Overview
overview
7Static
static
7MiniIE/CN_...ch.htm
windows7-x64
1MiniIE/CN_...ch.htm
windows10-2004-x64
1MiniIE/CN_...ch.htm
windows7-x64
1MiniIE/CN_...ch.htm
windows10-2004-x64
1MiniIE/CN_...ge.htm
windows7-x64
1MiniIE/CN_...ge.htm
windows10-2004-x64
1MiniIE/CN_...ot.htm
windows7-x64
1MiniIE/CN_...ot.htm
windows10-2004-x64
1MiniIE/CN_...op.htm
windows7-x64
1MiniIE/CN_...op.htm
windows10-2004-x64
1MiniIE/COMCTL32.dll
windows7-x64
1MiniIE/COMCTL32.dll
windows10-2004-x64
1MiniIE/COMDLG32.dll
windows7-x64
1MiniIE/COMDLG32.dll
windows10-2004-x64
1MiniIE/MSINET.dll
windows7-x64
1MiniIE/MSINET.dll
windows10-2004-x64
1MiniIE/Min...re.exe
windows7-x64
1MiniIE/Min...re.exe
windows10-2004-x64
1MiniIE/MiniIE.exe
windows7-x64
3MiniIE/MiniIE.exe
windows10-2004-x64
1MiniIE/MiniIE_2.exe
windows7-x64
1MiniIE/MiniIE_2.exe
windows10-2004-x64
1MiniIE/Min...ox.exe
windows7-x64
1MiniIE/Min...ox.exe
windows10-2004-x64
1MiniIE/Min...fo.exe
windows7-x64
1MiniIE/Min...fo.exe
windows10-2004-x64
1MiniIE/MiniIE_SDD.dll
windows7-x64
1MiniIE/MiniIE_SDD.dll
windows10-2004-x64
1MiniIE/Update.exe
windows7-x64
1MiniIE/Update.exe
windows10-2004-x64
1MiniIE/新...��.url
windows7-x64
1MiniIE/新...��.url
windows10-2004-x64
1Analysis
-
max time kernel
140s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system -
submitted
05/03/2024, 04:58
Behavioral task
behavioral1
Sample
MiniIE/CN_MiniIE_ErrorPage_Search.htm
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
MiniIE/CN_MiniIE_ErrorPage_Search.htm
Resource
win10v2004-20240226-en
Behavioral task
behavioral3
Sample
MiniIE/CN_MiniIE_Search.htm
Resource
win7-20240221-en
Behavioral task
behavioral4
Sample
MiniIE/CN_MiniIE_Search.htm
Resource
win10v2004-20240226-en
Behavioral task
behavioral5
Sample
MiniIE/CN_MiniIE_StartPage.htm
Resource
win7-20240221-en
Behavioral task
behavioral6
Sample
MiniIE/CN_MiniIE_StartPage.htm
Resource
win10v2004-20240226-en
Behavioral task
behavioral7
Sample
MiniIE/CN_MiniIE_StartPage_Bot.htm
Resource
win7-20240221-en
Behavioral task
behavioral8
Sample
MiniIE/CN_MiniIE_StartPage_Bot.htm
Resource
win10v2004-20240226-en
Behavioral task
behavioral9
Sample
MiniIE/CN_MiniIE_StartPage_Top.htm
Resource
win7-20240221-en
Behavioral task
behavioral10
Sample
MiniIE/CN_MiniIE_StartPage_Top.htm
Resource
win10v2004-20240226-en
Behavioral task
behavioral11
Sample
MiniIE/COMCTL32.dll
Resource
win7-20240215-en
Behavioral task
behavioral12
Sample
MiniIE/COMCTL32.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral13
Sample
MiniIE/COMDLG32.dll
Resource
win7-20240220-en
Behavioral task
behavioral14
Sample
MiniIE/COMDLG32.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral15
Sample
MiniIE/MSINET.dll
Resource
win7-20240221-en
Behavioral task
behavioral16
Sample
MiniIE/MSINET.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral17
Sample
MiniIE/MiniIE-Capture.exe
Resource
win7-20240221-en
Behavioral task
behavioral18
Sample
MiniIE/MiniIE-Capture.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral19
Sample
MiniIE/MiniIE.exe
Resource
win7-20240220-en
Behavioral task
behavioral20
Sample
MiniIE/MiniIE.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral21
Sample
MiniIE/MiniIE_2.exe
Resource
win7-20240221-en
Behavioral task
behavioral22
Sample
MiniIE/MiniIE_2.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral23
Sample
MiniIE/MiniIE_FavoriteBox.exe
Resource
win7-20240221-en
Behavioral task
behavioral24
Sample
MiniIE/MiniIE_FavoriteBox.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral25
Sample
MiniIE/MiniIE_Info.exe
Resource
win7-20240221-en
Behavioral task
behavioral26
Sample
MiniIE/MiniIE_Info.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral27
Sample
MiniIE/MiniIE_SDD.dll
Resource
win7-20240221-en
Behavioral task
behavioral28
Sample
MiniIE/MiniIE_SDD.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral29
Sample
MiniIE/Update.exe
Resource
win7-20240221-en
Behavioral task
behavioral30
Sample
MiniIE/Update.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral31
Sample
MiniIE/新云软件.url
Resource
win7-20240220-en
Behavioral task
behavioral32
Sample
MiniIE/新云软件.url
Resource
win10v2004-20240226-en
General
-
Target
MiniIE/MiniIE.exe
-
Size
204KB
-
MD5
9d94d28ba02d8ca5618aa2522890fd50
-
SHA1
69fe8c955c91eda9cf177ea7b0fd77a488cdbf4c
-
SHA256
164abbc13f5215abf952931611328a369cdefcae681158d45c17adb98b444ffe
-
SHA512
c4f5a1713d348e4eb0abcb24fac5a23afe0162e339ea425cdc818996731afd8dc228a7a3a1acd94d80aa44b99ea53dad07918d94add29c1fada7386a814e35cb
-
SSDEEP
6144:tw+jHXPmIHnqxnEmw2hjJ05bOTN1B7nSWiR:tlm0q1/b5J0RQNLMR
Malware Config
Signatures
-
description ioc Process Key created \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000\Software\Microsoft\Internet Explorer\TypedURLs MiniIE.exe -
Modifies registry class 64 IoCs
description ioc Process Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{EC0AB1C0-6CAB-11CF-8998-00AA00688B10}\TypeLib\ = "{6B7E6392-850A-101B-AFC0-4210102A8DA7}" MiniIE.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2334D2B3-713E-11CF-8AE5-00AA00C00905}\TypeLib\Version = "1.3" MiniIE.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{612A8625-0FB3-11CE-8747-524153480004}\TypeLib MiniIE.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{2C787A50-E01C-11CF-8E74-00A0C90F26F8}\TypeLib\ = "{6B7E6392-850A-101B-AFC0-4210102A8DA7}" MiniIE.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{0713E8D0-850A-101B-AFC0-4210102A8DA7}\ = "IProgressBar10" MiniIE.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{0713E8AF-850A-101B-AFC0-4210102A8DA7}\ProxyStubClsid32\ = "{00020420-0000-0000-C000-000000000046}" MiniIE.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{58DA8D91-9D6A-101B-AFC0-4210102A8DA7}\ProxyStubClsid32 MiniIE.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7791BA52-E020-11CF-8E74-00A0C90F26F8}\TypeLib\ = "{6B7E6392-850A-101B-AFC0-4210102A8DA7}" MiniIE.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F4D83602-895E-11D0-B0A6-000000000000}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" MiniIE.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{58DA8D8B-9D6A-101B-AFC0-4210102A8DA7}\TypeLib MiniIE.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{58DA8D90-9D6A-101B-AFC0-4210102A8DA7}\ProxyStubClsid32\ = "{00020420-0000-0000-C000-000000000046}" MiniIE.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{F4D83602-895E-11D0-B0A6-000000000000}\ = "IListItem" MiniIE.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{0713E8AE-850A-101B-AFC0-4210102A8DA7}\ProxyStubClsid32 MiniIE.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{612A8624-0FB3-11CE-8747-524153480004}\Implemented Categories\{0DE86A52-2BAA-11CF-A229-00AA003D7352} MiniIE.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{6B7E6393-850A-101B-AFC0-4210102A8DA7}\InprocServer32\ = "C:\\Users\\Admin\\AppData\\Local\\Temp\\MiniIE\\COMCTL32.OCX" MiniIE.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{0713E791-850A-101B-AFC0-4210102A8DA7}\TypeLib MiniIE.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{2C787A52-E01C-11CF-8E74-00A0C90F26F8}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" MiniIE.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{7791BA60-E020-11CF-8E74-00A0C90F26F8}\ProxyStubClsid32 MiniIE.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F4D83601-895E-11D0-B0A6-000000000000}\TypeLib\Version = "1.3" MiniIE.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{EC0AB1C0-6CAB-11CF-8998-00AA00688B10}\ = "IControls" MiniIE.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\InternetShortcut\shell\open\command MiniIE.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0713E8A2-850A-101B-AFC0-4210102A8DA7}\Implemented Categories\{0DE86A52-2BAA-11CF-A229-00AA003D7352} MiniIE.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{58DA8D8F-9D6A-101B-AFC0-4210102A8DA7}\InprocServer32\ = "C:\\Users\\Admin\\AppData\\Local\\Temp\\MiniIE\\COMCTL32.OCX" MiniIE.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{7791BA62-E020-11CF-8E74-00A0C90F26F8}\TypeLib MiniIE.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{BF877896-E026-11CF-8E74-00A0C90F26F8}\TypeLib MiniIE.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{F9043C85-F6F2-101A-A3C9-08002B2F49FB}\Implemented Categories\{40FC6ED4-2438-11CF-A3DB-080036F12502} MiniIE.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{612A8628-0FB3-11CE-8747-524153480004}\ = "Toolbar General Property Page Object" MiniIE.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{0713E451-850A-101B-AFC0-4210102A8DA7}\TypeLib MiniIE.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\http\shell\MiniIE MiniIE.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{58DA8D8A-9D6A-101B-AFC0-4210102A8DA7}\MiscStatus\1\ = "131473" MiniIE.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{9ED94442-E5E8-101B-B9B5-444553540000}\ProxyStubClsid32\ = "{00020420-0000-0000-C000-000000000046}" MiniIE.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{7791BA62-E020-11CF-8E74-00A0C90F26F8}\TypeLib\Version = "1.3" MiniIE.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{F4D83604-895E-11D0-B0A6-000000000000}\TypeLib\Version = "1.3" MiniIE.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{48E59291-9880-11CF-9754-00AA00C00908}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" MiniIE.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{F9043C85-F6F2-101A-A3C9-08002B2F49FB}\InprocServer32\ThreadingModel = "Apartment" MiniIE.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\COMCTL.Slider\CurVer MiniIE.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{2334D2B3-713E-11CF-8AE5-00AA00C00905}\TypeLib\ = "{6B7E6392-850A-101B-AFC0-4210102A8DA7}" MiniIE.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{E6E17E8A-DF38-11CF-8E74-00A0C90F26F8} MiniIE.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{0713E451-850A-101B-AFC0-4210102A8DA7}\TypeLib\ = "{6B7E6392-850A-101B-AFC0-4210102A8DA7}" MiniIE.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{0713E8B0-850A-101B-AFC0-4210102A8DA7}\ProxyStubClsid32\ = "{00020420-0000-0000-C000-000000000046}" MiniIE.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{BF877890-E026-11CF-8E74-00A0C90F26F8}\TypeLib MiniIE.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{EC0AB1C0-6CAB-11CF-8998-00AA00688B10}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" MiniIE.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{3C4F3BE7-47EB-101B-A3C9-08002B2F49FB} MiniIE.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{58DA8D93-9D6A-101B-AFC0-4210102A8DA7} MiniIE.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{373FF7F0-EB8B-11CD-8820-08002B2F4F5A}\Implemented Categories\{0DE86A57-2BAA-11CF-A229-00AA003D7352} MiniIE.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{0713E791-850A-101B-AFC0-4210102A8DA7}\TypeLib\Version = "1.3" MiniIE.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{0713E8D1-850A-101B-AFC0-4210102A8DA7}\TypeLib MiniIE.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{7791BA62-E020-11CF-8E74-00A0C90F26F8}\ProxyStubClsid32 MiniIE.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{0713E8B1-850A-101B-AFC0-4210102A8DA7}\TypeLib MiniIE.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0002DF01-0000-0000-C000-000000000046}\LocalServer32 MiniIE.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\htmlfile\shell\MiniIE\command\ = "\"C:\\Users\\Admin\\AppData\\Local\\Temp\\MiniIE\\MiniIE.exe\" \"%1\"" MiniIE.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{58DA8D8A-9D6A-101B-AFC0-4210102A8DA7}\ProgID\ = "COMCTL.ListViewCtrl.1" MiniIE.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\COMCTL.TreeCtrl.1\CLSID\ = "{0713E8A2-850A-101B-AFC0-4210102A8DA7}" MiniIE.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{6B7E6391-850A-101B-AFC0-4210102A8DA7}\ProxyStubClsid32 MiniIE.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{0713E8D0-850A-101B-AFC0-4210102A8DA7}\ProxyStubClsid32\ = "{00020420-0000-0000-C000-000000000046}" MiniIE.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}\MiscStatus\ = "0" MiniIE.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{F9043C87-F6F2-101A-A3C9-08002B2F49FB}\ = "ICommonDialogEvents" MiniIE.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\COMCTL.ImageListCtrl.1\CLSID\ = "{58DA8D8F-9D6A-101B-AFC0-4210102A8DA7}" MiniIE.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{6B7E638F-850A-101B-AFC0-4210102A8DA7}\MiscStatus\1 MiniIE.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{0713E8A7-850A-101B-AFC0-4210102A8DA7}\ProxyStubClsid32 MiniIE.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{58DA8D95-9D6A-101B-AFC0-4210102A8DA7}\TypeLib\Version = "1.3" MiniIE.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{E6E17E86-DF38-11CF-8E74-00A0C90F26F8}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" MiniIE.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{F4D83603-895E-11D0-B0A6-000000000000}\TypeLib\ = "{6B7E6392-850A-101B-AFC0-4210102A8DA7}" MiniIE.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{58DA8D91-9D6A-101B-AFC0-4210102A8DA7}\TypeLib MiniIE.exe -
Suspicious use of FindShellTrayWindow 2 IoCs
pid Process 2124 MiniIE_Info.exe 2124 MiniIE_Info.exe -
Suspicious use of SendNotifyMessage 2 IoCs
pid Process 2124 MiniIE_Info.exe 2124 MiniIE_Info.exe -
Suspicious use of SetWindowsHookEx 10 IoCs
pid Process 2308 MiniIE.exe 2308 MiniIE.exe 2308 MiniIE.exe 3968 MiniIE_2.exe 3968 MiniIE_2.exe 3968 MiniIE_2.exe 4916 MiniIE.exe 4916 MiniIE.exe 4916 MiniIE.exe 2124 MiniIE_Info.exe -
Suspicious use of WriteProcessMemory 9 IoCs
description pid Process procid_target PID 2308 wrote to memory of 3968 2308 MiniIE.exe 94 PID 2308 wrote to memory of 3968 2308 MiniIE.exe 94 PID 2308 wrote to memory of 3968 2308 MiniIE.exe 94 PID 3968 wrote to memory of 4916 3968 MiniIE_2.exe 98 PID 3968 wrote to memory of 4916 3968 MiniIE_2.exe 98 PID 3968 wrote to memory of 4916 3968 MiniIE_2.exe 98 PID 4916 wrote to memory of 2124 4916 MiniIE.exe 99 PID 4916 wrote to memory of 2124 4916 MiniIE.exe 99 PID 4916 wrote to memory of 2124 4916 MiniIE.exe 99
Processes
-
C:\Users\Admin\AppData\Local\Temp\MiniIE\MiniIE.exe"C:\Users\Admin\AppData\Local\Temp\MiniIE\MiniIE.exe"1⤵
- Modifies registry class
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2308 -
C:\Users\Admin\AppData\Local\Temp\MiniIE\MiniIE_2.exeC:\Users\Admin\AppData\Local\Temp\MiniIE\MiniIE_2.exe FirstUseC:\Users\Admin\AppData\Local\Temp\MiniIE\MiniIE.exe2⤵
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:3968 -
C:\Users\Admin\AppData\Local\Temp\MiniIE\MiniIE.exeC:\Users\Admin\AppData\Local\Temp\MiniIE\MiniIE.exe3⤵
- Modifies Internet Explorer settings
- Modifies registry class
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:4916 -
C:\Users\Admin\AppData\Local\Temp\MiniIE\MiniIE_Info.exeC:\Users\Admin\AppData\Local\Temp\MiniIE\MiniIE_Info.exe MiniIE - ÕýÔÚ¼ì²é¸üУ¬ÇëÉÔºò... 1 ...4⤵
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
PID:2124
-
-
-