Category | Machine | Started | Completed |
---|---|---|---|
FILE | s1_win7_x6402 | July 23, 2024, 9:04 a.m. | July 23, 2024, 9:05 a.m. |
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSONUtils_ApplyPatches
612-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSONUtils_ApplyPatches
1592
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSONUtils_ApplyPatchesCaseSensitive
2252-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSONUtils_ApplyPatchesCaseSensitive
504
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSONUtils_FindPointerFromObjectTo
2388-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSONUtils_FindPointerFromObjectTo
1700
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSONUtils_AddPatchToArray
3020-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSONUtils_AddPatchToArray
2124
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSONUtils_GenerateMergePatch
1620-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSONUtils_GenerateMergePatch
2764
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSONUtils_GenerateMergePatchCaseSensitive
2564-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSONUtils_GenerateMergePatchCaseSensitive
2888
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSONUtils_GeneratePatches
2968-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSONUtils_GeneratePatches
200
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSONUtils_GeneratePatchesCaseSensitive
1188-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSONUtils_GeneratePatchesCaseSensitive
2528
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSONUtils_GetPointer
2136-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSONUtils_GetPointer
2856
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSONUtils_GetPointerCaseSensitive
3040-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSONUtils_GetPointerCaseSensitive
2400
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSONUtils_MergePatch
2412-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSONUtils_MergePatch
832
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSONUtils_MergePatchCaseSensitive
2800-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSONUtils_MergePatchCaseSensitive
2104
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSONUtils_SortObject
1716-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSONUtils_SortObject
1300
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSONUtils_SortObjectCaseSensitive
1596-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSONUtils_SortObjectCaseSensitive
2796
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_AddArrayToObject
1692-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_AddArrayToObject
3172
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_AddBoolToObject
3108-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_AddBoolToObject
3244
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_AddFalseToObject
3308-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_AddFalseToObject
3448
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_AddItemReferenceToArray
3420-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_AddItemReferenceToArray
3584
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_AddItemReferenceToObject
3604-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_AddItemReferenceToObject
3744
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_AddItemToArray
3732-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_AddItemToArray
3936
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_AddItemToObject
3892-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_AddItemToObject
4060
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_AddItemToObjectCS
4032-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_AddItemToObjectCS
3268
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_AddNullToObject
3260-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_AddNullToObject
3524
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_AddNumberToObject
3440-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_AddNumberToObject
3696
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_AddObjectToObject
3708-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_AddObjectToObject
3800
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_AddRawToObject
3972-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_AddRawToObject
3336
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_AddStringToObject
3220-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_AddStringToObject
2464
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_AddTrueToObject
3504-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_AddTrueToObject
3956
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_Compare
2496-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_Compare
3392
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_CreateArray
3808-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_CreateArray
3100
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_CreateArrayReference
4028-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_CreateArrayReference
3288
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_CreateBool
3928-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_CreateBool
3776
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_CreateDoubleArray
3120-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_CreateDoubleArray
4280
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_CreateFalse
4272-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_CreateFalse
4380
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_CreateFloatArray
4452-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_CreateFloatArray
4624
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_CreateIntArray
4576-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_CreateIntArray
4768
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_CreateNull
4740-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_CreateNull
4912
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_CreateNumber
4880-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_CreateNumber
5040
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_CreateObject
5028-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_CreateObject
3472
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_CreateObjectReference
4216-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_CreateObjectReference
4444
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_CreateRaw
4464-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_CreateRaw
4656
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_CreateString
4636-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_CreateString
4940
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_CreateStringArray
4900-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_CreateStringArray
4188
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_CreateStringReference
5076-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_CreateStringReference
4540
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_CreateTrue
4496-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_CreateTrue
4720
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_Delete
4736-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_Delete
4196
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_DeleteItemFromArray
4320-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_DeleteItemFromArray
5456
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_DeleteItemFromObject
5480-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_DeleteItemFromObject
5696
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_DeleteItemFromObjectCaseSensitive
5628-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_DeleteItemFromObjectCaseSensitive
5780
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_DetachItemFromArray
5804-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_DetachItemFromArray
5976
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_DetachItemFromObject
5924-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_DetachItemFromObject
6060
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_DetachItemFromObjectCaseSensitive
6100-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_DetachItemFromObjectCaseSensitive
5548
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_DetachItemViaPointer
5512-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_DetachItemViaPointer
5720
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_Duplicate
5836-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_Duplicate
6044
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_GetArrayItem
5992-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_GetArrayItem
5516
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_GetArraySize
5564-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_GetArraySize
5552
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_GetErrorPtr
5996-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_GetErrorPtr
5920
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_GetNumberValue
6120-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_GetNumberValue
4552
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_GetObjectItem
6096-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_GetObjectItem
5788
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_GetObjectItemCaseSensitive
5856-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_GetObjectItemCaseSensitive
6116
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_GetStringValue
6184-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_GetStringValue
6376
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_HasObjectItem
6292-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_HasObjectItem
6472
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_InitHooks
6412-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_InitHooks
6668
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_InsertItemInArray
6596-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_InsertItemInArray
6768
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_IsArray
6756-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_IsArray
6972
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_IsBool
6924-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_IsBool
7088
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_IsFalse
7080-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_IsFalse
6136
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_IsInvalid
6280-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_IsInvalid
6372
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_IsNull
6504-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_IsNull
6712
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_IsNumber
6608 -
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\mscorsvc.dll,cJSON_IsObject
6876
Name | Response | Post-Analysis Lookup |
---|---|---|
No hosts contacted. |
IP Address | Status | Action |
---|---|---|
164.124.101.2 | Active | Moloch |
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
pdb_path | D:\c++\Mal_Cookie_x64\x64\Release\mscorsvc.pdb |
section | _RDATA |
Bkav | W64.AIDetectMalware |
Elastic | malicious (moderate confidence) |
Cynet | Malicious (score: 100) |
ESET-NOD32 | a variant of Win64/PSW.Agent.HR |
Kaspersky | UDS:Trojan.Win32.Loader.jga |
McAfeeD | ti!4AD9845E691D |
Ikarus | Win32.Outbreak |
Microsoft | Trojan:Win32/Casdet!rfn |
ZoneAlarm | UDS:Trojan.Win32.Loader.jga |
SentinelOne | Static AI - Suspicious PE |