
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	File opened: C:\Users\eyup

Queries the volume information (name, serial number etc) of a device

Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation
Source: C:\Users\eyup\Downloads\ConnectShellSetup11.exe	Queries volume information: C:\Users\eyup\AppData\Local\Temp\Con56D6.tmp.zip VolumeInformation

ID:	791294
Product:	CloudBasic
Start time:	09:38:36
Start date:	25.01.2023
Cookbook:	defaultwindowsinteractivecookbook.jbs
System description:	Windows 10 64 bit version 1909 (MS Office 2019, IE 11, Chrome 104, Firefox 88, Adobe Reader DC 21, Java 8 u291, 7-Zip)
Architecture:	WINDOWS

Windows Analysis Report
https://www.adobe.com/go/ConnectShell11

Overview

General Information

Detection

Signatures

Classification

Signatures

Compliance

Spreading

E-Banking Fraud

System Summary

Persistence and Installation Behavior

Boot Survival

Hooking and other Techniques for Hiding and Protection

Malware Analysis System Evasion

Language, Device and Operating System Detection

Screenshots

Network Map

Contacted Public IPs

Private

Windows Analysis Report https://www.adobe.com/go/ConnectShell11

Overview

General Information

Detection

Signatures

Classification

Signatures

Compliance

Spreading

E-Banking Fraud

System Summary

Persistence and Installation Behavior

Boot Survival

Hooking and other Techniques for Hiding and Protection

Malware Analysis System Evasion

Language, Device and Operating System Detection

Screenshots

Network Map

Contacted Public IPs

Private

Windows Analysis Report
https://www.adobe.com/go/ConnectShell11