Filename
|
Hash
|
Operations
|
Category
|
C:\Boot\BCD
|
-
|
Access, Delete
|
|
C:\Boot\BCD.LOG1
|
MD5:
0e110c6b172693ee4c08ba7392341824
SHA1:
131df283402a9ceeb097db4a67d38f7cc25ae648
SHA256:
c8a9e1562df49d431b6099d6e6e446db883fe7084586713b17e95291b77e9bf5
SSDeep:
6:a6ODwinOs4Gm9zBFvzg5T/itH+dxVBGPMp6yb3DZB42jMFO319n:m6s4Gm5OTqCFGPGNbzZi49
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\Boot\BCD.LOG1.nemty
|
MD5:
0e110c6b172693ee4c08ba7392341824
SHA1:
131df283402a9ceeb097db4a67d38f7cc25ae648
SHA256:
c8a9e1562df49d431b6099d6e6e446db883fe7084586713b17e95291b77e9bf5
SSDeep:
6:a6ODwinOs4Gm9zBFvzg5T/itH+dxVBGPMp6yb3DZB42jMFO319n:m6s4Gm5OTqCFGPGNbzZi49
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\Boot\BCD.LOG2
|
MD5:
7e22c14b1a98b3bb9461bbe49acdb4bf
SHA1:
ead616037e700ba2eb04f1cafbd6cfbb33d072ec
SHA256:
ac7334a1650bccb13797be08bafb01760da3ea0e4f18f4ae3022f615fe90e6e6
SSDeep:
6:eBagGRtwL8Z3zUSQVAo3S11iqjTkEKPmJp/WIYmzUJPyIhJ7zE5G7ud7D9Jih8kE:ecgGLwiAS/vossOJpejOIhZY51d7XiqD
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\Boot\BCD.LOG2.nemty
|
MD5:
7e22c14b1a98b3bb9461bbe49acdb4bf
SHA1:
ead616037e700ba2eb04f1cafbd6cfbb33d072ec
SHA256:
ac7334a1650bccb13797be08bafb01760da3ea0e4f18f4ae3022f615fe90e6e6
SSDeep:
6:eBagGRtwL8Z3zUSQVAo3S11iqjTkEKPmJp/WIYmzUJPyIhJ7zE5G7ud7D9Jih8kE:ecgGLwiAS/vossOJpejOIhZY51d7XiqD
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\Boot\BCD.nemty
|
-
|
Access, Create
|
|
C:\Boot\BOOTSTAT.DAT
|
MD5:
4eeb47d156eb169616303826e8105472
SHA1:
77d2f895614641a5f2814482ef8f43a2555481b5
SHA256:
96c68838c43021d49784d50e0aa924f940262e1ea1e3476a748fc3623c8fd96d
SSDeep:
24:MS8I3clhMUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU3:TDsjC4QSv2K190
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\Boot\BOOTSTAT.DAT.nemty
|
MD5:
4eeb47d156eb169616303826e8105472
SHA1:
77d2f895614641a5f2814482ef8f43a2555481b5
SHA256:
96c68838c43021d49784d50e0aa924f940262e1ea1e3476a748fc3623c8fd96d
SSDeep:
24:MS8I3clhMUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU3:TDsjC4QSv2K190
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\Boot\cs-CZ\bootmgr.exe.mui
|
-
|
Access, Delete
|
|
C:\Boot\cs-CZ\bootmgr.exe.mui.nemty
|
-
|
Access, Create
|
|
C:\Boot\cs-CZ\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Boot\da-DK\bootmgr.exe.mui
|
-
|
Access, Delete
|
|
C:\Boot\da-DK\bootmgr.exe.mui.nemty
|
-
|
Access, Create
|
|
C:\Boot\da-DK\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Boot\de-DE\bootmgr.exe.mui
|
-
|
Access, Delete
|
|
C:\Boot\de-DE\bootmgr.exe.mui.nemty
|
-
|
Access, Create
|
|
C:\Boot\de-DE\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Boot\el-GR\bootmgr.exe.mui
|
-
|
Access, Delete
|
|
C:\Boot\el-GR\bootmgr.exe.mui.nemty
|
-
|
Access, Create
|
|
C:\Boot\el-GR\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Boot\en-US\bootmgr.exe.mui
|
-
|
Access, Delete
|
|
C:\Boot\en-US\bootmgr.exe.mui.nemty
|
-
|
Access, Create
|
|
C:\Boot\en-US\memtest.exe.mui
|
-
|
Access, Delete
|
|
C:\Boot\en-US\memtest.exe.mui.nemty
|
-
|
Access, Create
|
|
C:\Boot\en-US\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Boot\es-ES\bootmgr.exe.mui
|
-
|
Access, Delete
|
|
C:\Boot\es-ES\bootmgr.exe.mui.nemty
|
-
|
Access, Create
|
|
C:\Boot\es-ES\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Boot\fi-FI\bootmgr.exe.mui
|
-
|
Access, Delete
|
|
C:\Boot\fi-FI\bootmgr.exe.mui.nemty
|
-
|
Access, Create
|
|
C:\Boot\fi-FI\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Boot\Fonts\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Boot\fr-FR\bootmgr.exe.mui
|
-
|
Access, Delete
|
|
C:\Boot\fr-FR\bootmgr.exe.mui.nemty
|
-
|
Access, Create
|
|
C:\Boot\fr-FR\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Boot\hu-HU\bootmgr.exe.mui
|
-
|
Access, Delete
|
|
C:\Boot\hu-HU\bootmgr.exe.mui.nemty
|
-
|
Access, Create
|
|
C:\Boot\hu-HU\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Boot\it-IT\bootmgr.exe.mui
|
-
|
Access, Delete
|
|
C:\Boot\it-IT\bootmgr.exe.mui.nemty
|
-
|
Access, Create
|
|
C:\Boot\it-IT\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Boot\ja-JP\bootmgr.exe.mui
|
-
|
Access, Delete
|
|
C:\Boot\ja-JP\bootmgr.exe.mui.nemty
|
-
|
Access, Create
|
|
C:\Boot\ja-JP\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Boot\ko-KR\bootmgr.exe.mui
|
-
|
Access, Delete
|
|
C:\Boot\ko-KR\bootmgr.exe.mui.nemty
|
-
|
Access, Create
|
|
C:\Boot\ko-KR\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Boot\nb-NO\bootmgr.exe.mui
|
-
|
Access, Delete
|
|
C:\Boot\nb-NO\bootmgr.exe.mui.nemty
|
-
|
Access, Create
|
|
C:\Boot\nb-NO\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Boot\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Boot\nl-NL\bootmgr.exe.mui
|
-
|
Access, Delete
|
|
C:\Boot\nl-NL\bootmgr.exe.mui.nemty
|
-
|
Access, Create
|
|
C:\Boot\nl-NL\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Boot\pl-PL\bootmgr.exe.mui
|
-
|
Access, Delete
|
|
C:\Boot\pl-PL\bootmgr.exe.mui.nemty
|
-
|
Access, Create
|
|
C:\Boot\pl-PL\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Boot\pt-BR\bootmgr.exe.mui
|
-
|
Access, Delete
|
|
C:\Boot\pt-BR\bootmgr.exe.mui.nemty
|
-
|
Access, Create
|
|
C:\Boot\pt-BR\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Boot\pt-PT\bootmgr.exe.mui
|
-
|
Access, Delete
|
|
C:\Boot\pt-PT\bootmgr.exe.mui.nemty
|
-
|
Access, Create
|
|
C:\Boot\pt-PT\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Boot\ru-RU\bootmgr.exe.mui
|
-
|
Access, Delete
|
|
C:\Boot\ru-RU\bootmgr.exe.mui.nemty
|
-
|
Access, Create
|
|
C:\Boot\ru-RU\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Boot\sv-SE\bootmgr.exe.mui
|
-
|
Access, Delete
|
|
C:\Boot\sv-SE\bootmgr.exe.mui.nemty
|
-
|
Access, Create
|
|
C:\Boot\sv-SE\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Boot\tr-TR\bootmgr.exe.mui
|
-
|
Access, Delete
|
|
C:\Boot\tr-TR\bootmgr.exe.mui.nemty
|
-
|
Access, Create
|
|
C:\Boot\tr-TR\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Boot\zh-CN\bootmgr.exe.mui
|
-
|
Access, Delete
|
|
C:\Boot\zh-CN\bootmgr.exe.mui.nemty
|
-
|
Access, Create
|
|
C:\Boot\zh-CN\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Boot\zh-HK\bootmgr.exe.mui
|
-
|
Access, Delete
|
|
C:\Boot\zh-HK\bootmgr.exe.mui.nemty
|
-
|
Access, Create
|
|
C:\Boot\zh-HK\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Boot\zh-TW\bootmgr.exe.mui
|
-
|
Access, Delete
|
|
C:\Boot\zh-TW\bootmgr.exe.mui.nemty
|
-
|
Access, Create
|
|
C:\Boot\zh-TW\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Config.Msi\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Documents and Settings\NEMTY-DECRYPT.txt
|
-
|
Access, Write, Create
|
|
C:\hiberfil.sys
|
-
|
Access, Delete
|
|
C:\hiberfil.sys.nemty
|
-
|
Access, Create
|
|
C:\MSOCache\All Users\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\MSOCache\All Users\{90140000-0016-0409-1000-0000000FF1CE}-C\ExcelMUI.msi
|
MD5:
8b1b9bbb512ca7390b0bd8c2c9f615d0
SHA1:
8437c40816c3fe4900049e63ae5e02c8ba3815b3
SHA256:
6a8d0f41f7129b8f7ff284ed61f5ea5d38b0b7e7edca90d9e2e149a75650e34c
SSDeep:
49152:0BKsG5kM4rT8N8w0gFdfQSKFZFH7YzcgAMJ8DdYaxaDjiJTGHbtKX6L:Cfok9T8N8w0CJukcG8xaDjiJTacXI
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\MSOCache\All Users\{90140000-0016-0409-1000-0000000FF1CE}-C\ExcelMUI.msi.nemty
|
MD5:
8b1b9bbb512ca7390b0bd8c2c9f615d0
SHA1:
8437c40816c3fe4900049e63ae5e02c8ba3815b3
SHA256:
6a8d0f41f7129b8f7ff284ed61f5ea5d38b0b7e7edca90d9e2e149a75650e34c
SSDeep:
49152:0BKsG5kM4rT8N8w0gFdfQSKFZFH7YzcgAMJ8DdYaxaDjiJTGHbtKX6L:Cfok9T8N8w0CJukcG8xaDjiJTacXI
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\MSOCache\All Users\{90140000-0016-0409-1000-0000000FF1CE}-C\ExcelMUI.xml
|
MD5:
a02e966e8aa0960489a6aaaf3a161564
SHA1:
431208b923effd8df290a1209e4b2b59fc7e27fe
SHA256:
696e51ba835f89ba9ad494dfe20723effb732bd8e48641b119a7edbfba593bb8
SSDeep:
24:oAQ0o1c1pNm+Vug905HKicyTTEdTTN8MN8zPayUGC9WzakZWR9is7LCkLsr3Ox8p:oAQELN1VcBKETCNoaxW+19f9LsjW8p
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\MSOCache\All Users\{90140000-0016-0409-1000-0000000FF1CE}-C\ExcelMUI.xml.nemty
|
MD5:
a02e966e8aa0960489a6aaaf3a161564
SHA1:
431208b923effd8df290a1209e4b2b59fc7e27fe
SHA256:
696e51ba835f89ba9ad494dfe20723effb732bd8e48641b119a7edbfba593bb8
SSDeep:
24:oAQ0o1c1pNm+Vug905HKicyTTEdTTN8MN8zPayUGC9WzakZWR9is7LCkLsr3Ox8p:oAQELN1VcBKETCNoaxW+19f9LsjW8p
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\MSOCache\All Users\{90140000-0016-0409-1000-0000000FF1CE}-C\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\MSOCache\All Users\{90140000-0016-0409-1000-0000000FF1CE}-C\Setup.xml
|
MD5:
3f66b6b18c0a3f5c227dbe931e926f64
SHA1:
8a7e685a646888787a51d8ebb41ab3e2e24d34e3
SHA256:
328fa721e6d47d2498b54d00fae576cc19881cfc8fe61fb437b4a9d10d939e81
SSDeep:
48:kRqZN/kEUyupjkcMxlBfeBfOa/pfymxLz8HaFfWEURnOHX6Yf8siwBhxo4Z4:sqZ+EUyuecMxr0VzxLzJFffHqYfLjo4C
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\MSOCache\All Users\{90140000-0016-0409-1000-0000000FF1CE}-C\Setup.xml.nemty
|
MD5:
3f66b6b18c0a3f5c227dbe931e926f64
SHA1:
8a7e685a646888787a51d8ebb41ab3e2e24d34e3
SHA256:
328fa721e6d47d2498b54d00fae576cc19881cfc8fe61fb437b4a9d10d939e81
SSDeep:
48:kRqZN/kEUyupjkcMxlBfeBfOa/pfymxLz8HaFfWEURnOHX6Yf8siwBhxo4Z4:sqZ+EUyuecMxr0VzxLzJFffHqYfLjo4C
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\MSOCache\All Users\{90140000-0018-0409-1000-0000000FF1CE}-C\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\MSOCache\All Users\{90140000-0018-0409-1000-0000000FF1CE}-C\PowerPointMUI.msi
|
MD5:
7f05ca2813245b26a17bb0773c8edd95
SHA1:
b2cb36c6eabd7bdac062a39f8fb4748807b63402
SHA256:
844aec3c38a3d332393325d86c266fa634b7ee4d173ba764cb4427432d2115b5
SSDeep:
49152:oIlbTxsDl/y/+6tMl2ZtqZR11iFs8nZpiodUxE5madRrCqIxWIAKvdjWQCQcb:oIRmRGlHZk4B4dAK4
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\MSOCache\All Users\{90140000-0018-0409-1000-0000000FF1CE}-C\PowerPointMUI.msi.nemty
|
MD5:
7f05ca2813245b26a17bb0773c8edd95
SHA1:
b2cb36c6eabd7bdac062a39f8fb4748807b63402
SHA256:
844aec3c38a3d332393325d86c266fa634b7ee4d173ba764cb4427432d2115b5
SSDeep:
49152:oIlbTxsDl/y/+6tMl2ZtqZR11iFs8nZpiodUxE5madRrCqIxWIAKvdjWQCQcb:oIRmRGlHZk4B4dAK4
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\MSOCache\All Users\{90140000-0018-0409-1000-0000000FF1CE}-C\PowerPointMUI.xml
|
MD5:
2704873484afc43b5b5023b706d5128b
SHA1:
e1f938be9f04899efc5edaf5807bf5adf7a702e2
SHA256:
7e8dd2fd8a33c1590f357e426389d884bdec5ab42c01a40b8fdcf5c5cdc0b12f
SSDeep:
24:YFbWH2ChPUfef+ATc0arkK7E1vhms6OBawWnt7wsIKpQVB4BhVO/bY+T5WUtuzuG:YFaH2CZBGic0arIlss7gTtUmCFtu2UzT
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\MSOCache\All Users\{90140000-0018-0409-1000-0000000FF1CE}-C\PowerPointMUI.xml.nemty
|
MD5:
2704873484afc43b5b5023b706d5128b
SHA1:
e1f938be9f04899efc5edaf5807bf5adf7a702e2
SHA256:
7e8dd2fd8a33c1590f357e426389d884bdec5ab42c01a40b8fdcf5c5cdc0b12f
SSDeep:
24:YFbWH2ChPUfef+ATc0arkK7E1vhms6OBawWnt7wsIKpQVB4BhVO/bY+T5WUtuzuG:YFaH2CZBGic0arIlss7gTtUmCFtu2UzT
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\MSOCache\All Users\{90140000-0018-0409-1000-0000000FF1CE}-C\Setup.xml
|
MD5:
8d3b2bea33756996fd105886dfeefac5
SHA1:
829b83879f98509d4faabd8f2650921f00c42737
SHA256:
193935a58f2bdc296cf95da79fc8ae09342c54d9918c6595dd8798e60228a14f
SSDeep:
48:8kBk5nQXxFPnhXchxNMWHvaNygMOBFWrdq3NjELKkrThXz:qOFv1ESWHvIyADAIEGE
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\MSOCache\All Users\{90140000-0018-0409-1000-0000000FF1CE}-C\Setup.xml.nemty
|
MD5:
8d3b2bea33756996fd105886dfeefac5
SHA1:
829b83879f98509d4faabd8f2650921f00c42737
SHA256:
193935a58f2bdc296cf95da79fc8ae09342c54d9918c6595dd8798e60228a14f
SSDeep:
48:8kBk5nQXxFPnhXchxNMWHvaNygMOBFWrdq3NjELKkrThXz:qOFv1ESWHvIyADAIEGE
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\MSOCache\All Users\{90140000-0019-0409-1000-0000000FF1CE}-C\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\MSOCache\All Users\{90140000-0019-0409-1000-0000000FF1CE}-C\PublisherMUI.msi
|
MD5:
9e9bed9582566d9ef5916f8654e80df7
SHA1:
916eda5afeeaeefbcd863cda0c0c0fd79d6c9c2d
SHA256:
404b21f6ed3ae8d6885cc9cf9a500b76e857cd2eb52f5e94dff06cf45989ca4e
SSDeep:
49152:RWpPkoMAhF0AzbLzQWul2mEzYr64r5ntXi3vH15AsTmVonX:O8RAhyizQWnmEzpGzwf1jTm2
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\MSOCache\All Users\{90140000-0019-0409-1000-0000000FF1CE}-C\PublisherMUI.msi.nemty
|
MD5:
9e9bed9582566d9ef5916f8654e80df7
SHA1:
916eda5afeeaeefbcd863cda0c0c0fd79d6c9c2d
SHA256:
404b21f6ed3ae8d6885cc9cf9a500b76e857cd2eb52f5e94dff06cf45989ca4e
SSDeep:
49152:RWpPkoMAhF0AzbLzQWul2mEzYr64r5ntXi3vH15AsTmVonX:O8RAhyizQWnmEzpGzwf1jTm2
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\MSOCache\All Users\{90140000-0019-0409-1000-0000000FF1CE}-C\PublisherMUI.xml
|
MD5:
98bf45fe5c9c1c694b47ec667b91cf28
SHA1:
b83b2d4c541e3292a2a024f0cd18dc1f0d4435f9
SHA256:
32b845627b0bcfcb52faf28e046100bfb789ae1d32a13c2fdfa847b5ba9999ee
SSDeep:
48:QDqBhg2smGln+wtHsmpvBTNiiMEGCUN9svJmdJ8Dbn:QDqBYtk7QpZZGw8dmH
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\MSOCache\All Users\{90140000-0019-0409-1000-0000000FF1CE}-C\PublisherMUI.xml.nemty
|
MD5:
98bf45fe5c9c1c694b47ec667b91cf28
SHA1:
b83b2d4c541e3292a2a024f0cd18dc1f0d4435f9
SHA256:
32b845627b0bcfcb52faf28e046100bfb789ae1d32a13c2fdfa847b5ba9999ee
SSDeep:
48:QDqBhg2smGln+wtHsmpvBTNiiMEGCUN9svJmdJ8Dbn:QDqBYtk7QpZZGw8dmH
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\MSOCache\All Users\{90140000-0019-0409-1000-0000000FF1CE}-C\Setup.xml
|
MD5:
d251d56f1059b66b155aace25ca87b74
SHA1:
65d3fde47407a3473f2aa15b0d06e6782872a382
SHA256:
d4fcd8a62fe8edfee1c6d80a46b854f626fc67c7e95356d12c16e41e5f55cb2a
SSDeep:
48:jmny+Jecq+rq3qqnlRA7+uhdoEkN2AQTCjOqxo0vTEKgtB0Ou:jmVACrq6H+urNzA5l
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\MSOCache\All Users\{90140000-0019-0409-1000-0000000FF1CE}-C\Setup.xml.nemty
|
MD5:
d251d56f1059b66b155aace25ca87b74
SHA1:
65d3fde47407a3473f2aa15b0d06e6782872a382
SHA256:
d4fcd8a62fe8edfee1c6d80a46b854f626fc67c7e95356d12c16e41e5f55cb2a
SSDeep:
48:jmny+Jecq+rq3qqnlRA7+uhdoEkN2AQTCjOqxo0vTEKgtB0Ou:jmVACrq6H+urNzA5l
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\MSOCache\All Users\{90140000-001A-0409-1000-0000000FF1CE}-C\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\MSOCache\All Users\{90140000-001A-0409-1000-0000000FF1CE}-C\OutlookMUI.msi
|
MD5:
d392b02345b84120f56dca2e9546fd08
SHA1:
36e78d4ea93b837ef9fe1472f30d7c92133e873f
SHA256:
6ff424e998a9a3853bbb288d78e169e51af3352dc28c3059557b7f250ab40509
SSDeep:
49152:ddcb8cYspItpCQDQg9kkv4ckpfCjp+Q0G7M3i:rA8pspItpFDQ0jhk8j09G7M3i
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\MSOCache\All Users\{90140000-001A-0409-1000-0000000FF1CE}-C\OutlookMUI.msi.nemty
|
MD5:
d392b02345b84120f56dca2e9546fd08
SHA1:
36e78d4ea93b837ef9fe1472f30d7c92133e873f
SHA256:
6ff424e998a9a3853bbb288d78e169e51af3352dc28c3059557b7f250ab40509
SSDeep:
49152:ddcb8cYspItpCQDQg9kkv4ckpfCjp+Q0G7M3i:rA8pspItpFDQ0jhk8j09G7M3i
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\MSOCache\All Users\{90140000-001A-0409-1000-0000000FF1CE}-C\OutlookMUI.xml
|
MD5:
852e92082b522032976732f93f2c021b
SHA1:
4b1da47e486f02f89c27f46eda94b8fa6feff71e
SHA256:
87cb2e731e7f854577f582a0f27f9ba26b5cbb4ccd55e1578f131effd1860af5
SSDeep:
96:c2c3wDUgH/V/T/5bdmVaXZE145kMx9l7Q4DYhXJkJ+0+3CzO:czKUgfBN8VEZuEkMenXJkk73z
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\MSOCache\All Users\{90140000-001A-0409-1000-0000000FF1CE}-C\OutlookMUI.xml.nemty
|
MD5:
852e92082b522032976732f93f2c021b
SHA1:
4b1da47e486f02f89c27f46eda94b8fa6feff71e
SHA256:
87cb2e731e7f854577f582a0f27f9ba26b5cbb4ccd55e1578f131effd1860af5
SSDeep:
96:c2c3wDUgH/V/T/5bdmVaXZE145kMx9l7Q4DYhXJkJ+0+3CzO:czKUgfBN8VEZuEkMenXJkk73z
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\MSOCache\All Users\{90140000-001A-0409-1000-0000000FF1CE}-C\Setup.xml
|
MD5:
68d56ecc0f05eaff77ecac3e171ec711
SHA1:
e0b2950a6c8139f1bbecd49f2f065e069e4364ad
SHA256:
3d78e7fa08d85863633a2d5c796d23bb8ff2e31f433b9c54a43b973249779ff8
SSDeep:
96:1C/uyit8eiNQ4mYaPewe05ZV7xWuisFWJHftgHA/AawidGLjtuGSBWd:HD+NQ41saAZpxt7C1YvtsWd
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\MSOCache\All Users\{90140000-001A-0409-1000-0000000FF1CE}-C\Setup.xml.nemty
|
MD5:
68d56ecc0f05eaff77ecac3e171ec711
SHA1:
e0b2950a6c8139f1bbecd49f2f065e069e4364ad
SHA256:
3d78e7fa08d85863633a2d5c796d23bb8ff2e31f433b9c54a43b973249779ff8
SSDeep:
96:1C/uyit8eiNQ4mYaPewe05ZV7xWuisFWJHftgHA/AawidGLjtuGSBWd:HD+NQ41saAZpxt7C1YvtsWd
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\MSOCache\All Users\{90140000-001B-0409-1000-0000000FF1CE}-C\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\MSOCache\All Users\{90140000-001B-0409-1000-0000000FF1CE}-C\Setup.xml
|
MD5:
57496f999bf915d7503fe441c5d99710
SHA1:
e873ae1816c8f4ff2597a412eff0c7d4ba2598c7
SHA256:
4d2b6e06aaa7a4c09bd09102d103260fcf326d0c67965968c900e35dcbd52fd6
SSDeep:
48:TsRm1OvByMMZx6Q1sOfVCJ/TuJc9lkeSuY5X2WCWpyuQKdJXaXWO6FDGOXnVS:4RM/6QjkJ/IcPkt/X2WCnYdJXaoHVS
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\MSOCache\All Users\{90140000-001B-0409-1000-0000000FF1CE}-C\Setup.xml.nemty
|
MD5:
57496f999bf915d7503fe441c5d99710
SHA1:
e873ae1816c8f4ff2597a412eff0c7d4ba2598c7
SHA256:
4d2b6e06aaa7a4c09bd09102d103260fcf326d0c67965968c900e35dcbd52fd6
SSDeep:
48:TsRm1OvByMMZx6Q1sOfVCJ/TuJc9lkeSuY5X2WCWpyuQKdJXaXWO6FDGOXnVS:4RM/6QjkJ/IcPkt/X2WCnYdJXaoHVS
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\MSOCache\All Users\{90140000-001B-0409-1000-0000000FF1CE}-C\WordMUI.msi
|
MD5:
66bdbe8d3bea6c5d6d6d95e244a38ad9
SHA1:
6745244e880a300d2f1798d431447847970f991f
SHA256:
167c661660b136fc8c36eb4347f790b88f5c0ed564456f8f19fba0bda45bce3c
SSDeep:
49152:EkKCfafLcYC77+nSP0hcbkRk3PNyx7qEuNYtEqfh:EkKRDuv0UHPNI+0aM
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\MSOCache\All Users\{90140000-001B-0409-1000-0000000FF1CE}-C\WordMUI.msi.nemty
|
MD5:
66bdbe8d3bea6c5d6d6d95e244a38ad9
SHA1:
6745244e880a300d2f1798d431447847970f991f
SHA256:
167c661660b136fc8c36eb4347f790b88f5c0ed564456f8f19fba0bda45bce3c
SSDeep:
49152:EkKCfafLcYC77+nSP0hcbkRk3PNyx7qEuNYtEqfh:EkKRDuv0UHPNI+0aM
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\MSOCache\All Users\{90140000-001B-0409-1000-0000000FF1CE}-C\WordMUI.xml
|
MD5:
b28a36cc7e5eaca42390fdbe546bad5b
SHA1:
178e4610dcc3efde92b4c66548dd66b64bd0c4e5
SHA256:
2fd2e1ae17dffbdefef4df78ff60b359d7d08258e97f87a84526bafd273dc74d
SSDeep:
48:GfafMGNki6CytlafNZSqnEGrBq30rUEqFJjl5gl2H3+2dx:iafMzxtlafPnxUUUEqFJMARz
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\MSOCache\All Users\{90140000-001B-0409-1000-0000000FF1CE}-C\WordMUI.xml.nemty
|
MD5:
b28a36cc7e5eaca42390fdbe546bad5b
SHA1:
178e4610dcc3efde92b4c66548dd66b64bd0c4e5
SHA256:
2fd2e1ae17dffbdefef4df78ff60b359d7d08258e97f87a84526bafd273dc74d
SSDeep:
48:GfafMGNki6CytlafNZSqnEGrBq30rUEqFJjl5gl2H3+2dx:iafMzxtlafPnxUUUEqFJMARz
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\MSOCache\All Users\{90140000-002C-0409-1000-0000000FF1CE}-C\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\MSOCache\All Users\{90140000-002C-0409-1000-0000000FF1CE}-C\Proof.en\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\MSOCache\All Users\{90140000-002C-0409-1000-0000000FF1CE}-C\Proof.en\Proof.msi
|
MD5:
957787ce1135e567a039783c4ed78a11
SHA1:
dae117a298d8192bcd4660a9fa7ea76559ea4804
SHA256:
396bb38cb141ae262843a34b3475b816e57c43876bdedea80dc0ad348e035caf
SSDeep:
12288:lPOVbzgbBB8P1uHfxfEBA7sz2XWpzrTcJbXGqnjoHWn7wTHOrEDc9e+vOTwnEOxX:Sb8Bm8JszbpTcdGqs1TbcIaJnbxXGbah
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\MSOCache\All Users\{90140000-002C-0409-1000-0000000FF1CE}-C\Proof.en\Proof.msi.nemty
|
MD5:
957787ce1135e567a039783c4ed78a11
SHA1:
dae117a298d8192bcd4660a9fa7ea76559ea4804
SHA256:
396bb38cb141ae262843a34b3475b816e57c43876bdedea80dc0ad348e035caf
SSDeep:
12288:lPOVbzgbBB8P1uHfxfEBA7sz2XWpzrTcJbXGqnjoHWn7wTHOrEDc9e+vOTwnEOxX:Sb8Bm8JszbpTcdGqs1TbcIaJnbxXGbah
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\MSOCache\All Users\{90140000-002C-0409-1000-0000000FF1CE}-C\Proof.en\Proof.xml
|
MD5:
363c3b758ddebc170baa0e9610ade35c
SHA1:
f4b8b3cb8ea9e2977fa6f4f9ec4bf5e02b87c05b
SHA256:
9d1a5e7ee87060251e413634b043eb73d63203ee451ff5a497b78daaced1b9d0
SSDeep:
24:cT02UzWIcJLquNnCZYVK1lGx0IR4RXWDx4Dals8HsfNpvWzI236UAuWmJDAl9:ctUyPJLllCIRiGDC4MfLvW/36UNu
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\MSOCache\All Users\{90140000-002C-0409-1000-0000000FF1CE}-C\Proof.en\Proof.xml.nemty
|
MD5:
363c3b758ddebc170baa0e9610ade35c
SHA1:
f4b8b3cb8ea9e2977fa6f4f9ec4bf5e02b87c05b
SHA256:
9d1a5e7ee87060251e413634b043eb73d63203ee451ff5a497b78daaced1b9d0
SSDeep:
24:cT02UzWIcJLquNnCZYVK1lGx0IR4RXWDx4Dals8HsfNpvWzI236UAuWmJDAl9:ctUyPJLllCIRiGDC4MfLvW/36UNu
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\MSOCache\All Users\{90140000-002C-0409-1000-0000000FF1CE}-C\Proof.es\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\MSOCache\All Users\{90140000-002C-0409-1000-0000000FF1CE}-C\Proof.es\Proof.msi
|
MD5:
dabfbb31e3b568506846a5bf0c5845cb
SHA1:
2548f9253ad34bdfd7ae669eaf62751e0d548cff
SHA256:
c0a8f7d4a1393bbcf8c8ae3b0e0d52044ea387713603703503c9399a91ac87b4
SSDeep:
12288:ByV9fYcsZ9yQ8G9nfA6+DeSxafxyd8272C0TFY+hjCQLppZrDgAd3Waeawz/:w9fYQU4qq4TFY+hWmppZzd3HU
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\MSOCache\All Users\{90140000-002C-0409-1000-0000000FF1CE}-C\Proof.es\Proof.msi.nemty
|
MD5:
dabfbb31e3b568506846a5bf0c5845cb
SHA1:
2548f9253ad34bdfd7ae669eaf62751e0d548cff
SHA256:
c0a8f7d4a1393bbcf8c8ae3b0e0d52044ea387713603703503c9399a91ac87b4
SSDeep:
12288:ByV9fYcsZ9yQ8G9nfA6+DeSxafxyd8272C0TFY+hjCQLppZrDgAd3Waeawz/:w9fYQU4qq4TFY+hWmppZzd3HU
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\MSOCache\All Users\{90140000-002C-0409-1000-0000000FF1CE}-C\Proof.es\Proof.xml
|
MD5:
ff85a2b3ee5bc87daa70af6370a4aa14
SHA1:
3b0e9615456925b254b74ffea3be16489aa3e729
SHA256:
0197c5800c3ed89b3e127d5b6b48daf63e4450446e2f2caa97c3745f5b4ce5bb
SSDeep:
48:lJVD84y78xjB/eZV1eMFc3KG+1Flybb2PUWxDX3vwvUV:lD84bxJsV4MmKGKFlyf2PJLYUV
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\MSOCache\All Users\{90140000-002C-0409-1000-0000000FF1CE}-C\Proof.es\Proof.xml.nemty
|
MD5:
ff85a2b3ee5bc87daa70af6370a4aa14
SHA1:
3b0e9615456925b254b74ffea3be16489aa3e729
SHA256:
0197c5800c3ed89b3e127d5b6b48daf63e4450446e2f2caa97c3745f5b4ce5bb
SSDeep:
48:lJVD84y78xjB/eZV1eMFc3KG+1Flybb2PUWxDX3vwvUV:lD84bxJsV4MmKGKFlyf2PJLYUV
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\MSOCache\All Users\{90140000-002C-0409-1000-0000000FF1CE}-C\Proof.fr\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\MSOCache\All Users\{90140000-002C-0409-1000-0000000FF1CE}-C\Proof.fr\Proof.msi
|
MD5:
a23a2a60fedc9999c35c136fc74ace54
SHA1:
2671051b435289e36123ac96ad5a7f3b00a4b2e7
SHA256:
347a97555cbc90c728c8ad35ba0f38e0d69484e8fc0c72d9bba624d6d9b5a362
SSDeep:
12288:dIZvSr7odf5B6KNWJp5FkjZhgifp0x6xJGZteixIj5HGLub52h0yTi:fodfHNWJ+jZhgifp0uJGZHIj8Ly5H
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\MSOCache\All Users\{90140000-002C-0409-1000-0000000FF1CE}-C\Proof.fr\Proof.msi.nemty
|
MD5:
a23a2a60fedc9999c35c136fc74ace54
SHA1:
2671051b435289e36123ac96ad5a7f3b00a4b2e7
SHA256:
347a97555cbc90c728c8ad35ba0f38e0d69484e8fc0c72d9bba624d6d9b5a362
SSDeep:
12288:dIZvSr7odf5B6KNWJp5FkjZhgifp0x6xJGZteixIj5HGLub52h0yTi:fodfHNWJ+jZhgifp0uJGZHIj8Ly5H
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\MSOCache\All Users\{90140000-002C-0409-1000-0000000FF1CE}-C\Proof.fr\Proof.xml
|
MD5:
221864c79c90bb4186725dce9f100de5
SHA1:
c3db2016ec3b9adc484406235ec729863f57f319
SHA256:
afd56dc13e0e12da241225b784510fa383ddaa22893399fbe3f51d7c9865050e
SSDeep:
24:tPIMf29NR68MEaZFiQB48DTkbolSmEk4iG8AfedG93tUcagHs64J8d/YwwjzoFTN:tP0cQjgvlSmdx4PdUlgHn5YwtKwBTii
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\MSOCache\All Users\{90140000-002C-0409-1000-0000000FF1CE}-C\Proof.fr\Proof.xml.nemty
|
MD5:
221864c79c90bb4186725dce9f100de5
SHA1:
c3db2016ec3b9adc484406235ec729863f57f319
SHA256:
afd56dc13e0e12da241225b784510fa383ddaa22893399fbe3f51d7c9865050e
SSDeep:
24:tPIMf29NR68MEaZFiQB48DTkbolSmEk4iG8AfedG93tUcagHs64J8d/YwwjzoFTN:tP0cQjgvlSmdx4PdUlgHn5YwtKwBTii
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\MSOCache\All Users\{90140000-002C-0409-1000-0000000FF1CE}-C\Proofing.msi
|
MD5:
acafbbf5d6a34a1ae1cabbb0c6f404a5
SHA1:
2623c1c46a5d0d7d1519884849a9c992158e8a3a
SHA256:
e6d6006afa8e0f9d3af105e779c94c3ef24c76325a96405b61237584477a715c
SSDeep:
24576:b/4ciYuLIq3RXfrhKcQ7wmfwR48zvvahd+/YvL/a:bgPv9BhKcQsygrzwQ/q/a
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\MSOCache\All Users\{90140000-002C-0409-1000-0000000FF1CE}-C\Proofing.msi.nemty
|
MD5:
acafbbf5d6a34a1ae1cabbb0c6f404a5
SHA1:
2623c1c46a5d0d7d1519884849a9c992158e8a3a
SHA256:
e6d6006afa8e0f9d3af105e779c94c3ef24c76325a96405b61237584477a715c
SSDeep:
24576:b/4ciYuLIq3RXfrhKcQ7wmfwR48zvvahd+/YvL/a:bgPv9BhKcQsygrzwQ/q/a
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\MSOCache\All Users\{90140000-002C-0409-1000-0000000FF1CE}-C\Proofing.xml
|
MD5:
eabe3478599568e4003d6e00eb2fbe98
SHA1:
a544aae7b764070f97ac9aad6543ecef084d3f40
SHA256:
0ad56acd3a321a06acdd800d3cd3ea89c543fbd577458cc59b8add7027a862f7
SSDeep:
24:7xMxb/ro3ap5b0HJ+W1gBka/c7QT84CaRp1E1VUbV8dU+zva8D9:7WdM3Kb051kkaoz1MrEmrd8Z
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\MSOCache\All Users\{90140000-002C-0409-1000-0000000FF1CE}-C\Proofing.xml.nemty
|
MD5:
eabe3478599568e4003d6e00eb2fbe98
SHA1:
a544aae7b764070f97ac9aad6543ecef084d3f40
SHA256:
0ad56acd3a321a06acdd800d3cd3ea89c543fbd577458cc59b8add7027a862f7
SSDeep:
24:7xMxb/ro3ap5b0HJ+W1gBka/c7QT84CaRp1E1VUbV8dU+zva8D9:7WdM3Kb051kkaoz1MrEmrd8Z
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\MSOCache\All Users\{90140000-002C-0409-1000-0000000FF1CE}-C\Setup.xml
|
MD5:
fe0e27208e874a98b24d2d33134b8e47
SHA1:
ddaef782817e376a05cdfb6d01e844647b48b438
SHA256:
9ea696b045b338935363e38bef7252a6f17c762da72cb48e8ad7c406d0b9ed33
SSDeep:
96:dIw43+79kdjruA5gw61kSt8RXzEI2HGRg8RK1X4kQOxPPYehV5x792:dB792jngwiXmd1tRi1zQOJYeRRo
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\MSOCache\All Users\{90140000-002C-0409-1000-0000000FF1CE}-C\Setup.xml.nemty
|
MD5:
fe0e27208e874a98b24d2d33134b8e47
SHA1:
ddaef782817e376a05cdfb6d01e844647b48b438
SHA256:
9ea696b045b338935363e38bef7252a6f17c762da72cb48e8ad7c406d0b9ed33
SSDeep:
96:dIw43+79kdjruA5gw61kSt8RXzEI2HGRg8RK1X4kQOxPPYehV5x792:dB792jngwiXmd1tRi1zQOJYeRRo
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\MSOCache\All Users\{90140000-0043-0409-1000-0000000FF1CE}-C\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\MSOCache\All Users\{90140000-0043-0409-1000-0000000FF1CE}-C\Office32MUI.msi
|
MD5:
1c6be6b2c9c7135c7fe6dd574e7370a0
SHA1:
b144486811cfd749c4d448186d6c9b1f1f6a4f3f
SHA256:
ade4f21b8fe8c94726a514c0bde07db7168a1c6596f8aa7244ed9bf0c9f275b0
SSDeep:
24576:SjZ+I5o7HOPyFJBlAlHL1ga8iHtBbxWAj/O:SjEayoYMtWA/O
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\MSOCache\All Users\{90140000-0043-0409-1000-0000000FF1CE}-C\Office32MUI.msi.nemty
|
MD5:
1c6be6b2c9c7135c7fe6dd574e7370a0
SHA1:
b144486811cfd749c4d448186d6c9b1f1f6a4f3f
SHA256:
ade4f21b8fe8c94726a514c0bde07db7168a1c6596f8aa7244ed9bf0c9f275b0
SSDeep:
24576:SjZ+I5o7HOPyFJBlAlHL1ga8iHtBbxWAj/O:SjEayoYMtWA/O
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\MSOCache\All Users\{90140000-0043-0409-1000-0000000FF1CE}-C\Office32MUI.xml
|
MD5:
2d533dab398897f251078a6778fb9465
SHA1:
096d2bd8ae17bf2a951a22e6ba361043d7229d4f
SHA256:
b8be01ac7c3544771543007fb09d2f2b987ce40c1b666cefab2a4e7f73577f1f
SSDeep:
48:cDaOGR1Ggz8j9zxD6NCeez3bFJ77ZY6IpO:oaOyG9xD6NCeIFR7ZdIpO
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\MSOCache\All Users\{90140000-0043-0409-1000-0000000FF1CE}-C\Office32MUI.xml.nemty
|
MD5:
2d533dab398897f251078a6778fb9465
SHA1:
096d2bd8ae17bf2a951a22e6ba361043d7229d4f
SHA256:
b8be01ac7c3544771543007fb09d2f2b987ce40c1b666cefab2a4e7f73577f1f
SSDeep:
48:cDaOGR1Ggz8j9zxD6NCeez3bFJ77ZY6IpO:oaOyG9xD6NCeIFR7ZdIpO
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\MSOCache\All Users\{90140000-0043-0409-1000-0000000FF1CE}-C\Setup.xml
|
MD5:
9d40052b6a4fa660f507b7e487df2606
SHA1:
e9a27ed149929110c14b5c3f316536e382f45eb2
SHA256:
04540dea3f963e895daa33c2209ed39d5614e1f0b4bbde19d8f47e90106b5edf
SSDeep:
48:TnAblWCKoANftonn6TBlVjng4X79phPlsAE71QoEWf/DIW2EZVDQd151NXPZQyh:xCKoAVOulVjnn9PlXWQoEWfrOgVDQd1n
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\MSOCache\All Users\{90140000-0043-0409-1000-0000000FF1CE}-C\Setup.xml.nemty
|
MD5:
9d40052b6a4fa660f507b7e487df2606
SHA1:
e9a27ed149929110c14b5c3f316536e382f45eb2
SHA256:
04540dea3f963e895daa33c2209ed39d5614e1f0b4bbde19d8f47e90106b5edf
SSDeep:
48:TnAblWCKoANftonn6TBlVjng4X79phPlsAE71QoEWf/DIW2EZVDQd151NXPZQyh:xCKoAVOulVjnn9PlXWQoEWfrOgVDQd1n
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\MSOCache\All Users\{90140000-0044-0409-1000-0000000FF1CE}-C\InfoPathMUI.msi
|
MD5:
8f3da01093bce40a7cd15d0c63ac753a
SHA1:
89478f7930c811d77bda26d606a9348a6badeaa6
SHA256:
438550e6f5ddfbcef9f06d3b7bf79e47d21b09aae798cdfcab2b4d16255131b5
SSDeep:
49152:I8mOwngbXmxfBX5s4i4Dji8fMd6P0dn3HAYmW2WhAMsmz+A:I8rwngjS5Bi5VdXAW3xsm9
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\MSOCache\All Users\{90140000-0044-0409-1000-0000000FF1CE}-C\InfoPathMUI.msi.nemty
|
MD5:
8f3da01093bce40a7cd15d0c63ac753a
SHA1:
89478f7930c811d77bda26d606a9348a6badeaa6
SHA256:
438550e6f5ddfbcef9f06d3b7bf79e47d21b09aae798cdfcab2b4d16255131b5
SSDeep:
49152:I8mOwngbXmxfBX5s4i4Dji8fMd6P0dn3HAYmW2WhAMsmz+A:I8rwngjS5Bi5VdXAW3xsm9
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\MSOCache\All Users\{90140000-0044-0409-1000-0000000FF1CE}-C\InfoPathMUI.xml
|
MD5:
0bd591ddeb15609107f39f1acab4e615
SHA1:
ded8868525e234c7b4ee6e7bb057e4fa2ad95cac
SHA256:
af97ec54927464a15c90fde51a011ea13e7e28d13ba18c51dda0ebeb5821b6cb
SSDeep:
24:Sp0OjYvLBz9nSSjKXX42S+LxL6CC73pR1ShUOM85ezNWbCrrLbIU2t0Pjo/1gNTj:CKL1ADXIS+CO1Sh68cWWjEH0boNgX
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\MSOCache\All Users\{90140000-0044-0409-1000-0000000FF1CE}-C\InfoPathMUI.xml.nemty
|
MD5:
0bd591ddeb15609107f39f1acab4e615
SHA1:
ded8868525e234c7b4ee6e7bb057e4fa2ad95cac
SHA256:
af97ec54927464a15c90fde51a011ea13e7e28d13ba18c51dda0ebeb5821b6cb
SSDeep:
24:Sp0OjYvLBz9nSSjKXX42S+LxL6CC73pR1ShUOM85ezNWbCrrLbIU2t0Pjo/1gNTj:CKL1ADXIS+CO1Sh68cWWjEH0boNgX
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\MSOCache\All Users\{90140000-0044-0409-1000-0000000FF1CE}-C\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\MSOCache\All Users\{90140000-0044-0409-1000-0000000FF1CE}-C\Setup.xml
|
MD5:
16dca65b3dd493ae8bf206425fe81eb5
SHA1:
6c6b10af2f2f244eba6299da4d75e1967b076575
SHA256:
1ead3ba2a655fbeb534485be9c5b10d2188071ac1b942a5bb847ec3dec8bf784
SSDeep:
48:mXnckwo/cPfnY25XBrMYPGxXecl229yqPLsqGXQH67cebsSRbHfhY1tjLb09vrNh:FI6+xX5U2waLsVsReb7bHf+XnQj
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\MSOCache\All Users\{90140000-0044-0409-1000-0000000FF1CE}-C\Setup.xml.nemty
|
MD5:
16dca65b3dd493ae8bf206425fe81eb5
SHA1:
6c6b10af2f2f244eba6299da4d75e1967b076575
SHA256:
1ead3ba2a655fbeb534485be9c5b10d2188071ac1b942a5bb847ec3dec8bf784
SSDeep:
48:mXnckwo/cPfnY25XBrMYPGxXecl229yqPLsqGXQH67cebsSRbHfhY1tjLb09vrNh:FI6+xX5U2waLsVsReb7bHf+XnQj
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\MSOCache\All Users\{90140000-0054-0409-1000-0000000FF1CE}-C\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\MSOCache\All Users\{90140000-0054-0409-1000-0000000FF1CE}-C\Setup.xml
|
MD5:
4028939a701d754ac6fef30f2effa5a0
SHA1:
1ee22dd568c1b2f7e27848a8ab617889ff4c9460
SHA256:
417f64283303908d76be9d7c23742c9373efc6a38a0ecc17609854184e84bb23
SSDeep:
192:GmxZQF06U0QK51mfETVmYRuIzlO6dG4g4vF:GmxZQT3zRck22F
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\MSOCache\All Users\{90140000-0054-0409-1000-0000000FF1CE}-C\Setup.xml.nemty
|
MD5:
4028939a701d754ac6fef30f2effa5a0
SHA1:
1ee22dd568c1b2f7e27848a8ab617889ff4c9460
SHA256:
417f64283303908d76be9d7c23742c9373efc6a38a0ecc17609854184e84bb23
SSDeep:
192:GmxZQF06U0QK51mfETVmYRuIzlO6dG4g4vF:GmxZQT3zRck22F
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\MSOCache\All Users\{90140000-0054-0409-1000-0000000FF1CE}-C\VisioMUI.msi
|
MD5:
6c8560791b9ab9b95f01b4e79105f9a9
SHA1:
0661fe1d254efb0d8e547d86ac25088026cf58e4
SHA256:
5fd4ced79f76ba274417dd9eb396dc7ad0d969c62fd72f1bf4694ee2d12c2dc6
SSDeep:
49152:y3m2Ssh16JGBjiqfYSRFvfPRfiqJe39zGainmHfCnVwpKgdXb:CSsz6JGjJvxg39zUmHf0zer
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\MSOCache\All Users\{90140000-0054-0409-1000-0000000FF1CE}-C\VisioMUI.msi.nemty
|
MD5:
6c8560791b9ab9b95f01b4e79105f9a9
SHA1:
0661fe1d254efb0d8e547d86ac25088026cf58e4
SHA256:
5fd4ced79f76ba274417dd9eb396dc7ad0d969c62fd72f1bf4694ee2d12c2dc6
SSDeep:
49152:y3m2Ssh16JGBjiqfYSRFvfPRfiqJe39zGainmHfCnVwpKgdXb:CSsz6JGjJvxg39zUmHf0zer
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\MSOCache\All Users\{90140000-0054-0409-1000-0000000FF1CE}-C\VisioMUI.xml
|
MD5:
443198ac282d6f2c120e839ffc58eac6
SHA1:
341ec4df3e7677ff40679da35759bbac8f72c8ed
SHA256:
fc7cc2acb8ab2766f81b615b300a54e54fa71bce04dc69443be07c9acacf1e60
SSDeep:
192:tBFsew6hRv8dAruO2kYpjgDicV2dfWhm2SlByQOTDYftX1t1338cUQSuGK/5xWC4:VsHsRibi2duhoOTEtX1t18ruGKxA2D9g
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\MSOCache\All Users\{90140000-0054-0409-1000-0000000FF1CE}-C\VisioMUI.xml.nemty
|
MD5:
443198ac282d6f2c120e839ffc58eac6
SHA1:
341ec4df3e7677ff40679da35759bbac8f72c8ed
SHA256:
fc7cc2acb8ab2766f81b615b300a54e54fa71bce04dc69443be07c9acacf1e60
SSDeep:
192:tBFsew6hRv8dAruO2kYpjgDicV2dfWhm2SlByQOTDYftX1t1338cUQSuGK/5xWC4:VsHsRibi2duhoOTEtX1t18ruGKxA2D9g
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\MSOCache\All Users\{90140000-00A1-0409-1000-0000000FF1CE}-C\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\MSOCache\All Users\{90140000-00A1-0409-1000-0000000FF1CE}-C\OneNoteMUI.msi
|
MD5:
7ebb2fbe4eff1f9fb70d9bab4e741593
SHA1:
e0979602a4d212af6206bca172b577992c960fca
SHA256:
f18631b9a470c6737b4e8cf0906bb243feaabf3b6de49a0de28946532198e7fc
SSDeep:
49152:d8khAXjx0PWfj2gEARpGVSieGuVZeXVYfBDRf9Xlp2SW22aQMCV:d8kez+4LEcpGgieGuZeXuBFf9XZ1zCV
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\MSOCache\All Users\{90140000-00A1-0409-1000-0000000FF1CE}-C\OneNoteMUI.msi.nemty
|
MD5:
7ebb2fbe4eff1f9fb70d9bab4e741593
SHA1:
e0979602a4d212af6206bca172b577992c960fca
SHA256:
f18631b9a470c6737b4e8cf0906bb243feaabf3b6de49a0de28946532198e7fc
SSDeep:
49152:d8khAXjx0PWfj2gEARpGVSieGuVZeXVYfBDRf9Xlp2SW22aQMCV:d8kez+4LEcpGgieGuZeXuBFf9XZ1zCV
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\MSOCache\All Users\{90140000-00A1-0409-1000-0000000FF1CE}-C\OneNoteMUI.xml
|
MD5:
34624da23c3bf7d4aef4a5e295217aa7
SHA1:
8d858e7ead4312f3b5a58c421f6de041ce93130d
SHA256:
9f7277d71bb311873e4f7a68f3e0828d00e8574eb6e0cedff069f5285a3c4a9a
SSDeep:
48:UOD8p1raVkj0BFegoKoar7Y04+hc8O5ab3I+vMFD4sEpzRFE:UOAnmVkj0BFzUar0qhcxAb31MZ4FE
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\MSOCache\All Users\{90140000-00A1-0409-1000-0000000FF1CE}-C\OneNoteMUI.xml.nemty
|
MD5:
34624da23c3bf7d4aef4a5e295217aa7
SHA1:
8d858e7ead4312f3b5a58c421f6de041ce93130d
SHA256:
9f7277d71bb311873e4f7a68f3e0828d00e8574eb6e0cedff069f5285a3c4a9a
SSDeep:
48:UOD8p1raVkj0BFegoKoar7Y04+hc8O5ab3I+vMFD4sEpzRFE:UOAnmVkj0BFzUar0qhcxAb31MZ4FE
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\MSOCache\All Users\{90140000-00A1-0409-1000-0000000FF1CE}-C\Setup.xml
|
MD5:
c1b66b943512fd063193e3473bc07ca8
SHA1:
9713cbbdb027944aee7ee352248f6b630250f24d
SHA256:
eb8e85709213fc0f4bde71c4fb5d4465c6af99d0e8e850bbbd64f0b4e05173a1
SSDeep:
48:jh/NX5cgNj4tW3U4U1w9nW0UWrCyMRQROgsuINsuwbff5:N1Xnj4tWE4Uu9nWmTMRQtINsDd
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\MSOCache\All Users\{90140000-00A1-0409-1000-0000000FF1CE}-C\Setup.xml.nemty
|
MD5:
c1b66b943512fd063193e3473bc07ca8
SHA1:
9713cbbdb027944aee7ee352248f6b630250f24d
SHA256:
eb8e85709213fc0f4bde71c4fb5d4465c6af99d0e8e850bbbd64f0b4e05173a1
SSDeep:
48:jh/NX5cgNj4tW3U4U1w9nW0UWrCyMRQROgsuINsuwbff5:N1Xnj4tWE4Uu9nWmTMRQtINsDd
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\MSOCache\All Users\{90140000-00B4-0409-1000-0000000FF1CE}-C\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\MSOCache\All Users\{90140000-00B4-0409-1000-0000000FF1CE}-C\ProjectMUI.msi
|
MD5:
36b6483fd45480f9db04df5b8b5782d7
SHA1:
1da94a95b20e4926f1ce678abaebf8929c71cf80
SHA256:
8e42a8149fb11fda42af9f04977417abf9114b269c7dec280277f021c7ad36ab
SSDeep:
49152:u/geyZ3ih5ZtfPnhv96EbAkOQA8EyvRyZS1ZYteNuh6dKxo:uBUSbfG6AnLm5ys1ZYt9a
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\MSOCache\All Users\{90140000-00B4-0409-1000-0000000FF1CE}-C\ProjectMUI.msi.nemty
|
MD5:
36b6483fd45480f9db04df5b8b5782d7
SHA1:
1da94a95b20e4926f1ce678abaebf8929c71cf80
SHA256:
8e42a8149fb11fda42af9f04977417abf9114b269c7dec280277f021c7ad36ab
SSDeep:
49152:u/geyZ3ih5ZtfPnhv96EbAkOQA8EyvRyZS1ZYteNuh6dKxo:uBUSbfG6AnLm5ys1ZYt9a
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\MSOCache\All Users\{90140000-00B4-0409-1000-0000000FF1CE}-C\ProjectMUI.xml
|
MD5:
a07d2c0a96545989fd2fec8db63c0204
SHA1:
45cb05c25ff21c75c6b53855ec3a98d20049c394
SHA256:
1af0f5c4bb858ca3223bb185ebbdd11053218d86a0703dec65e5a4148c2854dc
SSDeep:
48:PJjiYl8PXCCTnczMwe9gyzXkXr8eVwNgg9a4NK6zpHyAH:PtiYqfjzwwjMweygb6NS0
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\MSOCache\All Users\{90140000-00B4-0409-1000-0000000FF1CE}-C\ProjectMUI.xml.nemty
|
MD5:
a07d2c0a96545989fd2fec8db63c0204
SHA1:
45cb05c25ff21c75c6b53855ec3a98d20049c394
SHA256:
1af0f5c4bb858ca3223bb185ebbdd11053218d86a0703dec65e5a4148c2854dc
SSDeep:
48:PJjiYl8PXCCTnczMwe9gyzXkXr8eVwNgg9a4NK6zpHyAH:PtiYqfjzwwjMweygb6NS0
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\MSOCache\All Users\{90140000-00B4-0409-1000-0000000FF1CE}-C\Setup.xml
|
MD5:
f6645fc0a006030ee5b974485ed94de6
SHA1:
65b197d4874f50a450ca13a56b4c3f9e227e358b
SHA256:
b3f7b49b33b8367febf66a96b923bb309866b62fbd5a52f3325c8561a8191d43
SSDeep:
48:SgVXF0z3LnR4X+TGhdE7zBgnpku7M+ZOBIfQEQoxXth8A2mWB:SgVXcRWWadTpVvZtXhrha
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\MSOCache\All Users\{90140000-00B4-0409-1000-0000000FF1CE}-C\Setup.xml.nemty
|
MD5:
f6645fc0a006030ee5b974485ed94de6
SHA1:
65b197d4874f50a450ca13a56b4c3f9e227e358b
SHA256:
b3f7b49b33b8367febf66a96b923bb309866b62fbd5a52f3325c8561a8191d43
SSDeep:
48:SgVXF0z3LnR4X+TGhdE7zBgnpku7M+ZOBIfQEQoxXth8A2mWB:SgVXcRWWadTpVvZtXhrha
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\MSOCache\All Users\{90140000-00BA-0409-1000-0000000FF1CE}-C\GrooveMUI.msi
|
MD5:
b0cba380aad1067c1bcc45531bff13ab
SHA1:
a7b2e43a084a2ba0aa8956a426930aa6284a407b
SHA256:
857dbda86f5760c97823d5e4993507da1435afd3db04ffadc37b952a07697d3e
SSDeep:
49152:HCon2k575sGjOfHeUhvvycEJx+oCb1V4QGjg6+cW7UKa//NEnc6Hdyp:Hck575vjOphyc6xub1Van+jAKGWnc6W
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\MSOCache\All Users\{90140000-00BA-0409-1000-0000000FF1CE}-C\GrooveMUI.msi.nemty
|
MD5:
b0cba380aad1067c1bcc45531bff13ab
SHA1:
a7b2e43a084a2ba0aa8956a426930aa6284a407b
SHA256:
857dbda86f5760c97823d5e4993507da1435afd3db04ffadc37b952a07697d3e
SSDeep:
49152:HCon2k575sGjOfHeUhvvycEJx+oCb1V4QGjg6+cW7UKa//NEnc6Hdyp:Hck575vjOphyc6xub1Van+jAKGWnc6W
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\MSOCache\All Users\{90140000-00BA-0409-1000-0000000FF1CE}-C\GrooveMUI.xml
|
MD5:
dc8f936a39ed827cd4a1a90d3e580b46
SHA1:
31ca6c46de476b30704c2334dd98bcd8e67a8c4e
SHA256:
db6b700834b81e8643186d51d4281492dd56fc0ada4c6813a9eb05a8702dba8c
SSDeep:
24:QnPobqSD+RlRswKSkusNb11b0ZFw48hu4EBp0HlehZXy/0xNCuzHTqU3NcW3mjfV:QnQqSgnnCb11b03chu4EB+Hleh7vlNnK
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\MSOCache\All Users\{90140000-00BA-0409-1000-0000000FF1CE}-C\GrooveMUI.xml.nemty
|
MD5:
dc8f936a39ed827cd4a1a90d3e580b46
SHA1:
31ca6c46de476b30704c2334dd98bcd8e67a8c4e
SHA256:
db6b700834b81e8643186d51d4281492dd56fc0ada4c6813a9eb05a8702dba8c
SSDeep:
24:QnPobqSD+RlRswKSkusNb11b0ZFw48hu4EBp0HlehZXy/0xNCuzHTqU3NcW3mjfV:QnQqSgnnCb11b03chu4EB+Hleh7vlNnK
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\MSOCache\All Users\{90140000-00BA-0409-1000-0000000FF1CE}-C\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\MSOCache\All Users\{90140000-00BA-0409-1000-0000000FF1CE}-C\Setup.xml
|
MD5:
6484d376b12037a14de118a3a47add44
SHA1:
830b7ca4ad8b9254d0445911003a016e2e7c238f
SHA256:
562152a8ec62bfb70982975ed569bcab8fb3cb18927373d8b1641d5e080788e4
SSDeep:
48:8iXZwoAS9k904YASjXdVNy/s+txh0Xgq4zrxz:DlxTNqE+txkgqQlz
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\MSOCache\All Users\{90140000-00BA-0409-1000-0000000FF1CE}-C\Setup.xml.nemty
|
MD5:
6484d376b12037a14de118a3a47add44
SHA1:
830b7ca4ad8b9254d0445911003a016e2e7c238f
SHA256:
562152a8ec62bfb70982975ed569bcab8fb3cb18927373d8b1641d5e080788e4
SSDeep:
48:8iXZwoAS9k904YASjXdVNy/s+txh0Xgq4zrxz:DlxTNqE+txkgqQlz
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\MSOCache\All Users\{90140000-0115-0409-1000-0000000FF1CE}-C\1033\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\MSOCache\All Users\{90140000-0115-0409-1000-0000000FF1CE}-C\branding.xml
|
MD5:
43cbfeebcf94fc3013afd52b6b9b7e93
SHA1:
2f1fedb8aa62e74558153a5ea86ae212c7289dd0
SHA256:
a029ffc596b4aec248417c8afe182cc32d20f8ee8aa4ed16ce8539e4d9c0b044
SSDeep:
12288:hPRYtMu9Ec1UkqUzXAMFuoXzKDb8TKo6yaCNGNdFN7Hrzh62b0ZU8+/21QmS9qxP:FGMu9Ec1dqUzXAMFuoXzKf8TKo6yaddq
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\MSOCache\All Users\{90140000-0115-0409-1000-0000000FF1CE}-C\branding.xml.nemty
|
MD5:
43cbfeebcf94fc3013afd52b6b9b7e93
SHA1:
2f1fedb8aa62e74558153a5ea86ae212c7289dd0
SHA256:
a029ffc596b4aec248417c8afe182cc32d20f8ee8aa4ed16ce8539e4d9c0b044
SSDeep:
12288:hPRYtMu9Ec1UkqUzXAMFuoXzKDb8TKo6yaCNGNdFN7Hrzh62b0ZU8+/21QmS9qxP:FGMu9Ec1dqUzXAMFuoXzKf8TKo6yaddq
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\MSOCache\All Users\{90140000-0115-0409-1000-0000000FF1CE}-C\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\MSOCache\All Users\{90140000-0115-0409-1000-0000000FF1CE}-C\OfficeMUI.msi
|
MD5:
3581161489f9e1423f7595cae1e6f7a4
SHA1:
8852811c56e71e8e09e93004be6230f6a20193b2
SHA256:
d60d65964687c9cf5ed49e820b806cb99b4d85b2c2c21aae8b5e8bc558d75c22
SSDeep:
98304:UenR4KtXb1NG32v5ahATGjxah+YxOJ/A6nautsLbTnhJk1gfzj:VRTGmvnTGMvxOJo6a86r2kj
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\MSOCache\All Users\{90140000-0115-0409-1000-0000000FF1CE}-C\OfficeMUI.msi.nemty
|
MD5:
3581161489f9e1423f7595cae1e6f7a4
SHA1:
8852811c56e71e8e09e93004be6230f6a20193b2
SHA256:
d60d65964687c9cf5ed49e820b806cb99b4d85b2c2c21aae8b5e8bc558d75c22
SSDeep:
98304:UenR4KtXb1NG32v5ahATGjxah+YxOJ/A6nautsLbTnhJk1gfzj:VRTGmvnTGMvxOJo6a86r2kj
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\MSOCache\All Users\{90140000-0115-0409-1000-0000000FF1CE}-C\OfficeMUI.xml
|
MD5:
c990e1483d8eece52c2b89c027747e31
SHA1:
aeed4ec322ed831a950b8b4e245de1c43df2f7a1
SHA256:
7b0d6cf49929520b7573e182cd5e45472ecf72ef14dc857cce8d93a79d00dcc9
SSDeep:
96:i7aHLLGWQaR2gjMbZhCMhS+/F3GqmCytgsw4oZrcZJFt67weBw6ouIPCx:VHLLnxlg1hCJk7ryyd4TFtr36o/Cx
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\MSOCache\All Users\{90140000-0115-0409-1000-0000000FF1CE}-C\OfficeMUI.xml.nemty
|
MD5:
c990e1483d8eece52c2b89c027747e31
SHA1:
aeed4ec322ed831a950b8b4e245de1c43df2f7a1
SHA256:
7b0d6cf49929520b7573e182cd5e45472ecf72ef14dc857cce8d93a79d00dcc9
SSDeep:
96:i7aHLLGWQaR2gjMbZhCMhS+/F3GqmCytgsw4oZrcZJFt67weBw6ouIPCx:VHLLnxlg1hCJk7ryyd4TFtr36o/Cx
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\MSOCache\All Users\{90140000-0115-0409-1000-0000000FF1CE}-C\OfficeMUISet.msi
|
MD5:
93ddaf9c5ed931d5eea5440e381b0afb
SHA1:
9ba41b74c57c1779bd98ac1882dc9bb5af9264bd
SHA256:
6e753ba222aea6f731532607b641e3012eba2f29476d410b2590cfb1df719892
SSDeep:
24576:HCpY7qG+xeCJT90LRJTVTF02Nt/+EyRKzcaIKpX68DErl9:H4sqG+xeYT90Lfr03RiaK9qrX
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\MSOCache\All Users\{90140000-0115-0409-1000-0000000FF1CE}-C\OfficeMUISet.msi.nemty
|
MD5:
93ddaf9c5ed931d5eea5440e381b0afb
SHA1:
9ba41b74c57c1779bd98ac1882dc9bb5af9264bd
SHA256:
6e753ba222aea6f731532607b641e3012eba2f29476d410b2590cfb1df719892
SSDeep:
24576:HCpY7qG+xeCJT90LRJTVTF02Nt/+EyRKzcaIKpX68DErl9:H4sqG+xeYT90Lfr03RiaK9qrX
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\MSOCache\All Users\{90140000-0115-0409-1000-0000000FF1CE}-C\OfficeMUISet.xml
|
MD5:
5c0fd9ffd48f9b2f61b4c4b733ee4dc0
SHA1:
906568ebf5d7623a40a4db0cf727c5fcd2a110fe
SHA256:
5a0ee6a821f708eae2501ac068b7e72be098e129195eee7d85e756fe910589b1
SSDeep:
24:pq+4sfIf6YimCObmGdUksMO/vIUR77XzSL3krCQFjA4qbUYIw9:8+4nCY9CO03/gUBXa3kBFABwYIU
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\MSOCache\All Users\{90140000-0115-0409-1000-0000000FF1CE}-C\OfficeMUISet.xml.nemty
|
MD5:
5c0fd9ffd48f9b2f61b4c4b733ee4dc0
SHA1:
906568ebf5d7623a40a4db0cf727c5fcd2a110fe
SHA256:
5a0ee6a821f708eae2501ac068b7e72be098e129195eee7d85e756fe910589b1
SSDeep:
24:pq+4sfIf6YimCObmGdUksMO/vIUR77XzSL3krCQFjA4qbUYIw9:8+4nCY9CO03/gUBXa3kBFABwYIU
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\MSOCache\All Users\{90140000-0115-0409-1000-0000000FF1CE}-C\pss10r.chm
|
MD5:
820df499bafa4835298e3bfb0da4a0ca
SHA1:
fd7f32064fbd261cba65850f2bae7fb59e86bbcd
SHA256:
8551b11e45ff8eaffd5a39664f7629a0f010850563ef85790f84281eaa39c3cc
SSDeep:
768:r3FBkCLhK4huzzgSPgL2eYllPYrhBs4ls:7hLw74NaeYltKhC
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\MSOCache\All Users\{90140000-0115-0409-1000-0000000FF1CE}-C\pss10r.chm.nemty
|
MD5:
820df499bafa4835298e3bfb0da4a0ca
SHA1:
fd7f32064fbd261cba65850f2bae7fb59e86bbcd
SHA256:
8551b11e45ff8eaffd5a39664f7629a0f010850563ef85790f84281eaa39c3cc
SSDeep:
768:r3FBkCLhK4huzzgSPgL2eYllPYrhBs4ls:7hLw74NaeYltKhC
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\MSOCache\All Users\{90140000-0115-0409-1000-0000000FF1CE}-C\setup.chm
|
MD5:
9dd2c21df4dc3d259282bad2fe3a1c7e
SHA1:
28a6a117c8351d0b99e3857b22083dadf6ed41b6
SHA256:
ceed6363c9ae6eeda7eba694e83792a5af676f5cc2c357d7c2ed8b6c8715889c
SSDeep:
768:B4lxulUB4lxulFiWFWnzTXYu3mfpgdWx6qB3SeBzva4eanG2YXbCKM2MLDVlx6sy:BPcPIWsnzZUMi7a4xRYrpsH/a8IUtK
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\MSOCache\All Users\{90140000-0115-0409-1000-0000000FF1CE}-C\setup.chm.nemty
|
MD5:
9dd2c21df4dc3d259282bad2fe3a1c7e
SHA1:
28a6a117c8351d0b99e3857b22083dadf6ed41b6
SHA256:
ceed6363c9ae6eeda7eba694e83792a5af676f5cc2c357d7c2ed8b6c8715889c
SSDeep:
768:B4lxulUB4lxulFiWFWnzTXYu3mfpgdWx6qB3SeBzva4eanG2YXbCKM2MLDVlx6sy:BPcPIWsnzZUMi7a4xRYrpsH/a8IUtK
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\MSOCache\All Users\{90140000-0115-0409-1000-0000000FF1CE}-C\Setup.xml
|
MD5:
b6ff68567f0376110ff54b2499227a42
SHA1:
8f05f336fde4633c870bb2180e6ea8c5fd9d8733
SHA256:
b7a24fbb41c7f725597477a47e235cf462e48076f5ef3112a11521b6f662a500
SSDeep:
192:dnM1KQllShgJWBif6ARrU6KJV1u+aRS/j5qLcu8eZWahU6n2+NBDw906rcW8Wv:dnYKKhvfpRlKpfn75qLcYWahImn1c
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\MSOCache\All Users\{90140000-0115-0409-1000-0000000FF1CE}-C\Setup.xml.nemty
|
MD5:
b6ff68567f0376110ff54b2499227a42
SHA1:
8f05f336fde4633c870bb2180e6ea8c5fd9d8733
SHA256:
b7a24fbb41c7f725597477a47e235cf462e48076f5ef3112a11521b6f662a500
SSDeep:
192:dnM1KQllShgJWBif6ARrU6KJV1u+aRS/j5qLcu8eZWahU6n2+NBDw906rcW8Wv:dnYKKhvfpRlKpfn75qLcYWahImn1c
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\MSOCache\All Users\{90140000-0115-0409-1000-0000000FF1CE}-C\ShellUI.MST
|
MD5:
e471dc72b081bcb89f3b81dab8ce52b6
SHA1:
17ea5403f4b83f7ea11c207711213d65fe259da7
SHA256:
cd9d15daf20e34baf8e517034bc143f674fba2f4452c0b1317e24e75c5b7c22e
SSDeep:
48:vL6SI/lAdy//P/m//D/NdW//P/c5z//Pt/Czy//mz/Gpv9IqZ/l///P//////P/S:zXtd5Yz7z+pvshksnt
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\MSOCache\All Users\{90140000-0115-0409-1000-0000000FF1CE}-C\ShellUI.MST.nemty
|
MD5:
e471dc72b081bcb89f3b81dab8ce52b6
SHA1:
17ea5403f4b83f7ea11c207711213d65fe259da7
SHA256:
cd9d15daf20e34baf8e517034bc143f674fba2f4452c0b1317e24e75c5b7c22e
SSDeep:
48:vL6SI/lAdy//P/m//D/NdW//P/c5z//Pt/Czy//mz/Gpv9IqZ/l///P//////P/S:zXtd5Yz7z+pvshksnt
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\MSOCache\All Users\{90140000-0117-0409-1000-0000000FF1CE}-C\Access.en-us\AccessMUI.msi
|
MD5:
2de0387f9e12e2ecc6e50ab2c157e817
SHA1:
67e47cb49c69a83b157ef4823adc6f6eb907bee3
SHA256:
c3bdc6bfb10b2634576833606d4b1c32e92125cda444584fad6a69c8b98a4a3e
SSDeep:
49152:8X+b2Pa3nqdxjp44MHbOuIu/NEjNpTZtNCO2KDTT/eRu7HgqOLjve:8X+b2PSnqdTi7kkgLCO22T/eQ7Eve
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\MSOCache\All Users\{90140000-0117-0409-1000-0000000FF1CE}-C\Access.en-us\AccessMUI.msi.nemty
|
MD5:
2de0387f9e12e2ecc6e50ab2c157e817
SHA1:
67e47cb49c69a83b157ef4823adc6f6eb907bee3
SHA256:
c3bdc6bfb10b2634576833606d4b1c32e92125cda444584fad6a69c8b98a4a3e
SSDeep:
49152:8X+b2Pa3nqdxjp44MHbOuIu/NEjNpTZtNCO2KDTT/eRu7HgqOLjve:8X+b2PSnqdTi7kkgLCO22T/eQ7Eve
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\MSOCache\All Users\{90140000-0117-0409-1000-0000000FF1CE}-C\Access.en-us\AccessMUI.xml
|
MD5:
1d98049c56d55b0fc1bd87903ce2f587
SHA1:
d6edd63feb82fcd695eed3148dd392b6395feb85
SHA256:
2be47ed43c00ecb7380be86677845edc7f5aba7676d19362758c077c252b7d56
SSDeep:
48:5VGt0lx+DKZ9egfkOkVI9JLzLf/IuVkPYkTB:5It0P+DKJmVcr/IuW3TB
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\MSOCache\All Users\{90140000-0117-0409-1000-0000000FF1CE}-C\Access.en-us\AccessMUI.xml.nemty
|
MD5:
1d98049c56d55b0fc1bd87903ce2f587
SHA1:
d6edd63feb82fcd695eed3148dd392b6395feb85
SHA256:
2be47ed43c00ecb7380be86677845edc7f5aba7676d19362758c077c252b7d56
SSDeep:
48:5VGt0lx+DKZ9egfkOkVI9JLzLf/IuVkPYkTB:5It0P+DKJmVcr/IuW3TB
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\MSOCache\All Users\{90140000-0117-0409-1000-0000000FF1CE}-C\Access.en-us\branding.xml
|
MD5:
cf7e54f9dcc65d7bb3cf1a0c681a366b
SHA1:
2c8a45d3bf321cbd91140c555881283d3f0665f4
SHA256:
d300ee6d5870750778a3a4e67d4cc3910186261213630a196f6dc81ca551f4aa
SSDeep:
12288:EITnYqBVxH9sAsVeGexSso9kZkM/1atNeHsiq8tJet:EITYqpH9sAsVeGexSsQkZkMkt5iq+i
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\MSOCache\All Users\{90140000-0117-0409-1000-0000000FF1CE}-C\Access.en-us\branding.xml.nemty
|
MD5:
cf7e54f9dcc65d7bb3cf1a0c681a366b
SHA1:
2c8a45d3bf321cbd91140c555881283d3f0665f4
SHA256:
d300ee6d5870750778a3a4e67d4cc3910186261213630a196f6dc81ca551f4aa
SSDeep:
12288:EITnYqBVxH9sAsVeGexSso9kZkM/1atNeHsiq8tJet:EITYqpH9sAsVeGexSsQkZkMkt5iq+i
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\MSOCache\All Users\{90140000-0117-0409-1000-0000000FF1CE}-C\Access.en-us\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\MSOCache\All Users\{90140000-0117-0409-1000-0000000FF1CE}-C\AccessMUISet.msi
|
MD5:
01da4036338f4161c31fa5334b9e3b92
SHA1:
846159609659a5193bc4acd93b7e91fa0f14aaf6
SHA256:
9afa63d43136933692f4670c9d6589aa9208723252a4b3af3fa1cee4669ab2b5
SSDeep:
24576:Ngli4NsgKiILAN5YVDQCa4+xHJ67M+kwiZUGBY6p8z:WQxiJg+R4+xHJE4wnPz
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\MSOCache\All Users\{90140000-0117-0409-1000-0000000FF1CE}-C\AccessMUISet.msi.nemty
|
MD5:
01da4036338f4161c31fa5334b9e3b92
SHA1:
846159609659a5193bc4acd93b7e91fa0f14aaf6
SHA256:
9afa63d43136933692f4670c9d6589aa9208723252a4b3af3fa1cee4669ab2b5
SSDeep:
24576:Ngli4NsgKiILAN5YVDQCa4+xHJ67M+kwiZUGBY6p8z:WQxiJg+R4+xHJE4wnPz
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\MSOCache\All Users\{90140000-0117-0409-1000-0000000FF1CE}-C\AccessMUISet.xml
|
MD5:
b2cf7848417b93e7ad44fcffdf4f1b4d
SHA1:
26947f18af359e7e0f88bddc23ff12b7f0c216f1
SHA256:
ebece315d5e18840ae90ca17fb6fa4e3791725e31055da11afbb4363ab5f0dd6
SSDeep:
24:4nUqzraL0Zc0i2LbwFsCBt26+cyyL0FyvPLfA+6CbZTZbj5Rr9:iUqzWQmskFFt26+cyyLaSPLfz6OZVbt7
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\MSOCache\All Users\{90140000-0117-0409-1000-0000000FF1CE}-C\AccessMUISet.xml.nemty
|
MD5:
b2cf7848417b93e7ad44fcffdf4f1b4d
SHA1:
26947f18af359e7e0f88bddc23ff12b7f0c216f1
SHA256:
ebece315d5e18840ae90ca17fb6fa4e3791725e31055da11afbb4363ab5f0dd6
SSDeep:
24:4nUqzraL0Zc0i2LbwFsCBt26+cyyL0FyvPLfA+6CbZTZbj5Rr9:iUqzWQmskFFt26+cyyLaSPLfz6OZVbt7
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\MSOCache\All Users\{90140000-0117-0409-1000-0000000FF1CE}-C\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\MSOCache\All Users\{90140000-0117-0409-1000-0000000FF1CE}-C\Setup.xml
|
MD5:
93ee9cd95ab55ff8f6ef528a9b5e9353
SHA1:
3f65050e0a2e4663f4bac11db15883aaaebc0aa4
SHA256:
1d4f34b711d3914eb3a1c2298740b0138f7f5983cc49fa5aa6cd4304cd855d31
SSDeep:
48:dsxQs2wCszrk3ojUvybPlN3ISU/UP9Q9m802qd8z41gSieHxbpHLXuRhxT:z+o3ojUvcH3x9W702tnqxl7u5
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\MSOCache\All Users\{90140000-0117-0409-1000-0000000FF1CE}-C\Setup.xml.nemty
|
MD5:
93ee9cd95ab55ff8f6ef528a9b5e9353
SHA1:
3f65050e0a2e4663f4bac11db15883aaaebc0aa4
SHA256:
1d4f34b711d3914eb3a1c2298740b0138f7f5983cc49fa5aa6cd4304cd855d31
SSDeep:
48:dsxQs2wCszrk3ojUvybPlN3ISU/UP9Q9m802qd8z41gSieHxbpHLXuRhxT:z+o3ojUvcH3x9W702tnqxl7u5
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\MSOCache\All Users\{91140000-0011-0000-1000-0000000FF1CE}-C\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\MSOCache\All Users\{91140000-0011-0000-1000-0000000FF1CE}-C\Office32WW.msi
|
MD5:
53cf730d253d0557122d077412da911c
SHA1:
0c3bc88b8e024d97aa5d3c183129ff08019a0621
SHA256:
b1a9bbf09a6acd3c39f4d8996b098a4f6add8eec509c0a0ff25e721f084c3520
SSDeep:
49152:620P726ypjtQu9FgNKQd0urP2RTrJoB8183757TVtJBPsjI8:ftzfukg8GrxJly
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\MSOCache\All Users\{91140000-0011-0000-1000-0000000FF1CE}-C\Office32WW.msi.nemty
|
MD5:
53cf730d253d0557122d077412da911c
SHA1:
0c3bc88b8e024d97aa5d3c183129ff08019a0621
SHA256:
b1a9bbf09a6acd3c39f4d8996b098a4f6add8eec509c0a0ff25e721f084c3520
SSDeep:
49152:620P726ypjtQu9FgNKQd0urP2RTrJoB8183757TVtJBPsjI8:ftzfukg8GrxJly
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\MSOCache\All Users\{91140000-0011-0000-1000-0000000FF1CE}-C\Office32WW.xml
|
MD5:
924dbd96eb228bb3d409616818489e97
SHA1:
a2f29f281a9c250653770e8620c92fef4fafc8ed
SHA256:
e4219bac5c544d1fd948e34c93e8b304e6999cba13afd68da4834167756fe558
SSDeep:
96:mW7ciLq2kXTzFaIgU+Kfhs29Si3kov3oozcEsjM4SAZRXcY1JPFcMm/amrjf7u:/UfE1U+shsn8bzcDM4SAZRM4PyMmNvju
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\MSOCache\All Users\{91140000-0011-0000-1000-0000000FF1CE}-C\Office32WW.xml.nemty
|
MD5:
924dbd96eb228bb3d409616818489e97
SHA1:
a2f29f281a9c250653770e8620c92fef4fafc8ed
SHA256:
e4219bac5c544d1fd948e34c93e8b304e6999cba13afd68da4834167756fe558
SSDeep:
96:mW7ciLq2kXTzFaIgU+Kfhs29Si3kov3oozcEsjM4SAZRXcY1JPFcMm/amrjf7u:/UfE1U+shsn8bzcDM4SAZRM4PyMmNvju
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\MSOCache\All Users\{91140000-0011-0000-1000-0000000FF1CE}-C\pkeyconfig-office.xrm-ms
|
MD5:
5d71fec578bbd1e2f4e9e73a7ce5e270
SHA1:
e3cecd6d4f32c9bbba4a37e1655f2b9cb74c49aa
SHA256:
55cf1a68f40d96940dbadb9774be8fd0faa719246d45312820e9320fd960978f
SSDeep:
6144:ntvJFOPbqrPj1k9Fk9KPO0V5JrObhEavcIndmL3IE8WntAiTdmcrmfF3BeyUk/:nt/M5lmhEaEIGIE8WtAiIcKflgyUW
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\MSOCache\All Users\{91140000-0011-0000-1000-0000000FF1CE}-C\pkeyconfig-office.xrm-ms.nemty
|
MD5:
5d71fec578bbd1e2f4e9e73a7ce5e270
SHA1:
e3cecd6d4f32c9bbba4a37e1655f2b9cb74c49aa
SHA256:
55cf1a68f40d96940dbadb9774be8fd0faa719246d45312820e9320fd960978f
SSDeep:
6144:ntvJFOPbqrPj1k9Fk9KPO0V5JrObhEavcIndmL3IE8WntAiTdmcrmfF3BeyUk/:nt/M5lmhEaEIGIE8WtAiIcKflgyUW
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\MSOCache\All Users\{91140000-0011-0000-1000-0000000FF1CE}-C\ProPlusrWW.msi
|
MD5:
b81838156081aea86a92e66e6373089d
SHA1:
70018ff42ee53e7f8cc96b493a5e08f46f64276c
SHA256:
fe869c0b004e8e6b922a392073fb13a06761239a3c71df0a55397c3936e07e81
SSDeep:
196608:DwEhychlTvq/rJH+4+kttXTYh5i+MaW/:DwrSTvq3+ktJYKU
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\MSOCache\All Users\{91140000-0011-0000-1000-0000000FF1CE}-C\ProPlusrWW.msi.nemty
|
MD5:
b81838156081aea86a92e66e6373089d
SHA1:
70018ff42ee53e7f8cc96b493a5e08f46f64276c
SHA256:
fe869c0b004e8e6b922a392073fb13a06761239a3c71df0a55397c3936e07e81
SSDeep:
196608:DwEhychlTvq/rJH+4+kttXTYh5i+MaW/:DwrSTvq3+ktJYKU
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\MSOCache\All Users\{91140000-0011-0000-1000-0000000FF1CE}-C\ProPlusrWW.xml
|
MD5:
b76a45f81b9410d116de4d4603b3fe65
SHA1:
cb184d44977af4e7a40f9a7ab8e52f5804a737e8
SHA256:
0cb74f561bb101784810ae90fcfb1a2e9d6383feab7b3b084868666be1f9b674
SSDeep:
384:R8Vfc3uYfL+EuvcNhGcl69YdoC+7RbC16x+iVfWTlwaxTcdBkTyXLsvzbe6BCkcD:RY0+YfL+Euv1O5+7hapEfWOwT+IFRcF1
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\MSOCache\All Users\{91140000-0011-0000-1000-0000000FF1CE}-C\ProPlusrWW.xml.nemty
|
MD5:
b76a45f81b9410d116de4d4603b3fe65
SHA1:
cb184d44977af4e7a40f9a7ab8e52f5804a737e8
SHA256:
0cb74f561bb101784810ae90fcfb1a2e9d6383feab7b3b084868666be1f9b674
SSDeep:
384:R8Vfc3uYfL+EuvcNhGcl69YdoC+7RbC16x+iVfWTlwaxTcdBkTyXLsvzbe6BCkcD:RY0+YfL+Euv1O5+7hapEfWOwT+IFRcF1
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\MSOCache\All Users\{91140000-0011-0000-1000-0000000FF1CE}-C\Setup.xml
|
MD5:
68a5e23a2d76557e652bc03c52cd654d
SHA1:
25a66a5c9b4a960823271c88f56262321746120c
SHA256:
40f591be11a8e6f97808cc15781fd284b9591ac6079a8772194dac7e72e7d8ff
SSDeep:
768:aNHP1YNWkTxd6K0UeMv0zY/u7NoErj1iRcoRXlFC2okiOSk45nlN5R8H:aNHUWWuKNeMv0zY/u7NoErj1iRccXlFl
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\MSOCache\All Users\{91140000-0011-0000-1000-0000000FF1CE}-C\Setup.xml.nemty
|
MD5:
68a5e23a2d76557e652bc03c52cd654d
SHA1:
25a66a5c9b4a960823271c88f56262321746120c
SHA256:
40f591be11a8e6f97808cc15781fd284b9591ac6079a8772194dac7e72e7d8ff
SSDeep:
768:aNHP1YNWkTxd6K0UeMv0zY/u7NoErj1iRcoRXlFC2okiOSk45nlN5R8H:aNHUWWuKNeMv0zY/u7NoErj1iRccXlFl
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\MSOCache\All Users\{91140000-003B-0000-1000-0000000FF1CE}-C\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\MSOCache\All Users\{91140000-003B-0000-1000-0000000FF1CE}-C\Office32WW.msi
|
MD5:
70f5747e930d34b4988ce07bed1ecdfa
SHA1:
10530d8df3442fad641bd5405e0b6e1c565df700
SHA256:
0fdcf1a6215da64977653408e5eeb9278abf5c9b28bdbc86286ad4416065c435
SSDeep:
49152:YQgOswxQPOTyKrT/zLL6/+AozGcynLCvO6m07iWkm7HN438yFc:YQgWxQvKXzLLatcGfLgm07iW9HN438r
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\MSOCache\All Users\{91140000-003B-0000-1000-0000000FF1CE}-C\Office32WW.msi.nemty
|
MD5:
70f5747e930d34b4988ce07bed1ecdfa
SHA1:
10530d8df3442fad641bd5405e0b6e1c565df700
SHA256:
0fdcf1a6215da64977653408e5eeb9278abf5c9b28bdbc86286ad4416065c435
SSDeep:
49152:YQgOswxQPOTyKrT/zLL6/+AozGcynLCvO6m07iWkm7HN438yFc:YQgWxQvKXzLLatcGfLgm07iW9HN438r
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\MSOCache\All Users\{91140000-003B-0000-1000-0000000FF1CE}-C\Office32WW.xml
|
MD5:
5a02ad097f7dd5f6c11313cfb76217c2
SHA1:
fbd90ef629a7fdb54bc08bdcee68660ddbad5402
SHA256:
64dd88e3950ad90d458942e861f7ab1445590cd42c0e2129c5e8427dec273028
SSDeep:
96:btscF2KNucrC3pKIvH16n6oppG20xDcdgbNQBxJ08BNdY:pscFfuj3v67p/0xDcdgbCV08BNdY
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\MSOCache\All Users\{91140000-003B-0000-1000-0000000FF1CE}-C\Office32WW.xml.nemty
|
MD5:
5a02ad097f7dd5f6c11313cfb76217c2
SHA1:
fbd90ef629a7fdb54bc08bdcee68660ddbad5402
SHA256:
64dd88e3950ad90d458942e861f7ab1445590cd42c0e2129c5e8427dec273028
SSDeep:
96:btscF2KNucrC3pKIvH16n6oppG20xDcdgbNQBxJ08BNdY:pscFfuj3v67p/0xDcdgbCV08BNdY
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\MSOCache\All Users\{91140000-003B-0000-1000-0000000FF1CE}-C\pkeyconfig-office.xrm-ms
|
MD5:
c10b53d898bd391435571fd96f7d1671
SHA1:
74cad908606b96c38f475689c7859890aff4476c
SHA256:
1768110f1c58a44e3e7a2945f7f28521671e4d854283cac16fb2ec1f4c12e1f8
SSDeep:
6144:qASDMbqWBGGs+Nk5aSnx2byNbZZeWbqjTRxsWEscSxcRQJi2lKFCTQ/7p:qA1q2Rs+ukSnMbyNbZZfOJLlk4E1
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\MSOCache\All Users\{91140000-003B-0000-1000-0000000FF1CE}-C\pkeyconfig-office.xrm-ms.nemty
|
MD5:
c10b53d898bd391435571fd96f7d1671
SHA1:
74cad908606b96c38f475689c7859890aff4476c
SHA256:
1768110f1c58a44e3e7a2945f7f28521671e4d854283cac16fb2ec1f4c12e1f8
SSDeep:
6144:qASDMbqWBGGs+Nk5aSnx2byNbZZeWbqjTRxsWEscSxcRQJi2lKFCTQ/7p:qA1q2Rs+ukSnMbyNbZZfOJLlk4E1
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\MSOCache\All Users\{91140000-003B-0000-1000-0000000FF1CE}-C\PrjProrWW.msi
|
MD5:
384dec82675046799773a5d315499463
SHA1:
8817db14f257873e34c390b6bfa25c9c79cf07ba
SHA256:
a6cfb38f189098a4768e511a5ebc2821af44244c7caf8e7035d229be3f6d02ec
SSDeep:
196608:KVBBh3EhVFeU4DipPPYm10EmMLMCN3ZErXFGTIIIIIol:KVBvBkYm1ZZELoz
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\MSOCache\All Users\{91140000-003B-0000-1000-0000000FF1CE}-C\PrjProrWW.msi.nemty
|
MD5:
384dec82675046799773a5d315499463
SHA1:
8817db14f257873e34c390b6bfa25c9c79cf07ba
SHA256:
a6cfb38f189098a4768e511a5ebc2821af44244c7caf8e7035d229be3f6d02ec
SSDeep:
196608:KVBBh3EhVFeU4DipPPYm10EmMLMCN3ZErXFGTIIIIIol:KVBvBkYm1ZZELoz
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\MSOCache\All Users\{91140000-003B-0000-1000-0000000FF1CE}-C\PrjProrWW.xml
|
MD5:
ad1d6a789e413ec3ace52063cd8aa083
SHA1:
b26ff86c5afb4168d4ee89b39325292925350185
SHA256:
57cf11b2999b8d146cd6fcd24aa80b7a68843fda10a31f30be9bf979d1c510d0
SSDeep:
96:T4ycXJBOiAYB927vvmIpVWjbV4JO1z5mKXBtrnPZ/8myuwKYUkpOAc6r4XzSSr6O:8rJ4X3RpVW51rBtrnPZ/d9zPq3rwlp
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\MSOCache\All Users\{91140000-003B-0000-1000-0000000FF1CE}-C\PrjProrWW.xml.nemty
|
MD5:
ad1d6a789e413ec3ace52063cd8aa083
SHA1:
b26ff86c5afb4168d4ee89b39325292925350185
SHA256:
57cf11b2999b8d146cd6fcd24aa80b7a68843fda10a31f30be9bf979d1c510d0
SSDeep:
96:T4ycXJBOiAYB927vvmIpVWjbV4JO1z5mKXBtrnPZ/8myuwKYUkpOAc6r4XzSSr6O:8rJ4X3RpVW51rBtrnPZ/d9zPq3rwlp
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\MSOCache\All Users\{91140000-003B-0000-1000-0000000FF1CE}-C\Setup.xml
|
MD5:
111cb63293def87cbbb339405abc66b4
SHA1:
19e1178e7965384f6f8f5df93325530e5ac108e2
SHA256:
9b2e597010ef7371d0cbef27442953b39ca16538d9de885455c480c288c60dab
SSDeep:
192:7486yihoi0d7nrxSylLlbwWKIRsbGrE6ncOcyYdHKAVQ4+U0RxQxsPjssiOZX1fL:V6NoltlhjRM2taVrNofCBLtqL9
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\MSOCache\All Users\{91140000-003B-0000-1000-0000000FF1CE}-C\Setup.xml.nemty
|
MD5:
111cb63293def87cbbb339405abc66b4
SHA1:
19e1178e7965384f6f8f5df93325530e5ac108e2
SHA256:
9b2e597010ef7371d0cbef27442953b39ca16538d9de885455c480c288c60dab
SSDeep:
192:7486yihoi0d7nrxSylLlbwWKIRsbGrE6ncOcyYdHKAVQ4+U0RxQxsPjssiOZX1fL:V6NoltlhjRM2taVrNofCBLtqL9
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\MSOCache\All Users\{91140000-0057-0000-1000-0000000FF1CE}-C\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\MSOCache\All Users\{91140000-0057-0000-1000-0000000FF1CE}-C\Office32WW.msi
|
MD5:
ad0072f33afc63b7592557b23371138b
SHA1:
5d27fda9e5cf5cc57f712e94d86e67d37ede5a6b
SHA256:
51492dd5be8041a9414810a9fee122e8589d12f682bb178f77646c071b3eddd5
SSDeep:
24576:/KrKw3OqGmusYcUUh+PcVUC3m+b0+iOPG/Yr8aaEDN0dItO2eDxxH+GLq4k4mO:/fmuHeh+Pu93m+o+iOPcezk52e9Z+gSO
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\MSOCache\All Users\{91140000-0057-0000-1000-0000000FF1CE}-C\Office32WW.msi.nemty
|
MD5:
ad0072f33afc63b7592557b23371138b
SHA1:
5d27fda9e5cf5cc57f712e94d86e67d37ede5a6b
SHA256:
51492dd5be8041a9414810a9fee122e8589d12f682bb178f77646c071b3eddd5
SSDeep:
24576:/KrKw3OqGmusYcUUh+PcVUC3m+b0+iOPG/Yr8aaEDN0dItO2eDxxH+GLq4k4mO:/fmuHeh+Pu93m+o+iOPcezk52e9Z+gSO
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\MSOCache\All Users\{91140000-0057-0000-1000-0000000FF1CE}-C\Office32WW.xml
|
MD5:
3eefbb869c44710da2fb89aadacde613
SHA1:
5e8c50ef863d83021577e12c3afedfd3256dcc72
SHA256:
b27c5188d8dee9183afe7ee45bf53372ba9617f451cc0d20b1d59b74a924bbbf
SSDeep:
96:uwM9urzHQhlCq6Z2X6GnC5i7g5eYCygFu7E:uh97hldFKACo7LyacE
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\MSOCache\All Users\{91140000-0057-0000-1000-0000000FF1CE}-C\Office32WW.xml.nemty
|
MD5:
3eefbb869c44710da2fb89aadacde613
SHA1:
5e8c50ef863d83021577e12c3afedfd3256dcc72
SHA256:
b27c5188d8dee9183afe7ee45bf53372ba9617f451cc0d20b1d59b74a924bbbf
SSDeep:
96:uwM9urzHQhlCq6Z2X6GnC5i7g5eYCygFu7E:uh97hldFKACo7LyacE
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\MSOCache\All Users\{91140000-0057-0000-1000-0000000FF1CE}-C\pkeyconfig-office.xrm-ms
|
MD5:
bba90f25bd5f3e595c8b3b8b7b97561c
SHA1:
452204107d31d4e4feccf1d59bf2d780e34beb46
SHA256:
ad2057a9603e4ab874ed16c57edd34c35bd585932bdcae507013a54b4d986a76
SSDeep:
12288:kewMLBa6qD+/YdnAOeNH+3AFXIejntNdQ0R4ebGuKGvew35Voku+3qgqVHV4BCaZ:bw8Ba6qD+/YdnAOeNH+3AFIejntNdQ0B
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\MSOCache\All Users\{91140000-0057-0000-1000-0000000FF1CE}-C\pkeyconfig-office.xrm-ms.nemty
|
MD5:
bba90f25bd5f3e595c8b3b8b7b97561c
SHA1:
452204107d31d4e4feccf1d59bf2d780e34beb46
SHA256:
ad2057a9603e4ab874ed16c57edd34c35bd585932bdcae507013a54b4d986a76
SSDeep:
12288:kewMLBa6qD+/YdnAOeNH+3AFXIejntNdQ0R4ebGuKGvew35Voku+3qgqVHV4BCaZ:bw8Ba6qD+/YdnAOeNH+3AFIejntNdQ0B
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\MSOCache\All Users\{91140000-0057-0000-1000-0000000FF1CE}-C\Setup.xml
|
MD5:
adc9d6eed78df852422a0da456860128
SHA1:
3394667b1d3a13d1840d833d131e790f881ec9eb
SHA256:
8fefcbc08f2425a8be2b0ff267ff7670752f9ac8e6b09fc3dd87110157205dac
SSDeep:
384:/E3AqxvostOq4+qOsCvokvsPn9sX/aQoX9T6d4Xs7EyWtFKiozA8GfrTqs:/E3A6voWOq8OsCvokvZPaQosd2s7Ey4v
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\MSOCache\All Users\{91140000-0057-0000-1000-0000000FF1CE}-C\Setup.xml.nemty
|
MD5:
adc9d6eed78df852422a0da456860128
SHA1:
3394667b1d3a13d1840d833d131e790f881ec9eb
SHA256:
8fefcbc08f2425a8be2b0ff267ff7670752f9ac8e6b09fc3dd87110157205dac
SSDeep:
384:/E3AqxvostOq4+qOsCvokvsPn9sX/aQoX9T6d4Xs7EyWtFKiozA8GfrTqs:/E3A6voWOq8OsCvokvZPaQosd2s7Ey4v
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\MSOCache\All Users\{91140000-0057-0000-1000-0000000FF1CE}-C\VisiorWW.msi
|
MD5:
5832749f0da2f402d378ff82d3f31c6f
SHA1:
2daf1cfb2b2d26052f71a2ae218842e727bab6bf
SHA256:
b18dbb9f8951b894207f56dd958c7599010b78de2522f4e91f07b8222e1e7ebc
SSDeep:
98304:cH3thJZchjWpUXDTvfI5qXK6q7/0C3MyRBHGooIJTlAktF+5+qTIIIIIy:wthvchvTvfAragHvTlAksTIIIIIy
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\MSOCache\All Users\{91140000-0057-0000-1000-0000000FF1CE}-C\VisiorWW.msi.nemty
|
MD5:
5832749f0da2f402d378ff82d3f31c6f
SHA1:
2daf1cfb2b2d26052f71a2ae218842e727bab6bf
SHA256:
b18dbb9f8951b894207f56dd958c7599010b78de2522f4e91f07b8222e1e7ebc
SSDeep:
98304:cH3thJZchjWpUXDTvfI5qXK6q7/0C3MyRBHGooIJTlAktF+5+qTIIIIIy:wthvchvTvfAragHvTlAksTIIIIIy
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\MSOCache\All Users\{91140000-0057-0000-1000-0000000FF1CE}-C\VisiorWW.xml
|
MD5:
0d0c473a9f2192f7a39002daa5aa8736
SHA1:
86eb7b27593ebf3fabd52724e8980ad8680fb256
SHA256:
e4952b1bae6b7f4d5e3534a93b6b220f018a10f49bfb6ebcb73623f2a0a42ade
SSDeep:
192:MwrjBVCBpIJUqxZ3fV3XQkXhJaxOY/sEnTu8:MwrVVE5qxRfGC8Ous+u8
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\MSOCache\All Users\{91140000-0057-0000-1000-0000000FF1CE}-C\VisiorWW.xml.nemty
|
MD5:
0d0c473a9f2192f7a39002daa5aa8736
SHA1:
86eb7b27593ebf3fabd52724e8980ad8680fb256
SHA256:
e4952b1bae6b7f4d5e3534a93b6b220f018a10f49bfb6ebcb73623f2a0a42ade
SSDeep:
192:MwrjBVCBpIJUqxZ3fV3XQkXhJaxOY/sEnTu8:MwrVVE5qxRfGC8Ous+u8
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\MSOCache\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\pagefile.sys
|
-
|
Access, Delete
|
|
C:\pagefile.sys.nemty
|
-
|
Access, Create
|
|
C:\PerfLogs\Admin\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\PerfLogs\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\DVD Maker\audiodepthconverter.ax
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\audiodepthconverter.ax.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\directshowtap.ax
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\directshowtap.ax.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\en-US\DVDMaker.exe.mui
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\en-US\DVDMaker.exe.mui.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\en-US\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\DVD Maker\en-US\OmdProject.dll.mui
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\en-US\OmdProject.dll.mui.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\en-US\WMM2CLIP.dll.mui
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\en-US\WMM2CLIP.dll.mui.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\fieldswitch.ax
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\fieldswitch.ax.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\DVD Maker\offset.ax
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\offset.ax.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\rtstreamsink.ax
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\rtstreamsink.ax.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\rtstreamsource.ax
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\rtstreamsource.ax.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\Common.fxh
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\Common.fxh.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DissolveAnother.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DissolveAnother.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DissolveNoise.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DissolveNoise.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\16to9Squareframe_Buttongraphic.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\16to9Squareframe_Buttongraphic.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\16to9Squareframe_SelectionSubpicture.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\16to9Squareframe_SelectionSubpicture.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\16to9Squareframe_VideoInset.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\16to9Squareframe_VideoInset.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\4to3Squareframe_Buttongraphic.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\4to3Squareframe_Buttongraphic.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\4to3Squareframe_SelectionSubpicture.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\4to3Squareframe_SelectionSubpicture.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\4to3Squareframe_VideoInset.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\4to3Squareframe_VideoInset.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\babyblue.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\babyblue.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainBackground.wmv
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainBackground.wmv.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainBackground_PAL.wmv
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainBackground_PAL.wmv.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainToNotesBackground.wmv
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainToNotesBackground.wmv.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainToNotesBackground_PAL.wmv
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainToNotesBackground_PAL.wmv.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainToScenesBackground.wmv
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainToScenesBackground.wmv.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainToScenesBackground_PAL.wmv
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainToScenesBackground_PAL.wmv.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyNotesBackground.wmv
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyNotesBackground.wmv.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyNotesBackground_PAL.wmv
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyNotesBackground_PAL.wmv.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyScenesBackground.wmv
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyScenesBackground.wmv.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyScenesBackground_PAL.wmv
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyScenesBackground_PAL.wmv.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\LightBlueRectangle.PNG
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\LightBlueRectangle.PNG.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\MainMenuButtonIcon.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\MainMenuButtonIcon.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\nav_leftarrow.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\nav_leftarrow.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\nav_rightarrow.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\nav_rightarrow.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\nav_uparrow.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\nav_uparrow.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\navSubpicture.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\navSubpicture.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\16_9-frame-background.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\16_9-frame-background.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\16_9-frame-highlight.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\16_9-frame-highlight.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\16_9-frame-image-mask.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\16_9-frame-image-mask.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\babypink.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\babypink.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\background.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\background.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\bear_formatted_matte2.wmv
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\bear_formatted_matte2.wmv.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\Bear_Formatted_MATTE2_PAL.wmv
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\Bear_Formatted_MATTE2_PAL.wmv.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\bear_formatted_rgb6.wmv
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\bear_formatted_rgb6.wmv.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\Bear_Formatted_RGB6_PAL.wmv
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\Bear_Formatted_RGB6_PAL.wmv.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\btn-back-static.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\btn-back-static.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\btn-next-static.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\btn-next-static.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\btn-previous-static.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\btn-previous-static.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\button-highlight.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\button-highlight.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\chapters-static.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\chapters-static.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\content-background.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\content-background.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\content-foreground.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\content-foreground.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\curtains.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\curtains.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_precomp_matte.wmv
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_precomp_matte.wmv.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_PreComp_MATTE_PAL.wmv
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_PreComp_MATTE_PAL.wmv.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_trans_matte.wmv
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_trans_matte.wmv.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_trans_MATTE_PAL.wmv
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_trans_MATTE_PAL.wmv.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_trans_rgb.wmv
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_trans_rgb.wmv.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_trans_RGB_PAL.wmv
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_trans_RGB_PAL.wmv.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\highlight.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\highlight.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\mainimage-mask.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\mainimage-mask.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\notes-static.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\notes-static.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\play-static.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\play-static.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BlackRectangle.bmp
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\BlackRectangle.bmp.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Circle_ButtonGraphic.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Circle_ButtonGraphic.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\circle_glass_Thumbnail.bmp
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\circle_glass_Thumbnail.bmp.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Circle_SelectionSubpictureA.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Circle_SelectionSubpictureA.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Circle_SelectionSubpictureB.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Circle_SelectionSubpictureB.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Circle_VideoInset.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Circle_VideoInset.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\circleround_glass.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\circleround_glass.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\circleround_selectionsubpicture.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\circleround_selectionsubpicture.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\circleround_videoinset.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\circleround_videoinset.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\cloud_Thumbnail.bmp
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\cloud_Thumbnail.bmp.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Dot.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Dot.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\DvdTransform.fx
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\DvdTransform.fx.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\1047x576black.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\1047x576black.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\203x8subpicture.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\203x8subpicture.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationLeft_ButtonGraphic.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationLeft_ButtonGraphic.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationLeft_SelectionSubpicture.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationLeft_SelectionSubpicture.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationRight_ButtonGraphic.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationRight_ButtonGraphic.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationRight_SelectionSubpicture.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationRight_SelectionSubpicture.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationUp_ButtonGraphic.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationUp_ButtonGraphic.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationUp_SelectionSubpicture.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationUp_SelectionSubpicture.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\pagecurl.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\pagecurl.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Full\1047x576black.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Full\1047x576black.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Full\15x15dot.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Full\15x15dot.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Full\dotsdarkoverlay.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Full\dotsdarkoverlay.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Full\dotslightoverlay.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Full\dotslightoverlay.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Full\full.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Full\full.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationLeft_ButtonGraphic.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationLeft_ButtonGraphic.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationLeft_SelectionSubpicture.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationLeft_SelectionSubpicture.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationRight_ButtonGraphic.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationRight_ButtonGraphic.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationRight_SelectionSubpicture.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationRight_SelectionSubpicture.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationUp_ButtonGraphic.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationUp_ButtonGraphic.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationUp_SelectionSubpicture.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationUp_SelectionSubpicture.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Full\pushplaysubpicture.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Full\pushplaysubpicture.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Heart_ButtonGraphic.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Heart_ButtonGraphic.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\heart_glass_Thumbnail.bmp
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\heart_glass_Thumbnail.bmp.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Heart_SelectionSubpicture.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Heart_SelectionSubpicture.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Heart_VideoInset.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Heart_VideoInset.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\1047x576black.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\1047x576black.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\15x15dot.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\15x15dot.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\colorcycle.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\colorcycle.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\huemainsubpicture2.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\huemainsubpicture2.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationLeft_ButtonGraphic.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationLeft_ButtonGraphic.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationLeft_SelectionSubpicture.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationLeft_SelectionSubpicture.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationRight_ButtonGraphic.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationRight_ButtonGraphic.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationRight_SelectionSubpicture.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationRight_SelectionSubpicture.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationUp_ButtonGraphic.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationUp_ButtonGraphic.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationUp_SelectionSubpicture.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationUp_SelectionSubpicture.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\title_stripe.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\title_stripe.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\1047x576black.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\1047x576black.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\203x8subpicture.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\203x8subpicture.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\blackbars60.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\blackbars60.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\layers.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\layers.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationLeft_ButtonGraphic.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationLeft_ButtonGraphic.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationLeft_SelectionSubpicture.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationLeft_SelectionSubpicture.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationRight_ButtonGraphic.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationRight_ButtonGraphic.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationRight_SelectionSubpicture.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationRight_SelectionSubpicture.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationUp_ButtonGraphic.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationUp_ButtonGraphic.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationUp_SelectionSubpicture.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationUp_SelectionSubpicture.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\16_9-frame-background.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\16_9-frame-background.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\16_9-frame-highlight.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\16_9-frame-highlight.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\16_9-frame-image-mask.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\16_9-frame-image-mask.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\16_9-frame-overlay.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\16_9-frame-overlay.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\background.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\background.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\btn-back-static.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\btn-back-static.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\btn-next-static.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\btn-next-static.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\btn-previous-static.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\btn-previous-static.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\button-highlight.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\button-highlight.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\button-overlay.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\button-overlay.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Memories_buttonClear.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Memories_buttonClear.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Notes_btn-back-static.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Notes_btn-back-static.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Notes_content-background.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Notes_content-background.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\scrapbook.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\scrapbook.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Title_content-background.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Title_content-background.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Title_mainImage-mask.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Title_mainImage-mask.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Title_select-highlight.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Title_select-highlight.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\menu_style_default_Thumbnail.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\menu_style_default_Thumbnail.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationLeft_ButtonGraphic.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationLeft_ButtonGraphic.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationLeft_SelectionSubpicture.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationLeft_SelectionSubpicture.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationRight_ButtonGraphic.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationRight_ButtonGraphic.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationRight_SelectionSubpicture.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationRight_SelectionSubpicture.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationUp_ButtonGraphic.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationUp_ButtonGraphic.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationUp_SelectionSubpicture.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationUp_SelectionSubpicture.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\1047x576black.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\1047x576black.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\15x15dot.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\15x15dot.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\decorative_rule.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\decorative_rule.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationLeft_ButtonGraphic.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationLeft_ButtonGraphic.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationLeft_SelectionSubpicture.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationLeft_SelectionSubpicture.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationRight_ButtonGraphic.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationRight_ButtonGraphic.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationRight_SelectionSubpicture.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationRight_SelectionSubpicture.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationUp_ButtonGraphic.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationUp_ButtonGraphic.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationUp_SelectionSubpicture.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationUp_SelectionSubpicture.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\vintage.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\vintage.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\720x480blacksquare.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\720x480blacksquare.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\NextMenuButtonIcon.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\NextMenuButtonIcon.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\NextMenuButtonIconSubpictur.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\NextMenuButtonIconSubpictur.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Notes_loop.wmv
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Notes_loop.wmv.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Notes_loop_PAL.wmv
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Notes_loop_PAL.wmv.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\ParentMenuButtonIcon.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\ParentMenuButtonIcon.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\ParentMenuButtonIconSubpict.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\ParentMenuButtonIconSubpict.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Perf_Scenes_Mask1.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Perf_Scenes_Mask1.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Perf_Scenes_Subpicture1.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Perf_Scenes_Subpicture1.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\performance.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\performance.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\PreviousMenuButtonIcon.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\PreviousMenuButtonIcon.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\PreviousMenuButtonIconSubpi.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\PreviousMenuButtonIconSubpi.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\redmenu.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\redmenu.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Scene_loop.wmv
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Scene_loop.wmv.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Scene_loop_PAL.wmv
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Scene_loop_PAL.wmv.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Title_Page.wmv
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Title_Page.wmv.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Title_Page_PAL.wmv
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Title_Page_PAL.wmv.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\title_trans_notes.wmv
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\title_trans_notes.wmv.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Title_Trans_Notes_PAL.wmv
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Title_Trans_Notes_PAL.wmv.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\title_trans_scene.wmv
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\title_trans_scene.wmv.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Title_Trans_Scene_PAL.wmv
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Title_Trans_Scene_PAL.wmv.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\TitleButtonIcon.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\TitleButtonIcon.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\TitleButtonSubpicture.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\TitleButtonSubpicture.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\userContent_16x9_imagemask.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\userContent_16x9_imagemask.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\whitemenu.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\whitemenu.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Notes_INTRO_BG.wmv
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Notes_INTRO_BG.wmv.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Notes_INTRO_BG_PAL.wmv
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Notes_INTRO_BG_PAL.wmv.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Notes_LOOP_BG.wmv
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Notes_LOOP_BG.wmv.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Notes_LOOP_BG_PAL.wmv
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Notes_LOOP_BG_PAL.wmv.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-back-over-select.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-back-over-select.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-back-static.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-back-static.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-next-over-select.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-next-over-select.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-next-static.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-next-static.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-over-DOT.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-over-DOT.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-previous-over-select.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-previous-over-select.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-previous-static.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-previous-static.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_frame-border.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_frame-border.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_frame-highlight.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_frame-highlight.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_frame-imageMask.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_frame-imageMask.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_frame-shadow.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_frame-shadow.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_image-frame-backglow.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_image-frame-backglow.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_image-frame-border.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_image-frame-border.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_image-frame-ImageMask.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_image-frame-ImageMask.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_notes-txt-background.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_notes-txt-background.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\rollinghills.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\rollinghills.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Scenes_INTRO_BG.wmv
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Scenes_INTRO_BG.wmv.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Scenes_INTRO_BG_PAL.wmv
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Scenes_INTRO_BG_PAL.wmv.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Scenes_LOOP_BG.wmv
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Scenes_LOOP_BG.wmv.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Scenes_LOOP_BG_PAL.wmv
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Scenes_LOOP_BG_PAL.wmv.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Title_Page_Ref.wmv
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Title_Page_Ref.wmv.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Title_Page_Ref_PAL.wmv
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Title_Page_Ref_PAL.wmv.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\photoedge_buttongraphic.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\photoedge_buttongraphic.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\photoedge_selectionsubpicture.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\photoedge_selectionsubpicture.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\photoedge_videoinset.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\photoedge_videoinset.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Postage_ButtonGraphic.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Postage_ButtonGraphic.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Postage_SelectionSubpicture.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Postage_SelectionSubpicture.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Postage_VideoInset.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Postage_VideoInset.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Push\1047_576black.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Push\1047_576black.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Push\1047x576black.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Push\1047x576black.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationLeft_ButtonGraphic.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationLeft_ButtonGraphic.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationLeft_SelectionSubpicture.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationLeft_SelectionSubpicture.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationRight_ButtonGraphic.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationRight_ButtonGraphic.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationRight_SelectionSubpicture.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationRight_SelectionSubpicture.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationUp_ButtonGraphic.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationUp_ButtonGraphic.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationUp_SelectionSubpicture.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationUp_SelectionSubpicture.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Push\push.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Push\push.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Push\push_item.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Push\push_item.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Push\push_title.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Push\push_title.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Push\pushplaysubpicture.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Push\pushplaysubpicture.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_babypink_Thumbnail.bmp
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_babypink_Thumbnail.bmp.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_glass_Thumbnail.bmp
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_glass_Thumbnail.bmp.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_highlights_Thumbnail.bmp
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_highlights_Thumbnail.bmp.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_performance_Thumbnail.bmp
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_performance_Thumbnail.bmp.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_photo_Thumbnail.bmp
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_photo_Thumbnail.bmp.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_plain_Thumbnail.bmp
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_plain_Thumbnail.bmp.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_postage_Thumbnail.bmp
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_postage_Thumbnail.bmp.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_scrapbook_Thumbnail.bmp
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_scrapbook_Thumbnail.bmp.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_specialocc_Thumbnail.bmp
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_specialocc_Thumbnail.bmp.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_travel_Thumbnail.bmp
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_travel_Thumbnail.bmp.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_widescreen_Thumbnail.bmp
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_widescreen_Thumbnail.bmp.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\1047x576_91n92.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\1047x576_91n92.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\1047x576black.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\1047x576black.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\15x15dot.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\15x15dot.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\720x480icongraphic.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\720x480icongraphic.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationLeft_ButtonGraphic.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationLeft_ButtonGraphic.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationLeft_SelectionSubpicture.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationLeft_SelectionSubpicture.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationRight_ButtonGraphic.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationRight_ButtonGraphic.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationRight_SelectionSubpicture.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationRight_SelectionSubpicture.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationUp_ButtonGraphic.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationUp_ButtonGraphic.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationUp_SelectionSubpicture.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationUp_SelectionSubpicture.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\reflect.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\reflect.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\vistabg.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\vistabg.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\1047x576black.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\1047x576black.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\203x8subpicture.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\203x8subpicture.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\bandwidth.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\bandwidth.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\blackbars80.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\blackbars80.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationLeft_ButtonGraphic.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationLeft_ButtonGraphic.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationLeft_SelectionSubpicture.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationLeft_SelectionSubpicture.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationRight_ButtonGraphic.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationRight_ButtonGraphic.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationRight_SelectionSubpicture.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationRight_SelectionSubpicture.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationUp_ButtonGraphic.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationUp_ButtonGraphic.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationUp_SelectionSubpicture.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationUp_SelectionSubpicture.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\Panel_Mask.wmv
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\Panel_Mask.wmv.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\Panel_Mask_PAL.wmv
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\Panel_Mask_PAL.wmv.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\scene_button_style_default_Thumbnail.bmp
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\scene_button_style_default_Thumbnail.bmp.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\shadowonlyframe_buttongraphic.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\shadowonlyframe_buttongraphic.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\shadowonlyframe_selectionsubpicture.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\shadowonlyframe_selectionsubpicture.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\shadowonlyframe_videoinset.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\shadowonlyframe_videoinset.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\1047x576black.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\1047x576black.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\203x8subpicture.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\203x8subpicture.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationLeft_ButtonGraphic.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationLeft_ButtonGraphic.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationLeft_SelectionSubpicture.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationLeft_SelectionSubpicture.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationRight_ButtonGraphic.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationRight_ButtonGraphic.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationRight_SelectionSubpicture.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationRight_SelectionSubpicture.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationUp_ButtonGraphic.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationUp_ButtonGraphic.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationUp_SelectionSubpicture.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationUp_SelectionSubpicture.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\shatter.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\shatter.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\1047x576black.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\1047x576black.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\mainscroll.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\mainscroll.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationLeft_ButtonGraphic.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationLeft_ButtonGraphic.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationLeft_SelectionSubpicture.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationLeft_SelectionSubpicture.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationRight_ButtonGraphic.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationRight_ButtonGraphic.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationRight_SelectionSubpicture.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationRight_SelectionSubpicture.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationUp_ButtonGraphic.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationUp_ButtonGraphic.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationUp_SelectionSubpicture.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationUp_SelectionSubpicture.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\scenesscroll.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\scenesscroll.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\specialmainsubpicture.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\specialmainsubpicture.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationLeft_ButtonGraphic.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationLeft_ButtonGraphic.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationLeft_SelectionSubpicture.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationLeft_SelectionSubpicture.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationRight_ButtonGraphic.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationRight_ButtonGraphic.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationRight_SelectionSubpicture.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationRight_SelectionSubpicture.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationUp_ButtonGraphic.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationUp_ButtonGraphic.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationUp_SelectionSubpicture.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationUp_SelectionSubpicture.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\specialoccasion.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\specialoccasion.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\whitemask1047.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\whitemask1047.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\whitevignette1047.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\whitevignette1047.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\CircleSubpicture.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\CircleSubpicture.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\GoldRing.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\GoldRing.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\highlight.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\highlight.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\NavigationButtonSubpicture.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\NavigationButtonSubpicture.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\NextMenuButtonIcon.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\NextMenuButtonIcon.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\ParentMenuButtonIcon.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\ParentMenuButtonIcon.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\PreviousMenuButtonIcon.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\PreviousMenuButtonIcon.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SceneButtonInset_Alpha1.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SceneButtonInset_Alpha1.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SceneButtonInset_Alpha2.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SceneButtonInset_Alpha2.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SceneButtonSubpicture.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SceneButtonSubpicture.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\sports_disc_mask.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\sports_disc_mask.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainBackground.wmv
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainBackground.wmv.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainBackground_PAL.wmv
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainBackground_PAL.wmv.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainToNotesBackground.wmv
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainToNotesBackground.wmv.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainToNotesBackground_PAL.wmv
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainToNotesBackground_PAL.wmv.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainToScenesBackground.wmv
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainToScenesBackground.wmv.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainToScenesBackground_PAL.wmv
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainToScenesBackground_PAL.wmv.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsNotesBackground.wmv
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsNotesBackground.wmv.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsNotesBackground_PAL.wmv
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsNotesBackground_PAL.wmv.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsScenesBackground.wmv
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsScenesBackground.wmv.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsScenesBackground_PAL.wmv
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsScenesBackground_PAL.wmv.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\1047x576_91n92.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\1047x576_91n92.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\1047x576black.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\1047x576black.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\15x15dot.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\15x15dot.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\720_480shadow.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\720_480shadow.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\720x480icongraphic.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\720x480icongraphic.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationLeft_ButtonGraphic.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationLeft_ButtonGraphic.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationLeft_SelectionSubpicture.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationLeft_SelectionSubpicture.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationRight_ButtonGraphic.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationRight_ButtonGraphic.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationRight_SelectionSubpicture.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationRight_SelectionSubpicture.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationUp_ButtonGraphic.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationUp_ButtonGraphic.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationUp_SelectionSubpicture.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationUp_SelectionSubpicture.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\photograph.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\photograph.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-background.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-background.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-highlight.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-highlight.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-image-inset.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-image-inset.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\btn-back-static.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\btn-back-static.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\btn-next-static.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\btn-next-static.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\btn-previous-static.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\btn-previous-static.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\button-bullet.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\button-bullet.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\button-highlight.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\button-highlight.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\content-background.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\content-background.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\header-background.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\header-background.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\passport.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\passport.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\Passport.wmv
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\Passport.wmv.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\passport_mask_left.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\passport_mask_left.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\passport_mask_right.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\passport_mask_right.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\Passport_PAL.wmv
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\Passport_PAL.wmv.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\passportcover.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\passportcover.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\PassportMask.wmv
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\PassportMask.wmv.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\PassportMask_PAL.wmv
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\PassportMask_PAL.wmv.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\play-background.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\play-background.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\selection_subpicture.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\selection_subpicture.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\travel.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\travel.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\TravelIntroToMain.wmv
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\TravelIntroToMain.wmv.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\TravelIntroToMain_PAL.wmv
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\TravelIntroToMain_PAL.wmv.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\TravelIntroToMainMask.wmv
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\TravelIntroToMainMask.wmv.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\TravelIntroToMainMask_PAL.wmv
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\TravelIntroToMainMask_PAL.wmv.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\VideoWall\203x8subpicture.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\VideoWall\203x8subpicture.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\VideoWall\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\DVD Maker\Shared\DvdStyles\VideoWall\videowall.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\VideoWall\videowall.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\1047x576black.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\1047x576black.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\15x15dot.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\15x15dot.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NavigationLeft_ButtonGraphic.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NavigationLeft_ButtonGraphic.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NavigationLeft_SelectionSubpicture.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NavigationLeft_SelectionSubpicture.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NavigationRight_ButtonGraphic.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NavigationRight_ButtonGraphic.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NavigationRight_SelectionSubpicture.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NavigationRight_SelectionSubpicture.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NavigationUp_ButtonGraphic.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NavigationUp_ButtonGraphic.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NavigationUp_SelectionSubpicture.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NavigationUp_SelectionSubpicture.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\softedges.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\softedges.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\vignettemask25.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\vignettemask25.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\whiteband.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\whiteband.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\WhiteDot.png
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\DvdStyles\WhiteDot.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\Filters.xml
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\Filters.xml.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\Shared\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\DVD Maker\Shared\Parity.fx
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\Shared\Parity.fx.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\soniccolorconverter.ax
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\soniccolorconverter.ax.nemty
|
-
|
Access, Create
|
|
C:\Program Files\DVD Maker\sonicsptransform.ax
|
-
|
Access, Delete
|
|
C:\Program Files\DVD Maker\sonicsptransform.ax.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Internet Explorer\en-US\hmmapi.dll.mui
|
-
|
Access, Delete
|
|
C:\Program Files\Internet Explorer\en-US\hmmapi.dll.mui.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Internet Explorer\en-US\iedvtool.dll.mui
|
-
|
Access, Delete
|
|
C:\Program Files\Internet Explorer\en-US\iedvtool.dll.mui.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Internet Explorer\en-US\ieinstal.exe.mui
|
-
|
Access, Delete
|
|
C:\Program Files\Internet Explorer\en-US\ieinstal.exe.mui.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Internet Explorer\en-US\ielowutil.exe.mui
|
-
|
Access, Delete
|
|
C:\Program Files\Internet Explorer\en-US\ielowutil.exe.mui.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Internet Explorer\en-US\iexplore.exe.mui
|
-
|
Access, Delete
|
|
C:\Program Files\Internet Explorer\en-US\iexplore.exe.mui.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Internet Explorer\en-US\jsdbgui.dll.mui
|
-
|
Access, Delete
|
|
C:\Program Files\Internet Explorer\en-US\jsdbgui.dll.mui.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Internet Explorer\en-US\jsdebuggeride.dll.mui
|
-
|
Access, Delete
|
|
C:\Program Files\Internet Explorer\en-US\jsdebuggeride.dll.mui.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Internet Explorer\en-US\JSProfilerCore.dll.mui
|
-
|
Access, Delete
|
|
C:\Program Files\Internet Explorer\en-US\JSProfilerCore.dll.mui.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Internet Explorer\en-US\jsprofilerui.dll.mui
|
-
|
Access, Delete
|
|
C:\Program Files\Internet Explorer\en-US\jsprofilerui.dll.mui.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Internet Explorer\en-US\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\Internet Explorer\ie8props.propdesc
|
-
|
Access, Delete
|
|
C:\Program Files\Internet Explorer\ie8props.propdesc.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Internet Explorer\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\Internet Explorer\SIGNUP\install.ins
|
MD5:
a4249149f4519fc50a58ce6ec6bd0d8e
SHA1:
9a972c96e45bcf544c140b57fbc9e6feb7648fde
SHA256:
6e415e164c39e321eea85aee14766b1c611aebbcba36694cba19d59f4e8baea6
SSDeep:
12:2v9jDThDdoUtbu86GoJuoEWv+bDKGh09t6E0dolF+UdpKViCX5c4D8CZT/iDqiks:2lnWq8paolwU/KVitU8CZzmz9
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\Program Files\Internet Explorer\SIGNUP\install.ins.nemty
|
MD5:
a4249149f4519fc50a58ce6ec6bd0d8e
SHA1:
9a972c96e45bcf544c140b57fbc9e6feb7648fde
SHA256:
6e415e164c39e321eea85aee14766b1c611aebbcba36694cba19d59f4e8baea6
SSDeep:
12:2v9jDThDdoUtbu86GoJuoEWv+bDKGh09t6E0dolF+UdpKViCX5c4D8CZT/iDqiks:2lnWq8paolwU/KVitU8CZzmz9
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\Program Files\Internet Explorer\SIGNUP\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\MSBuild\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\Reference Assemblies\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\Uninstall Information\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\Windows Defender\en-US\MpAsDesc.dll.mui
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Defender\en-US\MpAsDesc.dll.mui.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Defender\en-US\MpEvMsg.dll.mui
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Defender\en-US\MpEvMsg.dll.mui.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Defender\en-US\MsMpRes.dll.mui
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Defender\en-US\MsMpRes.dll.mui.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Defender\en-US\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\Windows Defender\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\Windows Journal\en-US\JNTFiltr.dll.mui
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Journal\en-US\JNTFiltr.dll.mui.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Journal\en-US\jnwdui.dll.mui
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Journal\en-US\jnwdui.dll.mui.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Journal\en-US\jnwmon.dll.mui
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Journal\en-US\jnwmon.dll.mui.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Journal\en-US\Journal.exe.mui
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Journal\en-US\Journal.exe.mui.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Journal\en-US\MSPVWCTL.DLL.mui
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Journal\en-US\MSPVWCTL.DLL.mui.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Journal\en-US\NBMapTIP.dll.mui
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Journal\en-US\NBMapTIP.dll.mui.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Journal\en-US\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\Windows Journal\en-US\PDIALOG.exe.mui
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Journal\en-US\PDIALOG.exe.mui.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Journal\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\Windows Journal\Templates\blank.jtp
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Journal\Templates\blank.jtp.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Journal\Templates\Dotted_Line.jtp
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Journal\Templates\Dotted_Line.jtp.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Journal\Templates\Genko_1.jtp
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Journal\Templates\Genko_1.jtp.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Journal\Templates\Genko_2.jtp
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Journal\Templates\Genko_2.jtp.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Journal\Templates\Graph.jtp
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Journal\Templates\Graph.jtp.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Journal\Templates\Memo.jtp
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Journal\Templates\Memo.jtp.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Journal\Templates\Month_Calendar.jtp
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Journal\Templates\Month_Calendar.jtp.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Journal\Templates\Music.jtp
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Journal\Templates\Music.jtp.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Journal\Templates\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\Windows Journal\Templates\Seyes.jtp
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Journal\Templates\Seyes.jtp.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Journal\Templates\Shorthand.jtp
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Journal\Templates\Shorthand.jtp.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Journal\Templates\To_Do_List.jtp
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Journal\Templates\To_Do_List.jtp.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Mail\en-US\msoeres.dll.mui
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Mail\en-US\msoeres.dll.mui.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Mail\en-US\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\Windows Mail\en-US\WinMail.exe.mui
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Mail\en-US\WinMail.exe.mui.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Mail\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\Windows Media Player\en-US\mpvis.dll.mui
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Media Player\en-US\mpvis.dll.mui.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Media Player\en-US\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\Windows Media Player\en-US\setup_wm.exe.mui
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Media Player\en-US\setup_wm.exe.mui.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Media Player\en-US\wmlaunch.exe.mui
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Media Player\en-US\wmlaunch.exe.mui.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Media Player\en-US\WMPDMC.exe.mui
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Media Player\en-US\WMPDMC.exe.mui.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Media Player\en-US\WMPDMCCore.dll.mui
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Media Player\en-US\WMPDMCCore.dll.mui.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Media Player\en-US\wmplayer.exe.mui
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Media Player\en-US\wmplayer.exe.mui.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Media Player\en-US\WMPMediaSharing.dll.mui
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Media Player\en-US\WMPMediaSharing.dll.mui.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Media Player\en-US\wmpnetwk.exe.mui
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Media Player\en-US\wmpnetwk.exe.mui.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Media Player\en-US\wmpnscfg.exe.mui
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Media Player\en-US\wmpnscfg.exe.mui.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Media Player\en-US\wmpnssci.dll.mui
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Media Player\en-US\wmpnssci.dll.mui.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Media Player\en-US\wmpnssui.dll.mui
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Media Player\en-US\wmpnssui.dll.mui.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Media Player\en-US\WMPSideShowGadget.exe.mui
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Media Player\en-US\WMPSideShowGadget.exe.mui.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Media Player\Icons\NEMTY-DECRYPT.txt
|
-
|
Access, Create
|
|
C:\Program Files\Windows Media Player\Media Renderer\avtransport.xml
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Media Player\Media Renderer\avtransport.xml.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Media Player\Media Renderer\connectionmanager_dmr.xml
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Media Player\Media Renderer\connectionmanager_dmr.xml.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Media Player\Media Renderer\DMR_120.jpg
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Media Player\Media Renderer\DMR_120.jpg.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Media Player\Media Renderer\DMR_120.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Media Player\Media Renderer\DMR_120.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Media Player\Media Renderer\DMR_48.jpg
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Media Player\Media Renderer\DMR_48.jpg.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Media Player\Media Renderer\DMR_48.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Media Player\Media Renderer\DMR_48.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Media Player\Media Renderer\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\Windows Media Player\Media Renderer\RenderingControl.xml
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Media Player\Media Renderer\RenderingControl.xml.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Media Player\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\Windows Media Player\Network Sharing\ConnectionManager.xml
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Media Player\Network Sharing\ConnectionManager.xml.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Media Player\Network Sharing\ContentDirectory.xml
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Media Player\Network Sharing\ContentDirectory.xml.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Media Player\Network Sharing\MediaReceiverRegistrar.xml
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Media Player\Network Sharing\MediaReceiverRegistrar.xml.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Media Player\Network Sharing\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\Windows Media Player\Network Sharing\wmpnss_bw120.jpg
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Media Player\Network Sharing\wmpnss_bw120.jpg.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Media Player\Network Sharing\wmpnss_bw120.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Media Player\Network Sharing\wmpnss_bw120.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Media Player\Network Sharing\wmpnss_bw32.bmp
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Media Player\Network Sharing\wmpnss_bw32.bmp.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Media Player\Network Sharing\wmpnss_bw32.jpg
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Media Player\Network Sharing\wmpnss_bw32.jpg.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Media Player\Network Sharing\wmpnss_bw48.bmp
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Media Player\Network Sharing\wmpnss_bw48.bmp.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Media Player\Network Sharing\wmpnss_bw48.jpg
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Media Player\Network Sharing\wmpnss_bw48.jpg.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Media Player\Network Sharing\wmpnss_bw48.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Media Player\Network Sharing\wmpnss_bw48.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Media Player\Network Sharing\wmpnss_color120.jpg
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Media Player\Network Sharing\wmpnss_color120.jpg.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Media Player\Network Sharing\wmpnss_color120.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Media Player\Network Sharing\wmpnss_color120.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Media Player\Network Sharing\wmpnss_color32.bmp
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Media Player\Network Sharing\wmpnss_color32.bmp.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Media Player\Network Sharing\wmpnss_color32.jpg
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Media Player\Network Sharing\wmpnss_color32.jpg.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Media Player\Network Sharing\wmpnss_color48.bmp
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Media Player\Network Sharing\wmpnss_color48.bmp.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Media Player\Network Sharing\wmpnss_color48.jpg
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Media Player\Network Sharing\wmpnss_color48.jpg.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Media Player\Network Sharing\wmpnss_color48.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Media Player\Network Sharing\wmpnss_color48.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Media Player\Skins\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\Windows Media Player\Skins\Revert.wmz
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Media Player\Skins\Revert.wmz.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Media Player\Visualizations\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\Windows NT\Accessories\en-US\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\Windows NT\Accessories\en-US\wordpad.exe.mui
|
-
|
Access, Delete
|
|
C:\Program Files\Windows NT\Accessories\en-US\wordpad.exe.mui.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows NT\Accessories\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\Windows NT\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\Windows NT\TableTextService\en-US\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\Windows NT\TableTextService\en-US\TableTextService.dll.mui
|
-
|
Access, Delete
|
|
C:\Program Files\Windows NT\TableTextService\en-US\TableTextService.dll.mui.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows NT\TableTextService\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\Windows NT\TableTextService\TableTextServiceAmharic.txt
|
-
|
Access, Delete
|
|
C:\Program Files\Windows NT\TableTextService\TableTextServiceAmharic.txt.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows NT\TableTextService\TableTextServiceArray.txt
|
-
|
Access, Delete
|
|
C:\Program Files\Windows NT\TableTextService\TableTextServiceArray.txt.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows NT\TableTextService\TableTextServiceDaYi.txt
|
-
|
Access, Delete
|
|
C:\Program Files\Windows NT\TableTextService\TableTextServiceDaYi.txt.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows NT\TableTextService\TableTextServiceSimplifiedQuanPin.txt
|
-
|
Access, Delete
|
|
C:\Program Files\Windows NT\TableTextService\TableTextServiceSimplifiedQuanPin.txt.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows NT\TableTextService\TableTextServiceSimplifiedShuangPin.txt
|
-
|
Access, Delete
|
|
C:\Program Files\Windows NT\TableTextService\TableTextServiceSimplifiedShuangPin.txt.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows NT\TableTextService\TableTextServiceSimplifiedZhengMa.txt
|
-
|
Access, Delete
|
|
C:\Program Files\Windows NT\TableTextService\TableTextServiceSimplifiedZhengMa.txt.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows NT\TableTextService\TableTextServiceYi.txt
|
-
|
Access, Delete
|
|
C:\Program Files\Windows NT\TableTextService\TableTextServiceYi.txt.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Photo Viewer\en-US\ImagingDevices.exe.mui
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Photo Viewer\en-US\ImagingDevices.exe.mui.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Photo Viewer\en-US\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\Windows Photo Viewer\en-US\PhotoAcq.dll.mui
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Photo Viewer\en-US\PhotoAcq.dll.mui.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Photo Viewer\en-US\PhotoViewer.dll.mui
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Photo Viewer\en-US\PhotoViewer.dll.mui.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Photo Viewer\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\Windows Portable Devices\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\Windows Sidebar\en-US\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\Windows Sidebar\en-US\sbdrop.dll.mui
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\en-US\sbdrop.dll.mui.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\en-US\Sidebar.exe.mui
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\en-US\Sidebar.exe.mui.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\drag.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\drag.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\calendar.html
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\calendar.html.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\css\calendar.css
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\css\calendar.css.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\css\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\gadget.xml
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\gadget.xml.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\js\calendar.js
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\js\calendar.js.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\js\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\icon.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\icon.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bg-desk.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bg-desk.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bg-dock.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bg-dock.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bg-today.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bg-today.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bNext-disable.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bNext-disable.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bNext-down.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bNext-down.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bNext-hot.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bNext-hot.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bNext.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bNext.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bPrev-disable.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bPrev-disable.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bPrev-down.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bPrev-down.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bPrev-hot.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bPrev-hot.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bPrev.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bPrev.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_double.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_double.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_double_bkg.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_double_bkg.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_double_orange.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_double_orange.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_ring_docked.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_ring_docked.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_single.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_single.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_single_bkg.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_single_bkg.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_single_bkg_orange.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_single_bkg_orange.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_single_orange.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_single_orange.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\corner.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\corner.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\curl-hot.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\curl-hot.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\curl.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\curl.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\month.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\month.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\rings-desk.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\rings-desk.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\rings-dock.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\rings-dock.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\logo.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\logo.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\drag.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\drag.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\clock.html
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\clock.html.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\css\clock.css
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\css\clock.css.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\css\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\css\settings.css
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\css\settings.css.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\gadget.xml
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\gadget.xml.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\js\clock.js
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\js\clock.js.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\js\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\js\settings.js
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\js\settings.js.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\js\timeZones.js
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\js\timeZones.js.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\settings.html
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\settings.html.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\icon.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\icon.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_dot.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_dot.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_h.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_h.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_m.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_m.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_s.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_s.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_settings.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_settings.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\diner.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\diner.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_dot.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_dot.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_h.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_h.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_m.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_m.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_s.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_s.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_settings.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_settings.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\flower.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\flower.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_dot.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_dot.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_h.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_h.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_m.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_m.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_s.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_s.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_settings.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_settings.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\modern.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\modern.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_dot.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_dot.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_h.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_h.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_m.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_m.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_s.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_s.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_settings.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_settings.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_dot.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_dot.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_h.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_h.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_m.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_m.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_s.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_s.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_settings.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_settings.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_bottom.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_bottom.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_divider_left.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_divider_left.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_divider_right.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_divider_right.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_left.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_left.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_right.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_right.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_top.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_top.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_corner_bottom_left.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_corner_bottom_left.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_corner_bottom_right.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_corner_bottom_right.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_corner_top_left.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_corner_top_left.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_corner_top_right.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_corner_top_right.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_divider.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_divider.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_divider_left.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_divider_left.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_divider_right.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_divider_right.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_left_disabled.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_left_disabled.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_left_hover.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_left_hover.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_left_pressed.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_left_pressed.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_left_rest.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_left_rest.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_right_disabled.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_right_disabled.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_right_hover.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_right_hover.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_right_pressed.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_right_pressed.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_right_rest.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_right_rest.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\spacer_highlights.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\spacer_highlights.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\square.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\square.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\square_dot.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\square_dot.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\square_h.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\square_h.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\square_m.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\square_m.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\square_s.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\square_s.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\square_settings.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\square_settings.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\system.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\system.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\system_dot.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\system_dot.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\system_h.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\system_h.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\system_m.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\system_m.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\system_s.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\system_s.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\system_settings.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\system_settings.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\trad.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\trad.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_dot.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_dot.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_h.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_h.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_m.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_m.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_s.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_s.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_settings.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_settings.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\logo.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\logo.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\drag.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\drag.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\en-US\cpu.html
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\en-US\cpu.html.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\en-US\css\cpu.css
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\en-US\css\cpu.css.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\en-US\css\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\en-US\gadget.xml
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\en-US\gadget.xml.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\en-US\js\cpu.js
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\en-US\js\cpu.js.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\en-US\js\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\en-US\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\icon.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\icon.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\back.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\back.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\back_lrg.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\back_lrg.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\dial.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\dial.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\dial_lrg.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\dial_lrg.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\dial_lrg_sml.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\dial_lrg_sml.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\dial_sml.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\dial_sml.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\dialdot.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\dialdot.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\dialdot_lrg.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\dialdot_lrg.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\glass.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\glass.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\glass_lrg.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\glass_lrg.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\logo.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\logo.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\drag.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\drag.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\css\currency.css
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\css\currency.css.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\css\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\currency.html
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\currency.html.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\gadget.xml
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\gadget.xml.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\currency.js
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\currency.js.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\init.js
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\init.js.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\library.js
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\library.js.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\localizedStrings.js
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\localizedStrings.js.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\service.js
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\service.js.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\icon.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\icon.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\activity16v.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\activity16v.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\add_down.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\add_down.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\add_over.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\add_over.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\add_up.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\add_up.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\base-docked.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\base-docked.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\base-undocked-2.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\base-undocked-2.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\base-undocked-3.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\base-undocked-3.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\base-undocked-4.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\base-undocked-4.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\combo-hover-left.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\combo-hover-left.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\combo-hover-middle.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\combo-hover-middle.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\combo-hover-right.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\combo-hover-right.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\delete_down.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\delete_down.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\delete_over.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\delete_over.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\delete_up.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\delete_up.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\graph_down.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\graph_down.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\graph_over.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\graph_over.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\graph_up.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\graph_up.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\info.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\info.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\row_over.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\row_over.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\triangle.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\triangle.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\logo.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\logo.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\css\flyout.css
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\css\flyout.css.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\css\main.css
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\css\main.css.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\css\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\css\settings.css
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\css\settings.css.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\en-US\gadget.xml
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\en-US\gadget.xml.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\en-US\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\flyout.html
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\flyout.html.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_left_mousedown.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_left_mousedown.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_left_mouseout.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_left_mouseout.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_left_mouseover.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_left_mouseover.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_MCELogo_mousedown.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_MCELogo_mousedown.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_MCELogo_mouseout.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_MCELogo_mouseout.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_MCELogo_mouseover.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_MCELogo_mouseover.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_play.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_play.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_right_mousedown.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_right_mousedown.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_right_mouseout.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_right_mouseout.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_right_mouseover.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_right_mouseover.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\default_thumb.jpg
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\default_thumb.jpg.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\ehshellLogo.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\ehshellLogo.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\flyout_background.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\flyout_background.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Gadget_Flyout_Thumbnail_Shadow.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Gadget_Flyout_Thumbnail_Shadow.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Gadget_Main_Background_Loading.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Gadget_Main_Background_Loading.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Gadget_Main_Background_QuickLaunch.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Gadget_Main_Background_QuickLaunch.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Gadget_Main_Gradient.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Gadget_Main_Gradient.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Gadget_Star_Empty.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Gadget_Star_Empty.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Gadget_Star_Full.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Gadget_Star_Full.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Gadget_Star_Half.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Gadget_Star_Half.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Gadget_Waitcursor.gif
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Gadget_Waitcursor.gif.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Gadget_WMC_LogoText.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Gadget_WMC_LogoText.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\logo.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\logo.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\main_background.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\main_background.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\js\main.js
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\js\main.js.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\js\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\js\settings.js
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\js\settings.js.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\main.html
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\main.html.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\settings.html
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\settings.html.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\drag.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\drag.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\css\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\css\picturePuzzle.css
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\css\picturePuzzle.css.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\css\settings.css
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\css\settings.css.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\gadget.xml
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\gadget.xml.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\js\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\js\picturePuzzle.js
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\js\picturePuzzle.js.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\js\settings.js
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\js\settings.js.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\picturePuzzle.html
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\picturePuzzle.html.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\settings.html
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\settings.html.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\icon.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\icon.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\0.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\0.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\1.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\1.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\10.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\10.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\11.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\11.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\2.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\2.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\3.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\3.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\4.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\4.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\5.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\5.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\6.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\6.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\7.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\7.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\8.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\8.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\9.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\9.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\background.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\background.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\daisies.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\daisies.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\glow.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\glow.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\hint_down.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\hint_down.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\hint_over.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\hint_over.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\hint_up.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\hint_up.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_bottom.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_bottom.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_divider_left.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_divider_left.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_divider_right.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_divider_right.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_left.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_left.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_right.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_right.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_top.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_top.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_corner_bottom_left.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_corner_bottom_left.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_corner_bottom_right.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_corner_bottom_right.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_corner_top_left.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_corner_top_left.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_corner_top_right.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_corner_top_right.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_divider.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_divider.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_divider_left.png
|
-
|
Access, Delete
|
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_divider_left.png.nemty
|
-
|
Access, Create
|
|
C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Program Files\Windows Sidebar\NEMTY-DECRYPT.txt
|
MD5:
2ce046c0bbb670423a6ebafca4174910
SHA1:
5d0d47ab91c2edbaaafe42167d4d2700ffad08e4
SHA256:
f6b26cdf138ab70734284e6e6dbbccf432c6c48107b980c117c79adc0d2ce12e
SSDeep:
24:bP8NypHHf0pY3RC9waPjWuDu/DZAKVLoFxKywxLXjzxbK0u9XHOT:bP8NypH/hkSab/KyXwJXcXOT
ImpHash:
None
|
Access, Write, Create
|
Dropped File
|
C:\Users\5p5NrGJn0jS HALPmcxz\_NEMTY_lpZfQSg_.nemty
|
-
|
Access, Create
|
|
System Paging File
|
-
|
Access, Read, Write
|
|