What is DisplayLinkUI.exe?
DisplayLinkUI.exe is part of DisplayLink Core Software v8.6.1317.0 and developed by DisplayLink Corp. according to the DisplayLinkUI.exe version information.
DisplayLinkUI.exe's description is "DisplayLinkUI Sys-Tray Application"
DisplayLinkUI.exe is digitally signed by DISPLAYLINK (UK) LIMITED.
DisplayLinkUI.exe is usually located in the 'C:\Program Files\DisplayLink Core Software\' folder.
None of the anti-virus scanners at VirusTotal reports anything malicious about DisplayLinkUI.exe.
If you have additional information about the file, please share it with the FreeFixer users by posting a comment at the bottom of this page.
Vendor and version information [?]
The following is the available information on DisplayLinkUI.exe:
| Property | Value |
|---|---|
| Product name | DisplayLink Core Software v8.6.1317.0 |
| Company name | DisplayLink Corp. |
| File description | DisplayLinkUI Sys-Tray Application |
| Internal name | DisplayLinkUI |
| Original filename | DisplayLinkUI.exe |
| Legal copyright | Copyright (c) 2003 - 2018 DisplayLink (UK) Ltd. All rights reserved. |
| Product version | 8, 6, 1317, 0 |
| File version | 8, 6, 1317, 0 |
Here's a screenshot of the file properties when displayed by Windows Explorer:
| Product name | DisplayLink Core Software v8.6.1317.0 |
| Company name | DisplayLink Corp. |
| File description | DisplayLinkUI Sys-Tray Application |
| Internal name | DisplayLinkUI |
| Original filename | DisplayLinkUI.exe |
| Legal copyright | Copyright (c) 2003 - 2018 DisplayLin.. |
| Product version | 8, 6, 1317, 0 |
| File version | 8, 6, 1317, 0 |
Digital signatures [?]
DisplayLinkUI.exe has a valid digital signature.
| Property | Value |
|---|---|
| Signer name | DISPLAYLINK (UK) LIMITED |
| Certificate issuer name | Symantec Class 3 SHA256 Code Signing CA |
| Certificate serial number | 2b4bb6b5c03e21301c2a419a4a1d5f14 |
VirusTotal report
None of the 73 anti-virus programs at VirusTotal detected the DisplayLinkUI.exe file.
Sandbox Report
The following information was gathered by executing the file inside Cuckoo Sandbox.
Summary
Successfully executed process in sandbox.
Summary
{
"file_created": [
"C:\\Users\\cuck\\AppData\\Local\\Temp\\DisplayLinkUI.log"
],
"dll_loaded": [
"AddOnApi64.dll",
"kernel32",
"SHELL32.dll",
"kernel32.dll",
"wtsapi32.dll",
"dwmapi.dll",
"ole32.dll",
"C:\\Windows\\system32\\uxtheme.dll"
],
"file_failed": [
"C:\\Windows\\Temp\\DisplayLink\\"
],
"regkey_opened": [
"HKEY_CURRENT_USER\\Software",
"HKEY_LOCAL_MACHINE\\Software",
"HKEY_CURRENT_USER\\Software\\DisplayLink",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\DisplayLink"
],
"file_written": [
"C:\\Users\\cuck\\AppData\\Local\\Temp\\DisplayLinkUI.log"
],
"file_exists": [
"C:\\Users\\cuck\\AppData\\Local\\Temp\\18d1c68de94170aa6a06739a1993c3776785a2690b1f9f347fe67ef45301afd3.bin"
],
"mutex": [
"Local\\DisplayLinkUI_prevInstanceDetector"
],
"file_opened": [
"C:\\",
"C:\\Windows\\Globalization\\Sorting\\sortdefault.nls",
"C:\\Users\\",
"C:\\Users\\cuck\\",
"C:\\Users\\cuck\\AppData\\Local\\Temp\\",
"C:\\Windows\\System32\\en-US\\KERNELBASE.dll.mui",
"C:\\Users\\cuck\\AppData\\Local\\",
"C:\\Users\\cuck\\AppData\\",
"C:\\DosDevices\\pipe\\"
],
"regkey_read": [
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\\RelativePath",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\\StreamResourceType",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\\Description",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{6D809377-6AF0-444B-8957-A3773F02200E}\\LocalRedirectOnly",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\\StreamResourceType",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\\Category",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\\PublishExpandedPath",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\\StreamResource",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\\ParsingName",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\\Stream",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{6D809377-6AF0-444B-8957-A3773F02200E}\\RelativePath",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\\StreamResource",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{6D809377-6AF0-444B-8957-A3773F02200E}\\Attributes",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\\Name",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\\ParentFolder",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\\LocalizedName",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{6D809377-6AF0-444B-8957-A3773F02200E}\\FolderTypeID",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\\ParentFolder",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\\Description",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{6D809377-6AF0-444B-8957-A3773F02200E}\\ParentFolder",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\\PreCreate",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\\ParentFolder",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\\LocalRedirectOnly",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\\Security",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\\Description",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\\Roamable",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\\InfoTip",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\\PublishExpandedPath",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{6D809377-6AF0-444B-8957-A3773F02200E}\\Stream",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\\Name",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\\PublishExpandedPath",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\\Name",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\\StreamResource",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\\InfoTip",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\\Category",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\\Security",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\\FolderTypeID",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{6D809377-6AF0-444B-8957-A3773F02200E}\\Security",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\\Attributes",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\\Roamable",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\\FolderTypeID",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\\Icon",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{6D809377-6AF0-444B-8957-A3773F02200E}\\InitFolderHandler",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{6D809377-6AF0-444B-8957-A3773F02200E}\\ParsingName",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\\Stream",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\\Roamable",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{6D809377-6AF0-444B-8957-A3773F02200E}\\PreCreate",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\ProgramFilesDir",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\\Security",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\\ParsingName",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\\StreamResource",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\\Stream",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\\Description",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\\FolderTypeID",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{6D809377-6AF0-444B-8957-A3773F02200E}\\InfoTip",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{6D809377-6AF0-444B-8957-A3773F02200E}\\StreamResourceType",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\\RelativePath",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\\RelativePath",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\\Stream",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\\Icon",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\\FolderTypeID",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{6D809377-6AF0-444B-8957-A3773F02200E}\\Description",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{6D809377-6AF0-444B-8957-A3773F02200E}\\PublishExpandedPath",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{6D809377-6AF0-444B-8957-A3773F02200E}\\Category",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\\InitFolderHandler",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\\LocalizedName",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\\LocalizedName",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\\Attributes",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{6D809377-6AF0-444B-8957-A3773F02200E}\\Icon",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\\Attributes",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\\LocalRedirectOnly",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\\LocalRedirectOnly",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Nls\\ExtendedLocale\\en-US",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\\Name",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\\StreamResourceType",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\\Category",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\\Icon",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\\InitFolderHandler",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\\Roamable",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\\ParsingName",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\\RelativePath",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\\InitFolderHandler",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\\ParentFolder",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\\PublishExpandedPath",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\\PreCreate",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Nls\\CustomLocale\\en-US",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\\PreCreate",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\\Security",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\ProgramFilesDir (x86)",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\\Category",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\\ParsingName",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{6D809377-6AF0-444B-8957-A3773F02200E}\\LocalizedName",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\\StreamResourceType",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\\PreCreate",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\\InfoTip",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\\InfoTip",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{6D809377-6AF0-444B-8957-A3773F02200E}\\Name",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\\Attributes",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\\LocalRedirectOnly",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\\InitFolderHandler",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\\LocalizedName",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\\Icon",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{6D809377-6AF0-444B-8957-A3773F02200E}\\Roamable",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{6D809377-6AF0-444B-8957-A3773F02200E}\\StreamResource"
]
}Dropped
[
{
"yara": [],
"sha1": "3ae5fdd8f784a655a7cb5a012ac24d97723b7b27",
"name": "8c2f7c00b43e1d7f_displaylinkui.log",
"filepath": "C:\\Users\\cuck\\AppData\\Local\\Temp\\DisplayLinkUI.log",
"type": "ASCII text, with very long lines, with CRLF line terminators",
"sha256": "8c2f7c00b43e1d7fc854b055a3cf2809c0781283252f6dbe01bee56df81f8ded",
"urls": [],
"crc32": "C7C145CC",
"path": "\/home\/hpuser\/.cuckoo\/storage\/analyses\/1318\/files\/8c2f7c00b43e1d7f_displaylinkui.log",
"ssdeep": null,
"size": 138106,
"sha512": "f004852985ad585b6c6083b083bbfc10cd48389c30fb4fa769c18dd7ab8e416e6276e09cf6ac747032d68234269e05673676c0a6908bad39cc0945bc37171545",
"pids": [
2308
],
"md5": "f71a1180f4e32458ffeec4b2f03df227"
}
]Generic
[
{
"process_path": "C:\\Windows\\System32\\lsass.exe",
"process_name": "lsass.exe",
"pid": 476,
"summary": {},
"first_seen": 1564152785.4375,
"ppid": 376
},
{
"process_path": "C:\\Users\\cuck\\AppData\\Local\\Temp\\18d1c68de94170aa6a06739a1993c3776785a2690b1f9f347fe67ef45301afd3.bin",
"process_name": "18d1c68de94170aa6a06739a1993c3776785a2690b1f9f347fe67ef45301afd3.bin",
"pid": 2308,
"summary": {
"file_created": [
"C:\\Users\\cuck\\AppData\\Local\\Temp\\DisplayLinkUI.log"
],
"dll_loaded": [
"AddOnApi64.dll",
"kernel32",
"SHELL32.dll",
"kernel32.dll",
"wtsapi32.dll",
"dwmapi.dll",
"ole32.dll",
"C:\\Windows\\system32\\uxtheme.dll"
],
"file_failed": [
"C:\\Windows\\Temp\\DisplayLink\\"
],
"regkey_opened": [
"HKEY_CURRENT_USER\\Software",
"HKEY_LOCAL_MACHINE\\Software",
"HKEY_CURRENT_USER\\Software\\DisplayLink",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\DisplayLink"
],
"file_written": [
"C:\\Users\\cuck\\AppData\\Local\\Temp\\DisplayLinkUI.log"
],
"file_exists": [
"C:\\Users\\cuck\\AppData\\Local\\Temp\\18d1c68de94170aa6a06739a1993c3776785a2690b1f9f347fe67ef45301afd3.bin"
],
"mutex": [
"Local\\DisplayLinkUI_prevInstanceDetector"
],
"file_opened": [
"C:\\",
"C:\\Windows\\Globalization\\Sorting\\sortdefault.nls",
"C:\\Users\\",
"C:\\Users\\cuck\\",
"C:\\Users\\cuck\\AppData\\Local\\Temp\\",
"C:\\Windows\\System32\\en-US\\KERNELBASE.dll.mui",
"C:\\Users\\cuck\\AppData\\Local\\",
"C:\\Users\\cuck\\AppData\\",
"C:\\DosDevices\\pipe\\"
],
"regkey_read": [
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\\RelativePath",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\\StreamResourceType",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\\Description",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{6D809377-6AF0-444B-8957-A3773F02200E}\\LocalRedirectOnly",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\\StreamResourceType",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\\Category",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\\PublishExpandedPath",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\\StreamResource",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\\ParsingName",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\\Stream",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{6D809377-6AF0-444B-8957-A3773F02200E}\\RelativePath",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\\StreamResource",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{6D809377-6AF0-444B-8957-A3773F02200E}\\Attributes",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\\Name",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\\ParentFolder",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\\LocalizedName",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{6D809377-6AF0-444B-8957-A3773F02200E}\\FolderTypeID",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\\ParentFolder",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\\Description",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{6D809377-6AF0-444B-8957-A3773F02200E}\\ParentFolder",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\\PreCreate",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\\ParentFolder",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\\LocalRedirectOnly",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\\Security",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\\Description",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\\Roamable",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\\InfoTip",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\\PublishExpandedPath",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{6D809377-6AF0-444B-8957-A3773F02200E}\\Stream",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\\Name",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\\PublishExpandedPath",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\\Name",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\\StreamResource",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\\InfoTip",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\\Category",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\\Security",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\\FolderTypeID",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{6D809377-6AF0-444B-8957-A3773F02200E}\\Security",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\\Attributes",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\\Roamable",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\\FolderTypeID",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\\Icon",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{6D809377-6AF0-444B-8957-A3773F02200E}\\InitFolderHandler",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{6D809377-6AF0-444B-8957-A3773F02200E}\\ParsingName",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\\Stream",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\\Roamable",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{6D809377-6AF0-444B-8957-A3773F02200E}\\PreCreate",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\ProgramFilesDir",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\\Security",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\\ParsingName",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\\StreamResource",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\\Stream",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\\Description",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\\FolderTypeID",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{6D809377-6AF0-444B-8957-A3773F02200E}\\InfoTip",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{6D809377-6AF0-444B-8957-A3773F02200E}\\StreamResourceType",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\\RelativePath",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\\RelativePath",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\\Stream",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\\Icon",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\\FolderTypeID",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{6D809377-6AF0-444B-8957-A3773F02200E}\\Description",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{6D809377-6AF0-444B-8957-A3773F02200E}\\PublishExpandedPath",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{6D809377-6AF0-444B-8957-A3773F02200E}\\Category",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\\InitFolderHandler",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\\LocalizedName",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\\LocalizedName",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\\Attributes",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{6D809377-6AF0-444B-8957-A3773F02200E}\\Icon",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\\Attributes",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\\LocalRedirectOnly",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\\LocalRedirectOnly",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Nls\\ExtendedLocale\\en-US",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\\Name",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\\StreamResourceType",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\\Category",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\\Icon",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\\InitFolderHandler",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\\Roamable",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\\ParsingName",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\\RelativePath",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\\InitFolderHandler",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\\ParentFolder",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\\PublishExpandedPath",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\\PreCreate",
"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Nls\\CustomLocale\\en-US",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\\PreCreate",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\\Security",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\ProgramFilesDir (x86)",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\\Category",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\\ParsingName",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{6D809377-6AF0-444B-8957-A3773F02200E}\\LocalizedName",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\\StreamResourceType",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\\PreCreate",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\\InfoTip",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\\InfoTip",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{6D809377-6AF0-444B-8957-A3773F02200E}\\Name",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\\Attributes",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\\LocalRedirectOnly",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\\InitFolderHandler",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\\LocalizedName",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{D65231B0-B2F1-4857-A4CE-A8E7C6EA7D27}\\Icon",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{6D809377-6AF0-444B-8957-A3773F02200E}\\Roamable",
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FolderDescriptions\\{6D809377-6AF0-444B-8957-A3773F02200E}\\StreamResource"
]
},
"first_seen": 1564152785.6562,
"ppid": 2724
}
]Signatures
[
{
"markcount": 1,
"families": [],
"description": "Checks if process is being debugged by a debugger",
"severity": 1,
"marks": [
{
"call": {
"category": "system",
"status": 0,
"stacktrace": [],
"last_error": 1411,
"nt_status": -1073741772,
"api": "IsDebuggerPresent",
"return_value": 0,
"arguments": {},
"time": 1564152785.9213,
"tid": 2828,
"flags": {}
},
"pid": 2308,
"type": "call",
"cid": 335
}
],
"references": [],
"name": "checks_debugger"
},
{
"markcount": 1,
"families": [],
"description": "This executable has a PDB path",
"severity": 1,
"marks": [
{
"category": "pdb_path",
"ioc": "D:\\jenkins\\workspace\\SW_PROD_branches_R8.6_01-devel\\nivo\\bin\\x64\\DisplayLinkUI.pdb",
"type": "ioc",
"description": null
}
],
"references": [],
"name": "has_pdb"
},
{
"markcount": 1,
"families": [],
"description": "One or more processes crashed",
"severity": 1,
"marks": [
{
"call": {
"category": "__notification__",
"status": 1,
"stacktrace": [],
"raw": [
"stacktrace"
],
"api": "__exception__",
"return_value": 0,
"arguments": {
"stacktrace": "R\na\ni\ns\ne\nE\nx\nc\ne\np\nt\ni\no\nn\n+\n0\nx\n3\nd\n \nF\nr\ne\ne\nE\nn\nv\ni\nr\no\nn\nm\ne\nn\nt\nS\nt\nr\ni\nn\ng\ns\nW\n-\n0\nx\n3\n7\n3\n \nk\ne\nr\nn\ne\nl\nb\na\ns\ne\n+\n0\nx\na\n4\n9\nd\n \n@\n \n0\nx\n7\nf\ne\nf\nd\na\n1\na\n4\n9\nd\n\n\n1\n8\nd\n1\nc\n6\n8\nd\ne\n9\n4\n1\n7\n0\na\na\n6\na\n0\n6\n7\n3\n9\na\n1\n9\n9\n3\nc\n3\n7\n7\n6\n7\n8\n5\na\n2\n6\n9\n0\nb\n1\nf\n9\nf\n3\n4\n7\nf\ne\n6\n7\ne\nf\n4\n5\n3\n0\n1\na\nf\nd\n3\n+\n0\nx\nd\nf\ne\n3\nd\n \n@\n \n0\nx\n1\n3\nf\n8\n9\nf\ne\n3\nd\n\n\n1\n8\nd\n1\nc\n6\n8\nd\ne\n9\n4\n1\n7\n0\na\na\n6\na\n0\n6\n7\n3\n9\na\n1\n9\n9\n3\nc\n3\n7\n7\n6\n7\n8\n5\na\n2\n6\n9\n0\nb\n1\nf\n9\nf\n3\n4\n7\nf\ne\n6\n7\ne\nf\n4\n5\n3\n0\n1\na\nf\nd\n3\n+\n0\nx\n9\nf\n3\nc\n7\n \n@\n \n0\nx\n1\n3\nf\n8\n5\nf\n3\nc\n7\n\n\n1\n8\nd\n1\nc\n6\n8\nd\ne\n9\n4\n1\n7\n0\na\na\n6\na\n0\n6\n7\n3\n9\na\n1\n9\n9\n3\nc\n3\n7\n7\n6\n7\n8\n5\na\n2\n6\n9\n0\nb\n1\nf\n9\nf\n3\n4\n7\nf\ne\n6\n7\ne\nf\n4\n5\n3\n0\n1\na\nf\nd\n3\n+\n0\nx\n2\nd\na\nb\ne\n \n@\n \n0\nx\n1\n3\nf\n7\ne\nd\na\nb\ne\n\n\n1\n8\nd\n1\nc\n6\n8\nd\ne\n9\n4\n1\n7\n0\na\na\n6\na\n0\n6\n7\n3\n9\na\n1\n9\n9\n3\nc\n3\n7\n7\n6\n7\n8\n5\na\n2\n6\n9\n0\nb\n1\nf\n9\nf\n3\n4\n7\nf\ne\n6\n7\ne\nf\n4\n5\n3\n0\n1\na\nf\nd\n3\n+\n0\nx\n6\n0\na\nd\n \n@\n \n0\nx\n1\n3\nf\n7\nc\n6\n0\na\nd\n\n\n1\n8\nd\n1\nc\n6\n8\nd\ne\n9\n4\n1\n7\n0\na\na\n6\na\n0\n6\n7\n3\n9\na\n1\n9\n9\n3\nc\n3\n7\n7\n6\n7\n8\n5\na\n2\n6\n9\n0\nb\n1\nf\n9\nf\n3\n4\n7\nf\ne\n6\n7\ne\nf\n4\n5\n3\n0\n1\na\nf\nd\n3\n+\n0\nx\n5\n3\n0\nb\ne\n \n@\n \n0\nx\n1\n3\nf\n8\n1\n3\n0\nb\ne\n\n\n1\n8\nd\n1\nc\n6\n8\nd\ne\n9\n4\n1\n7\n0\na\na\n6\na\n0\n6\n7\n3\n9\na\n1\n9\n9\n3\nc\n3\n7\n7\n6\n7\n8\n5\na\n2\n6\n9\n0\nb\n1\nf\n9\nf\n3\n4\n7\nf\ne\n6\n7\ne\nf\n4\n5\n3\n0\n1\na\nf\nd\n3\n+\n0\nx\n5\n3\n0\n8\nf\n \n@\n \n0\nx\n1\n3\nf\n8\n1\n3\n0\n8\nf\n\n\nB\na\ns\ne\nT\nh\nr\ne\na\nd\nI\nn\ni\nt\nT\nh\nu\nn\nk\n+\n0\nx\nd\n \nC\nr\ne\na\nt\ne\nT\nh\nr\ne\na\nd\n-\n0\nx\n5\n3\n \nk\ne\nr\nn\ne\nl\n3\n2\n+\n0\nx\n1\n6\n5\n2\nd\n \n@\n \n0\nx\n7\n7\n7\na\n6\n5\n2\nd\n\n\nR\nt\nl\nU\ns\ne\nr\nT\nh\nr\ne\na\nd\nS\nt\na\nr\nt\n+\n0\nx\n2\n1\n \ns\nt\nr\nc\nh\nr\n-\n0\nx\n3\nd\nf\n \nn\nt\nd\nl\nl\n+\n0\nx\n2\nc\n5\n2\n1\n \n@\n \n0\nx\n7\n7\n9\nd\nc\n5\n2\n1",
"registers": {
"r14": 0,
"r9": 0,
"rcx": 37284208,
"rsi": 0,
"r10": 3221225781,
"rbx": 0,
"rdi": 0,
"r11": 37285824,
"r8": 0,
"rdx": 368,
"rbp": 0,
"r15": 0,
"r12": 0,
"rsp": 37288032,
"rax": 1979258663,
"r13": 0
},
"exception": {
"instruction_r": "48 81 c4 c8 00 00 00 c3 48 85 f6 74 08 83 3b 00",
"symbol": "RaiseException+0x3d FreeEnvironmentStringsW-0x373 kernelbase+0xa49d",
"instruction": "add rsp, 0xc8",
"module": "KERNELBASE.dll",
"exception_code": "0xc06d007e",
"offset": 42141,
"address": "0x7fefda1a49d"
}
},
"time": 1564152786.2503,
"tid": 2828,
"flags": {}
},
"pid": 2308,
"type": "call",
"cid": 802
}
],
"references": [],
"name": "raises_exception"
},
{
"markcount": 301,
"families": [],
"description": "Foreign language identified in PE resource",
"severity": 2,
"marks": [
{
"name": "RT_STRING",
"language": "LANG_CHINESE",
"offset": "0x001f9d10",
"filetype": "data",
"sublanguage": "*unknown*",
"type": "generic",
"size": "0x000008c4"
},
{
"name": "RT_STRING",
"language": "LANG_CHINESE",
"offset": "0x001f9d10",
"filetype": "data",
"sublanguage": "*unknown*",
"type": "generic",
"size": "0x000008c4"
},
{
"name": "RT_STRING",
"language": "LANG_CHINESE",
"offset": "0x001f9d10",
"filetype": "data",
"sublanguage": "*unknown*",
"type": "generic",
"size": "0x000008c4"
},
{
"name": "RT_STRING",
"language": "LANG_CHINESE",
"offset": "0x001f9d10",
"filetype": "data",
"sublanguage": "*unknown*",
"type": "generic",
"size": "0x000008c4"
},
{
"name": "RT_STRING",
"language": "LANG_CHINESE",
"offset": "0x001f9d10",
"filetype": "data",
"sublanguage": "*unknown*",
"type": "generic",
"size": "0x000008c4"
},
{
"name": "RT_STRING",
"language": "LANG_CHINESE",
"offset": "0x001f9d10",
"filetype": "data",
"sublanguage": "*unknown*",
"type": "generic",
"size": "0x000008c4"
},
{
"name": "RT_STRING",
"language": "LANG_CHINESE",
"offset": "0x001f9d10",
"filetype": "data",
"sublanguage": "*unknown*",
"type": "generic",
"size": "0x000008c4"
},
{
"name": "RT_STRING",
"language": "LANG_CHINESE",
"offset": "0x001f9d10",
"filetype": "data",
"sublanguage": "*unknown*",
"type": "generic",
"size": "0x000008c4"
},
{
"name": "RT_STRING",
"language": "LANG_CHINESE",
"offset": "0x001f9d10",
"filetype": "data",
"sublanguage": "*unknown*",
"type": "generic",
"size": "0x000008c4"
},
{
"name": "RT_STRING",
"language": "LANG_CHINESE",
"offset": "0x001f9d10",
"filetype": "data",
"sublanguage": "*unknown*",
"type": "generic",
"size": "0x000008c4"
},
{
"name": "RT_STRING",
"language": "LANG_CHINESE",
"offset": "0x001f9d10",
"filetype": "data",
"sublanguage": "*unknown*",
"type": "generic",
"size": "0x000008c4"
},
{
"name": "RT_STRING",
"language": "LANG_CHINESE",
"offset": "0x001f9d10",
"filetype": "data",
"sublanguage": "*unknown*",
"type": "generic",
"size": "0x000008c4"
},
{
"name": "RT_STRING",
"language": "LANG_CHINESE",
"offset": "0x001f9d10",
"filetype": "data",
"sublanguage": "*unknown*",
"type": "generic",
"size": "0x000008c4"
},
{
"name": "RT_STRING",
"language": "LANG_CHINESE",
"offset": "0x001f9d10",
"filetype": "data",
"sublanguage": "*unknown*",
"type": "generic",
"size": "0x000008c4"
},
{
"name": "RT_STRING",
"language": "LANG_CHINESE",
"offset": "0x001f9d10",
"filetype": "data",
"sublanguage": "*unknown*",
"type": "generic",
"size": "0x000008c4"
},
{
"name": "RT_STRING",
"language": "LANG_CHINESE",
"offset": "0x001f9d10",
"filetype": "data",
"sublanguage": "*unknown*",
"type": "generic",
"size": "0x000008c4"
},
{
"name": "RT_STRING",
"language": "LANG_CHINESE",
"offset": "0x001f9d10",
"filetype": "data",
"sublanguage": "*unknown*",
"type": "generic",
"size": "0x000008c4"
},
{
"name": "RT_STRING",
"language": "LANG_CHINESE",
"offset": "0x001f9d10",
"filetype": "data",
"sublanguage": "*unknown*",
"type": "generic",
"size": "0x000008c4"
},
{
"name": "RT_STRING",
"language": "LANG_CHINESE",
"offset": "0x001f9d10",
"filetype": "data",
"sublanguage": "*unknown*",
"type": "generic",
"size": "0x000008c4"
},
{
"name": "RT_STRING",
"language": "LANG_CHINESE",
"offset": "0x001f9d10",
"filetype": "data",
"sublanguage": "*unknown*",
"type": "generic",
"size": "0x000008c4"
},
{
"name": "RT_STRING",
"language": "LANG_CHINESE",
"offset": "0x001f9d10",
"filetype": "data",
"sublanguage": "*unknown*",
"type": "generic",
"size": "0x000008c4"
},
{
"name": "RT_STRING",
"language": "LANG_CHINESE",
"offset": "0x001f9d10",
"filetype": "data",
"sublanguage": "*unknown*",
"type": "generic",
"size": "0x000008c4"
},
{
"name": "RT_STRING",
"language": "LANG_CHINESE",
"offset": "0x001f9d10",
"filetype": "data",
"sublanguage": "*unknown*",
"type": "generic",
"size": "0x000008c4"
},
{
"name": "RT_STRING",
"language": "LANG_CHINESE",
"offset": "0x001f9d10",
"filetype": "data",
"sublanguage": "*unknown*",
"type": "generic",
"size": "0x000008c4"
},
{
"name": "RT_STRING",
"language": "LANG_CHINESE",
"offset": "0x001f9d10",
"filetype": "data",
"sublanguage": "*unknown*",
"type": "generic",
"size": "0x000008c4"
},
{
"name": "RT_STRING",
"language": "LANG_CHINESE",
"offset": "0x001f9d10",
"filetype": "data",
"sublanguage": "*unknown*",
"type": "generic",
"size": "0x000008c4"
},
{
"name": "RT_STRING",
"language": "LANG_CHINESE",
"offset": "0x001f9d10",
"filetype": "data",
"sublanguage": "*unknown*",
"type": "generic",
"size": "0x000008c4"
},
{
"name": "RT_STRING",
"language": "LANG_CHINESE",
"offset": "0x001f9d10",
"filetype": "data",
"sublanguage": "*unknown*",
"type": "generic",
"size": "0x000008c4"
},
{
"name": "RT_STRING",
"language": "LANG_CHINESE",
"offset": "0x001f9d10",
"filetype": "data",
"sublanguage": "*unknown*",
"type": "generic",
"size": "0x000008c4"
},
{
"name": "RT_STRING",
"language": "LANG_CHINESE",
"offset": "0x001f9d10",
"filetype": "data",
"sublanguage": "*unknown*",
"type": "generic",
"size": "0x000008c4"
},
{
"name": "RT_STRING",
"language": "LANG_CHINESE",
"offset": "0x001f9d10",
"filetype": "data",
"sublanguage": "*unknown*",
"type": "generic",
"size": "0x000008c4"
},
{
"name": "RT_STRING",
"language": "LANG_CHINESE",
"offset": "0x001f9d10",
"filetype": "data",
"sublanguage": "*unknown*",
"type": "generic",
"size": "0x000008c4"
},
{
"name": "RT_STRING",
"language": "LANG_CHINESE",
"offset": "0x001f9d10",
"filetype": "data",
"sublanguage": "*unknown*",
"type": "generic",
"size": "0x000008c4"
},
{
"name": "RT_STRING",
"language": "LANG_CHINESE",
"offset": "0x001f9d10",
"filetype": "data",
"sublanguage": "*unknown*",
"type": "generic",
"size": "0x000008c4"
},
{
"name": "RT_STRING",
"language": "LANG_CHINESE",
"offset": "0x001f9d10",
"filetype": "data",
"sublanguage": "*unknown*",
"type": "generic",
"size": "0x000008c4"
},
{
"name": "RT_STRING",
"language": "LANG_CHINESE",
"offset": "0x001f9d10",
"filetype": "data",
"sublanguage": "*unknown*",
"type": "generic",
"size": "0x000008c4"
},
{
"name": "RT_STRING",
"language": "LANG_CHINESE",
"offset": "0x001f9d10",
"filetype": "data",
"sublanguage": "*unknown*",
"type": "generic",
"size": "0x000008c4"
},
{
"name": "RT_STRING",
"language": "LANG_CHINESE",
"offset": "0x001f9d10",
"filetype": "data",
"sublanguage": "*unknown*",
"type": "generic",
"size": "0x000008c4"
},
{
"name": "RT_STRING",
"language": "LANG_CHINESE",
"offset": "0x001f9d10",
"filetype": "data",
"sublanguage": "*unknown*",
"type": "generic",
"size": "0x000008c4"
},
{
"name": "RT_STRING",
"language": "LANG_CHINESE",
"offset": "0x001f9d10",
"filetype": "data",
"sublanguage": "*unknown*",
"type": "generic",
"size": "0x000008c4"
},
{
"name": "RT_STRING",
"language": "LANG_CHINESE",
"offset": "0x001f9d10",
"filetype": "data",
"sublanguage": "*unknown*",
"type": "generic",
"size": "0x000008c4"
},
{
"name": "RT_STRING",
"language": "LANG_CHINESE",
"offset": "0x001f9d10",
"filetype": "data",
"sublanguage": "*unknown*",
"type": "generic",
"size": "0x000008c4"
},
{
"name": "RT_STRING",
"language": "LANG_CHINESE",
"offset": "0x001f9d10",
"filetype": "data",
"sublanguage": "*unknown*",
"type": "generic",
"size": "0x000008c4"
},
{
"name": "RT_STRING",
"language": "LANG_CHINESE",
"offset": "0x001f9d10",
"filetype": "data",
"sublanguage": "*unknown*",
"type": "generic",
"size": "0x000008c4"
},
{
"name": "RT_STRING",
"language": "LANG_CHINESE",
"offset": "0x001f9d10",
"filetype": "data",
"sublanguage": "*unknown*",
"type": "generic",
"size": "0x000008c4"
},
{
"name": "RT_STRING",
"language": "LANG_CHINESE",
"offset": "0x001f9d10",
"filetype": "data",
"sublanguage": "*unknown*",
"type": "generic",
"size": "0x000008c4"
},
{
"name": "RT_STRING",
"language": "LANG_CHINESE",
"offset": "0x001f9d10",
"filetype": "data",
"sublanguage": "*unknown*",
"type": "generic",
"size": "0x000008c4"
},
{
"name": "RT_STRING",
"language": "LANG_CHINESE",
"offset": "0x001f9d10",
"filetype": "data",
"sublanguage": "*unknown*",
"type": "generic",
"size": "0x000008c4"
},
{
"name": "RT_STRING",
"language": "LANG_CHINESE",
"offset": "0x001f9d10",
"filetype": "data",
"sublanguage": "*unknown*",
"type": "generic",
"size": "0x000008c4"
},
{
"name": "RT_STRING",
"language": "LANG_CHINESE",
"offset": "0x001f9d10",
"filetype": "data",
"sublanguage": "*unknown*",
"type": "generic",
"size": "0x000008c4"
}
],
"references": [],
"name": "origin_langid"
}
]Yara
The Yara rules did not detect anything in the file.
Network
{
"tls": [],
"udp": [
{
"src": "192.168.56.101",
"dst": "192.168.56.255",
"offset": 546,
"time": 3.1955108642578,
"dport": 137,
"sport": 137
},
{
"src": "192.168.56.101",
"dst": "224.0.0.252",
"offset": 5326,
"time": 3.0952060222626,
"dport": 5355,
"sport": 51001
},
{
"src": "192.168.56.101",
"dst": "224.0.0.252",
"offset": 5654,
"time": 1.0269720554352,
"dport": 5355,
"sport": 53595
},
{
"src": "192.168.56.101",
"dst": "224.0.0.252",
"offset": 5982,
"time": 3.1516990661621,
"dport": 5355,
"sport": 53848
},
{
"src": "192.168.56.101",
"dst": "224.0.0.252",
"offset": 6310,
"time": 1.6441478729248,
"dport": 5355,
"sport": 54255
},
{
"src": "192.168.56.101",
"dst": "224.0.0.252",
"offset": 6638,
"time": -0.090140104293823,
"dport": 5355,
"sport": 55314
},
{
"src": "192.168.56.101",
"dst": "239.255.255.250",
"offset": 6966,
"time": 1.5798199176788,
"dport": 1900,
"sport": 1900
},
{
"src": "192.168.56.101",
"dst": "239.255.255.250",
"offset": 17912,
"time": 1.0472228527069,
"dport": 3702,
"sport": 49152
},
{
"src": "192.168.56.101",
"dst": "239.255.255.250",
"offset": 26296,
"time": 3.1546950340271,
"dport": 1900,
"sport": 53598
}
],
"dns_servers": [],
"http": [],
"icmp": [],
"smtp": [],
"tcp": [],
"smtp_ex": [],
"mitm": [],
"hosts": [],
"pcap_sha256": "41de68e4c1eb5b90629764affff05512188a723233d74a4976fba97e160cd601",
"dns": [],
"http_ex": [],
"domains": [],
"dead_hosts": [],
"sorted_pcap_sha256": "424304530fccfb183d7834e129f5f5ea244ba5cd06ea2f137a4dcc4ac93e0249",
"irc": [],
"https_ex": []
}Screenshots
Other files also named DisplayLinkUI.exe
DisplayLinkUI.exe (9 votes)
Hashes [?]
| Property | Value |
|---|---|
| MD5 | c4abe8fea5ba8e4349cd2f58cb8c0252 |
| SHA256 | 18d1c68de94170aa6a06739a1993c3776785a2690b1f9f347fe67ef45301afd3 |
Error Messages
These are some of the error messages that can appear related to displaylinkui.exe:
displaylinkui.exe has encountered a problem and needs to close. We are sorry for the inconvenience.
displaylinkui.exe - Application Error. The instruction at "0xXXXXXXXX" referenced memory at "0xXXXXXXXX". The memory could not be "read/written". Click on OK to terminate the program.
DisplayLinkUI Sys-Tray Application has stopped working.
End Program - displaylinkui.exe. This program is not responding.
displaylinkui.exe is not a valid Win32 application.
displaylinkui.exe - Application Error. The application failed to initialize properly (0xXXXXXXXX). Click OK to terminate the application.
What will you do with the file?
To help other users, please let us know what you will do with the file:
Malware or legitimate?
If you feel that you need more information to determine if your should keep this file or remove it, please read this guide.
And now some shameless self promotion ;)
Hi, my name is Roger Karlsson. I've been running this website since 2006. I want to let you know about the FreeFixer program. FreeFixer is a freeware tool that analyzes your system and let you manually identify unwanted programs. Once you've identified some malware files, FreeFixer is pretty good at removing them. You can download FreeFixer here. It runs on Windows 2000/XP/2003/2008/2016/2019/Vista/7/8/8.1/10. Supports both 32- and 64-bit Windows.
If you have questions, feedback on FreeFixer or the freefixer.com website, need help analyzing FreeFixer's scan result or just want to say hello, please contact me. You can find my email address at the contact page.
Comments
Please share with the other users what you think about this file. What does this file do? Is it legitimate or something that your computer is better without? Do you know how it was installed on your system? Did you install it yourself or did it come bundled with some other software? Is it running smoothly or do you get some error message? Any information that will help to document this file is welcome. Thank you for your contributions.
I'm reading all new comments so don't hesitate to post a question about the file. If I don't have the answer perhaps another user can help you.
No comments posted yet.