Filename
|
Hash
|
Operations
|
Category
|
C:\$GetCurrent\HOW_TO_RECOVER_FILES.txt
|
MD5:
c25e52e180ed143127434f7ff3551897
SHA1:
e76c671e886b7f02c5659db3ca7198f1f6236bca
SHA256:
58a5d6fa67f443c45693cd504d52de95162bbcbed1acf8ce1b228f83d0192f28
SSDeep:
24:FE4rVP01jhs7O/kQEX2HtKo/nR3rOeoz41QpwRLF9RSc3LYCkoPQwWRDdav:15MhDwoPRryz4ipOPIc3sCkoPqDMv
ImpHash:
None
|
Access, Create, Write
|
Dropped File
|
C:\$GetCurrent\Logs\downlevel_2017_09_07_02_02_39_766.log
|
MD5:
887f61443cabd6b2988bc31bb770d97b
SHA1:
371777b93fb8c2cfcaf304efd39dfdf11c87e922
SHA256:
4aa42fba3e8325ce272d6917a1ca0c222617c40eeec1d602d4838f618a8e20ac
SSDeep:
384:eWfIDAecwFdFMFSFFLoVwATKKhRdprlF+BxHcP8YaUavWKDXv8veSR2F2TZx:eWILcwHCIZoVv+KhRb7ODfy0Fa/
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\$GetCurrent\Logs\downlevel_2017_09_07_02_02_39_766.log.gоod
|
MD5:
887f61443cabd6b2988bc31bb770d97b
SHA1:
371777b93fb8c2cfcaf304efd39dfdf11c87e922
SHA256:
4aa42fba3e8325ce272d6917a1ca0c222617c40eeec1d602d4838f618a8e20ac
SSDeep:
384:eWfIDAecwFdFMFSFFLoVwATKKhRdprlF+BxHcP8YaUavWKDXv8veSR2F2TZx:eWILcwHCIZoVv+KhRb7ODfy0Fa/
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\$GetCurrent\Logs\HOW_TO_RECOVER_FILES.txt
|
MD5:
c25e52e180ed143127434f7ff3551897
SHA1:
e76c671e886b7f02c5659db3ca7198f1f6236bca
SHA256:
58a5d6fa67f443c45693cd504d52de95162bbcbed1acf8ce1b228f83d0192f28
SSDeep:
24:FE4rVP01jhs7O/kQEX2HtKo/nR3rOeoz41QpwRLF9RSc3LYCkoPQwWRDdav:15MhDwoPRryz4ipOPIc3sCkoPqDMv
ImpHash:
None
|
Access, Create, Write
|
Dropped File
|
C:\$GetCurrent\Logs\oobe_2017_09_07_03_08_57_737.log
|
MD5:
12674ffd548e8e2eb622049ec38c4bba
SHA1:
dc378980b7fe66724f8c1d5b0c88b976b9e88cee
SHA256:
4c10315afa92a6b76c1c470d3bddf58f46de456e0415d60cc490538b1062b3ed
SSDeep:
96:KF21YrFMPtPsTDCG5xJkC6yT862Jf7RJqF0aa8zNk5QzUBqFGFElWE4FELla+QFU:KFHFpmG5xJL6yz2JfSFd3zNk5wUfF/F4
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\$GetCurrent\Logs\oobe_2017_09_07_03_08_57_737.log.gоod
|
MD5:
12674ffd548e8e2eb622049ec38c4bba
SHA1:
dc378980b7fe66724f8c1d5b0c88b976b9e88cee
SHA256:
4c10315afa92a6b76c1c470d3bddf58f46de456e0415d60cc490538b1062b3ed
SSDeep:
96:KF21YrFMPtPsTDCG5xJkC6yT862Jf7RJqF0aa8zNk5QzUBqFGFElWE4FELla+QFU:KFHFpmG5xJL6yz2JfSFd3zNk5wUfF/F4
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\$GetCurrent\Logs\PartnerSetupCompleteResult.log
|
MD5:
b84a674902ba9e3efa466d232b869b4f
SHA1:
af98c521159d07259e17196ade22e45703c03967
SHA256:
93d72fa8fac8dbdff08db4c454d9f593c3d288317a1375500d9a8bb7cdb54d60
SSDeep:
3:0YXWXoKQ514iHmn:0EWXoKs146mn
ImpHash:
None
|
Access, Create, Read, Write, Delete
|
Modified File
|
C:\$GetCurrent\Logs\PartnerSetupCompleteResult.log.gоod
|
MD5:
b84a674902ba9e3efa466d232b869b4f
SHA1:
af98c521159d07259e17196ade22e45703c03967
SHA256:
93d72fa8fac8dbdff08db4c454d9f593c3d288317a1375500d9a8bb7cdb54d60
SSDeep:
3:0YXWXoKQ514iHmn:0EWXoKs146mn
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\$GetCurrent\SafeOS\HOW_TO_RECOVER_FILES.txt
|
MD5:
c25e52e180ed143127434f7ff3551897
SHA1:
e76c671e886b7f02c5659db3ca7198f1f6236bca
SHA256:
58a5d6fa67f443c45693cd504d52de95162bbcbed1acf8ce1b228f83d0192f28
SSDeep:
24:FE4rVP01jhs7O/kQEX2HtKo/nR3rOeoz41QpwRLF9RSc3LYCkoPQwWRDdav:15MhDwoPRryz4ipOPIc3sCkoPqDMv
ImpHash:
None
|
Access, Create, Write
|
Dropped File
|
C:\$Recycle.Bin\HOW_TO_RECOVER_FILES.txt
|
MD5:
c25e52e180ed143127434f7ff3551897
SHA1:
e76c671e886b7f02c5659db3ca7198f1f6236bca
SHA256:
58a5d6fa67f443c45693cd504d52de95162bbcbed1acf8ce1b228f83d0192f28
SSDeep:
24:FE4rVP01jhs7O/kQEX2HtKo/nR3rOeoz41QpwRLF9RSc3LYCkoPQwWRDdav:15MhDwoPRryz4ipOPIc3sCkoPqDMv
ImpHash:
None
|
Access, Create, Write
|
Dropped File
|
C:\$Recycle.Bin\S-1-5-18\HOW_TO_RECOVER_FILES.txt
|
MD5:
c25e52e180ed143127434f7ff3551897
SHA1:
e76c671e886b7f02c5659db3ca7198f1f6236bca
SHA256:
58a5d6fa67f443c45693cd504d52de95162bbcbed1acf8ce1b228f83d0192f28
SSDeep:
24:FE4rVP01jhs7O/kQEX2HtKo/nR3rOeoz41QpwRLF9RSc3LYCkoPQwWRDdav:15MhDwoPRryz4ipOPIc3sCkoPqDMv
ImpHash:
None
|
Access, Create, Write
|
Dropped File
|
C:\$Recycle.Bin\S-1-5-21-1051304884-625712362-2192934891-1000\HOW_TO_RECOVER_FILES.txt
|
MD5:
c25e52e180ed143127434f7ff3551897
SHA1:
e76c671e886b7f02c5659db3ca7198f1f6236bca
SHA256:
58a5d6fa67f443c45693cd504d52de95162bbcbed1acf8ce1b228f83d0192f28
SSDeep:
24:FE4rVP01jhs7O/kQEX2HtKo/nR3rOeoz41QpwRLF9RSc3LYCkoPQwWRDdav:15MhDwoPRryz4ipOPIc3sCkoPqDMv
ImpHash:
None
|
Access, Create, Write
|
Dropped File
|
C:\588bce7c90097ed212\1025\eula.rtf
|
MD5:
d6b057e1a0a75b08fb61d4b603c5c856
SHA1:
03057aabbbaa9d7125c1f4ca7e095cea9acc3f7c
SHA256:
b25875ddfd2ba65575f55edfb3072720db9e6495ed3c93b1dd3bb20e4a2c4fe6
SSDeep:
192:qdVbwc1M0nTsc01PuWLDzR2M+bOx7BnT7QUmDH:EwcGoDo2UDzR2M+s7BnT7QUmDH
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\588bce7c90097ed212\1025\eula.rtf.gоod
|
MD5:
d6b057e1a0a75b08fb61d4b603c5c856
SHA1:
03057aabbbaa9d7125c1f4ca7e095cea9acc3f7c
SHA256:
b25875ddfd2ba65575f55edfb3072720db9e6495ed3c93b1dd3bb20e4a2c4fe6
SSDeep:
192:qdVbwc1M0nTsc01PuWLDzR2M+bOx7BnT7QUmDH:EwcGoDo2UDzR2M+s7BnT7QUmDH
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\588bce7c90097ed212\1025\HOW_TO_RECOVER_FILES.txt
|
MD5:
c25e52e180ed143127434f7ff3551897
SHA1:
e76c671e886b7f02c5659db3ca7198f1f6236bca
SHA256:
58a5d6fa67f443c45693cd504d52de95162bbcbed1acf8ce1b228f83d0192f28
SSDeep:
24:FE4rVP01jhs7O/kQEX2HtKo/nR3rOeoz41QpwRLF9RSc3LYCkoPQwWRDdav:15MhDwoPRryz4ipOPIc3sCkoPqDMv
ImpHash:
None
|
Access, Create, Write
|
Dropped File
|
C:\588bce7c90097ed212\1025\LocalizedData.xml
|
MD5:
95475312ac05ed17ed8a4dc3c042923d
SHA1:
751effff55e74f55cbd916f24b7fbc47ec715952
SHA256:
f1adf91330580d51077dbf536bde925130f043ce218cb1d236c6d864f44e4b8b
SSDeep:
384:sMsazfZxDJ3caC12cwxsSsxGMZzhKtQOsitz0SBijTJ3ejrwdd0:sMXxDtwkxsnxGMdAVBijTJ3eH5
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\588bce7c90097ed212\1025\LocalizedData.xml.gоod
|
MD5:
95475312ac05ed17ed8a4dc3c042923d
SHA1:
751effff55e74f55cbd916f24b7fbc47ec715952
SHA256:
f1adf91330580d51077dbf536bde925130f043ce218cb1d236c6d864f44e4b8b
SSDeep:
384:sMsazfZxDJ3caC12cwxsSsxGMZzhKtQOsitz0SBijTJ3ejrwdd0:sMXxDtwkxsnxGMdAVBijTJ3eH5
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\588bce7c90097ed212\1028\eula.rtf
|
MD5:
2be79d7dfca8a2ae863b4a5a0a53bad0
SHA1:
8ba65185ff2667994f4522e4b65f2f7b06ef7cdf
SHA256:
2a527d8e4d0a63af8e3e8e854a2a77ec40e927829206477a49dd87316d76ebc8
SSDeep:
96:L+IaCEftt7RlIJC7PvuOtHuUBPbDVlxVAxa/MpD1JzIfcHvR2k0cvzr7DDrz70c+:iwY7fPvuquWboxAOfro2n6CAH
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\588bce7c90097ed212\1028\eula.rtf.gоod
|
MD5:
2be79d7dfca8a2ae863b4a5a0a53bad0
SHA1:
8ba65185ff2667994f4522e4b65f2f7b06ef7cdf
SHA256:
2a527d8e4d0a63af8e3e8e854a2a77ec40e927829206477a49dd87316d76ebc8
SSDeep:
96:L+IaCEftt7RlIJC7PvuOtHuUBPbDVlxVAxa/MpD1JzIfcHvR2k0cvzr7DDrz70c+:iwY7fPvuquWboxAOfro2n6CAH
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\588bce7c90097ed212\1028\HOW_TO_RECOVER_FILES.txt
|
MD5:
c25e52e180ed143127434f7ff3551897
SHA1:
e76c671e886b7f02c5659db3ca7198f1f6236bca
SHA256:
58a5d6fa67f443c45693cd504d52de95162bbcbed1acf8ce1b228f83d0192f28
SSDeep:
24:FE4rVP01jhs7O/kQEX2HtKo/nR3rOeoz41QpwRLF9RSc3LYCkoPQwWRDdav:15MhDwoPRryz4ipOPIc3sCkoPqDMv
ImpHash:
None
|
Access, Create, Write
|
Dropped File
|
C:\588bce7c90097ed212\1028\LocalizedData.xml
|
MD5:
86bef37e6a5c011c6ee62ede7348ab4b
SHA1:
2898220ca264cd65cd3582a124fce9b18010d90e
SHA256:
e45603afebda7e9b2a01ba78f91212b5f004dfba3e67f4981f1dc0345b08778a
SSDeep:
384:so0IV/CKbCWB6rFk+2jP8lxtrzh1hsPN7ODPnPgQy50sJCXnofDPiY:so0ILbCWYFrewYTJCI
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\588bce7c90097ed212\1028\LocalizedData.xml.gоod
|
MD5:
86bef37e6a5c011c6ee62ede7348ab4b
SHA1:
2898220ca264cd65cd3582a124fce9b18010d90e
SHA256:
e45603afebda7e9b2a01ba78f91212b5f004dfba3e67f4981f1dc0345b08778a
SSDeep:
384:so0IV/CKbCWB6rFk+2jP8lxtrzh1hsPN7ODPnPgQy50sJCXnofDPiY:so0ILbCWYFrewYTJCI
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\588bce7c90097ed212\1029\eula.rtf
|
MD5:
8323f827d8b44e2f6cc99a11282ee564
SHA1:
9400d308273258cd7baa78328d5258df1191ce05
SHA256:
48a52196cb1b799c34683cfd56e6485e57bf3e6a13ac2150e494c43daf9d304d
SSDeep:
96:1BBsE7nGb5k97/9OAm7E45hLResy/IB2OM+pnCQt:1XsV5kN9BZ4XLMBIB2OFVCU
ImpHash:
None
|
Access, Create, Read, Write, Delete
|
Modified File
|
C:\588bce7c90097ed212\1029\eula.rtf.gоod
|
MD5:
8323f827d8b44e2f6cc99a11282ee564
SHA1:
9400d308273258cd7baa78328d5258df1191ce05
SHA256:
48a52196cb1b799c34683cfd56e6485e57bf3e6a13ac2150e494c43daf9d304d
SSDeep:
96:1BBsE7nGb5k97/9OAm7E45hLResy/IB2OM+pnCQt:1XsV5kN9BZ4XLMBIB2OFVCU
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\588bce7c90097ed212\1029\HOW_TO_RECOVER_FILES.txt
|
MD5:
c25e52e180ed143127434f7ff3551897
SHA1:
e76c671e886b7f02c5659db3ca7198f1f6236bca
SHA256:
58a5d6fa67f443c45693cd504d52de95162bbcbed1acf8ce1b228f83d0192f28
SSDeep:
24:FE4rVP01jhs7O/kQEX2HtKo/nR3rOeoz41QpwRLF9RSc3LYCkoPQwWRDdav:15MhDwoPRryz4ipOPIc3sCkoPqDMv
ImpHash:
None
|
Access, Create, Write
|
Dropped File
|
C:\588bce7c90097ed212\1029\LocalizedData.xml
|
MD5:
cff25aecc03bdf8892a8eeeabbfedfaf
SHA1:
5d389e79afc27aabb62b25b8f405131b7b10d59c
SHA256:
588fee3fc6cb19d9bf107014e1b9681b41190de044ebadd57f7413634903c2a2
SSDeep:
384:snc4I7jvsNQ8/svLov/QvQovOLeyndT/jfB7eyNdT9eTiyn15byYOMbqav8qAMru:s3qYFt/jPvoZJZ03
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\588bce7c90097ed212\1029\LocalizedData.xml.gоod
|
MD5:
cff25aecc03bdf8892a8eeeabbfedfaf
SHA1:
5d389e79afc27aabb62b25b8f405131b7b10d59c
SHA256:
588fee3fc6cb19d9bf107014e1b9681b41190de044ebadd57f7413634903c2a2
SSDeep:
384:snc4I7jvsNQ8/svLov/QvQovOLeyndT/jfB7eyNdT9eTiyn15byYOMbqav8qAMru:s3qYFt/jPvoZJZ03
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\588bce7c90097ed212\1030\eula.rtf
|
MD5:
d26ee2d17218e3703c38f3896d15b174
SHA1:
1b26903ac2bdcb94a19351b60bad8df9e0cb74d9
SHA256:
1f8b49989f8e80d0576f442ba1a0328178665f52cb6ae62dd1bb6a53aedd6eea
SSDeep:
96:jb1jWkryXWSxNpmppN5zMaDqaaZ8Vaf8/K1oA:PTyXWgpiJD+6V67oA
ImpHash:
None
|
Access, Create, Read, Write, Delete
|
Modified File
|
C:\588bce7c90097ed212\1030\eula.rtf.gоod
|
MD5:
d26ee2d17218e3703c38f3896d15b174
SHA1:
1b26903ac2bdcb94a19351b60bad8df9e0cb74d9
SHA256:
1f8b49989f8e80d0576f442ba1a0328178665f52cb6ae62dd1bb6a53aedd6eea
SSDeep:
96:jb1jWkryXWSxNpmppN5zMaDqaaZ8Vaf8/K1oA:PTyXWgpiJD+6V67oA
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\588bce7c90097ed212\1030\HOW_TO_RECOVER_FILES.txt
|
MD5:
c25e52e180ed143127434f7ff3551897
SHA1:
e76c671e886b7f02c5659db3ca7198f1f6236bca
SHA256:
58a5d6fa67f443c45693cd504d52de95162bbcbed1acf8ce1b228f83d0192f28
SSDeep:
24:FE4rVP01jhs7O/kQEX2HtKo/nR3rOeoz41QpwRLF9RSc3LYCkoPQwWRDdav:15MhDwoPRryz4ipOPIc3sCkoPqDMv
ImpHash:
None
|
Access, Create, Write
|
Dropped File
|
C:\588bce7c90097ed212\1030\LocalizedData.xml
|
MD5:
ea982b1851960fad0fe86ce934c2a839
SHA1:
04aad5b7967b99229728a23f915a5ffaf6ed6e4f
SHA256:
d49d6e00492a9399dc3adfae109be167b8dce37095cca18db918f9750a76a408
SSDeep:
384:sS4twYt4NYsFrCYQTjtLCpCggWuUyl+JMcf/zmSmRLAgRQJmS+e/JAu1O2Xx+E:sS4t74NYYeYQTjtLCYggWuUMe+e/JX
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\588bce7c90097ed212\1030\LocalizedData.xml.gоod
|
MD5:
ea982b1851960fad0fe86ce934c2a839
SHA1:
04aad5b7967b99229728a23f915a5ffaf6ed6e4f
SHA256:
d49d6e00492a9399dc3adfae109be167b8dce37095cca18db918f9750a76a408
SSDeep:
384:sS4twYt4NYsFrCYQTjtLCpCggWuUyl+JMcf/zmSmRLAgRQJmS+e/JAu1O2Xx+E:sS4t74NYYeYQTjtLCYggWuUMe+e/JX
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\588bce7c90097ed212\1031\eula.rtf
|
-
|
Access, Create, Read, Write, Delete
|
|
C:\588bce7c90097ed212\1031\eula.rtf.gоod
|
-
|
Access, Create
|
|
C:\588bce7c90097ed212\1031\HOW_TO_RECOVER_FILES.txt
|
-
|
Access, Create, Write
|
|
C:\588bce7c90097ed212\1031\LocalizedData.xml
|
-
|
Access, Read, Write, Delete
|
|
C:\588bce7c90097ed212\1031\LocalizedData.xml.gоod
|
-
|
Access, Create
|
|
C:\588bce7c90097ed212\1032\eula.rtf
|
-
|
Access, Read, Write, Delete
|
|
C:\588bce7c90097ed212\1032\eula.rtf.gоod
|
-
|
Access, Create
|
|
C:\588bce7c90097ed212\1032\HOW_TO_RECOVER_FILES.txt
|
-
|
Access, Create, Write
|
|
C:\588bce7c90097ed212\1032\LocalizedData.xml
|
-
|
Access, Read, Write, Delete
|
|
C:\588bce7c90097ed212\1032\LocalizedData.xml.gоod
|
-
|
Access, Create
|
|
C:\588bce7c90097ed212\1033\eula.rtf
|
-
|
Access, Create, Read, Write, Delete
|
|
C:\588bce7c90097ed212\1033\eula.rtf.gоod
|
-
|
Access, Create
|
|
C:\588bce7c90097ed212\1033\HOW_TO_RECOVER_FILES.txt
|
-
|
Access, Create, Write
|
|
C:\588bce7c90097ed212\1033\LocalizedData.xml
|
-
|
Access, Read, Write, Delete
|
|
C:\588bce7c90097ed212\1033\LocalizedData.xml.gоod
|
-
|
Access, Create
|
|
C:\588bce7c90097ed212\1035\eula.rtf
|
-
|
Access, Create, Read, Write, Delete
|
|
C:\588bce7c90097ed212\1035\eula.rtf.gоod
|
-
|
Access, Create
|
|
C:\588bce7c90097ed212\1035\HOW_TO_RECOVER_FILES.txt
|
-
|
Access, Create, Write
|
|
C:\588bce7c90097ed212\1035\LocalizedData.xml
|
-
|
Access, Read, Write, Delete
|
|
C:\588bce7c90097ed212\1035\LocalizedData.xml.gоod
|
-
|
Access, Create
|
|
C:\588bce7c90097ed212\1036\eula.rtf
|
-
|
Access, Create, Read, Write, Delete
|
|
C:\588bce7c90097ed212\1036\eula.rtf.gоod
|
-
|
Access, Create
|
|
C:\588bce7c90097ed212\1036\HOW_TO_RECOVER_FILES.txt
|
-
|
Access, Create, Write
|
|
C:\588bce7c90097ed212\1036\LocalizedData.xml
|
-
|
Access, Read, Write, Delete
|
|
C:\588bce7c90097ed212\1036\LocalizedData.xml.gоod
|
-
|
Access, Create
|
|
C:\588bce7c90097ed212\1037\eula.rtf
|
-
|
Access, Read, Write, Delete
|
|
C:\588bce7c90097ed212\1037\eula.rtf.gоod
|
-
|
Access, Create
|
|
C:\588bce7c90097ed212\1037\HOW_TO_RECOVER_FILES.txt
|
-
|
Access, Create, Write
|
|
C:\588bce7c90097ed212\1037\LocalizedData.xml
|
-
|
Access, Read, Write, Delete
|
|
C:\588bce7c90097ed212\1037\LocalizedData.xml.gоod
|
-
|
Access, Create
|
|
C:\588bce7c90097ed212\1038\eula.rtf
|
-
|
Access, Read, Write, Delete
|
|
C:\588bce7c90097ed212\1038\eula.rtf.gоod
|
-
|
Access, Create
|
|
C:\588bce7c90097ed212\1038\HOW_TO_RECOVER_FILES.txt
|
-
|
Access, Create, Write
|
|
C:\588bce7c90097ed212\1038\LocalizedData.xml
|
-
|
Access, Read, Write, Delete
|
|
C:\588bce7c90097ed212\1038\LocalizedData.xml.gоod
|
-
|
Access, Create
|
|
C:\588bce7c90097ed212\1040\eula.rtf
|
-
|
Access, Create, Read, Write, Delete
|
|
C:\588bce7c90097ed212\1040\eula.rtf.gоod
|
-
|
Access, Create
|
|
C:\588bce7c90097ed212\1040\HOW_TO_RECOVER_FILES.txt
|
-
|
Access, Create, Write
|
|
C:\588bce7c90097ed212\1040\LocalizedData.xml
|
-
|
Access, Read, Write, Delete
|
|
C:\588bce7c90097ed212\1040\LocalizedData.xml.gоod
|
-
|
Access, Create
|
|
C:\588bce7c90097ed212\1041\eula.rtf
|
-
|
Access, Read, Write, Delete
|
|
C:\588bce7c90097ed212\1041\eula.rtf.gоod
|
-
|
Access, Create
|
|
C:\588bce7c90097ed212\1041\HOW_TO_RECOVER_FILES.txt
|
-
|
Access, Create, Write
|
|
C:\588bce7c90097ed212\1041\LocalizedData.xml
|
-
|
Access, Read, Write, Delete
|
|
C:\588bce7c90097ed212\1041\LocalizedData.xml.gоod
|
-
|
Access, Create
|
|
C:\588bce7c90097ed212\1042\eula.rtf
|
-
|
Access, Read, Write, Delete
|
|
C:\588bce7c90097ed212\1042\eula.rtf.gоod
|
-
|
Access, Create
|
|
C:\588bce7c90097ed212\1042\HOW_TO_RECOVER_FILES.txt
|
-
|
Access, Create, Write
|
|
C:\588bce7c90097ed212\1042\LocalizedData.xml
|
-
|
Access, Read, Write, Delete
|
|
C:\588bce7c90097ed212\1042\LocalizedData.xml.gоod
|
-
|
Access, Create
|
|
C:\588bce7c90097ed212\1043\eula.rtf
|
-
|
Access, Create, Read, Write, Delete
|
|
C:\588bce7c90097ed212\1043\eula.rtf.gоod
|
-
|
Access, Create
|
|
C:\588bce7c90097ed212\1043\HOW_TO_RECOVER_FILES.txt
|
-
|
Access, Create, Write
|
|
C:\588bce7c90097ed212\1043\LocalizedData.xml
|
-
|
Access, Read, Write, Delete
|
|
C:\588bce7c90097ed212\1043\LocalizedData.xml.gоod
|
-
|
Access, Create
|
|
C:\588bce7c90097ed212\1044\eula.rtf
|
-
|
Access, Create, Read, Write, Delete
|
|
C:\588bce7c90097ed212\1044\eula.rtf.gоod
|
-
|
Access, Create
|
|
C:\588bce7c90097ed212\1044\HOW_TO_RECOVER_FILES.txt
|
-
|
Access, Create, Write
|
|
C:\588bce7c90097ed212\1044\LocalizedData.xml
|
-
|
Access, Read, Write, Delete
|
|
C:\588bce7c90097ed212\1044\LocalizedData.xml.gоod
|
-
|
Access, Create
|
|
C:\588bce7c90097ed212\1045\eula.rtf
|
-
|
Access, Create, Read, Delete
|
|
C:\588bce7c90097ed212\1045\eula.rtf.gоod
|
-
|
Access, Create
|
|
C:\588bce7c90097ed212\1045\HOW_TO_RECOVER_FILES.txt
|
-
|
Access, Create, Write
|
|
C:\588bce7c90097ed212\1045\LocalizedData.xml
|
-
|
Access, Read, Write, Delete
|
|
C:\588bce7c90097ed212\1045\LocalizedData.xml.gоod
|
-
|
Access, Create
|
|
C:\588bce7c90097ed212\1046\eula.rtf
|
-
|
Access, Create, Read, Write, Delete
|
|
C:\588bce7c90097ed212\1046\eula.rtf.gоod
|
-
|
Access, Create
|
|
C:\588bce7c90097ed212\1046\HOW_TO_RECOVER_FILES.txt
|
-
|
Access, Create, Write
|
|
C:\588bce7c90097ed212\1046\LocalizedData.xml
|
-
|
Access, Read, Write, Delete
|
|
C:\588bce7c90097ed212\1046\LocalizedData.xml.gоod
|
-
|
Access, Create
|
|
C:\588bce7c90097ed212\1049\eula.rtf
|
-
|
Access, Read, Write, Delete
|
|
C:\588bce7c90097ed212\1049\eula.rtf.gоod
|
-
|
Access, Create
|
|
C:\588bce7c90097ed212\1049\HOW_TO_RECOVER_FILES.txt
|
-
|
Access, Create, Write
|
|
C:\588bce7c90097ed212\1049\LocalizedData.xml
|
-
|
Access, Read, Write, Delete
|
|
C:\588bce7c90097ed212\1049\LocalizedData.xml.gоod
|
-
|
Access, Create
|
|
C:\588bce7c90097ed212\1053\eula.rtf
|
-
|
Access, Create, Read, Write, Delete
|
|
C:\588bce7c90097ed212\1053\eula.rtf.gоod
|
-
|
Access, Create
|
|
C:\588bce7c90097ed212\1053\HOW_TO_RECOVER_FILES.txt
|
-
|
Access, Create, Write
|
|
C:\588bce7c90097ed212\1053\LocalizedData.xml
|
-
|
Access, Read, Write, Delete
|
|
C:\588bce7c90097ed212\1053\LocalizedData.xml.gоod
|
-
|
Access, Create
|
|
C:\588bce7c90097ed212\1055\eula.rtf
|
-
|
Access, Create, Read, Write, Delete
|
|
C:\588bce7c90097ed212\1055\eula.rtf.gоod
|
-
|
Access, Create
|
|
C:\588bce7c90097ed212\1055\HOW_TO_RECOVER_FILES.txt
|
-
|
Access, Create, Write
|
|
C:\588bce7c90097ed212\1055\LocalizedData.xml
|
-
|
Access, Read, Write, Delete
|
|
C:\588bce7c90097ed212\1055\LocalizedData.xml.gоod
|
-
|
Access, Create
|
|
C:\588bce7c90097ed212\2052\eula.rtf
|
-
|
Access, Read, Write, Delete
|
|
C:\588bce7c90097ed212\2052\eula.rtf.gоod
|
-
|
Access, Create
|
|
C:\588bce7c90097ed212\2052\HOW_TO_RECOVER_FILES.txt
|
-
|
Access, Create, Write
|
|
C:\588bce7c90097ed212\2052\LocalizedData.xml
|
-
|
Access, Read, Write, Delete
|
|
C:\588bce7c90097ed212\2052\LocalizedData.xml.gоod
|
-
|
Access, Create
|
|
C:\588bce7c90097ed212\2070\eula.rtf
|
-
|
Access, Create, Read, Write, Delete
|
|
C:\588bce7c90097ed212\2070\eula.rtf.gоod
|
-
|
Access, Create
|
|
C:\588bce7c90097ed212\2070\HOW_TO_RECOVER_FILES.txt
|
-
|
Access, Create, Write
|
|
C:\588bce7c90097ed212\2070\LocalizedData.xml
|
-
|
Access, Read, Write, Delete
|
|
C:\588bce7c90097ed212\2070\LocalizedData.xml.gоod
|
-
|
Access, Create
|
|
C:\588bce7c90097ed212\3076\eula.rtf
|
-
|
Access, Read, Write, Delete
|
|
C:\588bce7c90097ed212\3076\eula.rtf.gоod
|
-
|
Access, Create
|
|
C:\588bce7c90097ed212\3076\HOW_TO_RECOVER_FILES.txt
|
-
|
Access, Create, Write
|
|
C:\588bce7c90097ed212\3076\LocalizedData.xml
|
-
|
Access, Read, Write, Delete
|
|
C:\588bce7c90097ed212\3076\LocalizedData.xml.gоod
|
-
|
Access, Create
|
|
C:\588bce7c90097ed212\3082\eula.rtf
|
-
|
Access, Create, Read, Write, Delete
|
|
C:\588bce7c90097ed212\3082\eula.rtf.gоod
|
-
|
Access, Create
|
|
C:\588bce7c90097ed212\3082\HOW_TO_RECOVER_FILES.txt
|
-
|
Access, Create, Write
|
|
C:\588bce7c90097ed212\3082\LocalizedData.xml
|
-
|
Access, Read, Write, Delete
|
|
C:\588bce7c90097ed212\3082\LocalizedData.xml.gоod
|
-
|
Access, Create
|
|
C:\588bce7c90097ed212\Client\HOW_TO_RECOVER_FILES.txt
|
-
|
Access, Create, Write
|
|
C:\588bce7c90097ed212\Client\Parameterinfo.xml
|
-
|
Access, Read, Write, Delete
|
|
C:\588bce7c90097ed212\Client\Parameterinfo.xml.gоod
|
-
|
Access, Create
|
|
C:\588bce7c90097ed212\Client\UiInfo.xml
|
-
|
Access, Read, Write, Delete
|
|
C:\588bce7c90097ed212\Client\UiInfo.xml.gоod
|
-
|
Access, Create
|
|
C:\588bce7c90097ed212\DHtmlHeader.html
|
MD5:
61342bc40d793174c5fbdb0cc5b07973
SHA1:
ac69c6608054ca6fb41048ec23c5662ece766418
SHA256:
6108462843ddb34011edcb2ac8b276563cc041c343f54c5ce6b4a18e891f1af8
SSDeep:
192:Xr14Go3Ar/Y5PJVyCTjEyEeLHLHQFJFjZWblWUxFzJzcKHj3:Xr1XoS/ymCT4yxUFJFEWUxFzvHT
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\588bce7c90097ed212\DHtmlHeader.html.gоod
|
MD5:
61342bc40d793174c5fbdb0cc5b07973
SHA1:
ac69c6608054ca6fb41048ec23c5662ece766418
SHA256:
6108462843ddb34011edcb2ac8b276563cc041c343f54c5ce6b4a18e891f1af8
SSDeep:
192:Xr14Go3Ar/Y5PJVyCTjEyEeLHLHQFJFjZWblWUxFzJzcKHj3:Xr1XoS/ymCT4yxUFJFEWUxFzvHT
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\588bce7c90097ed212\DisplayIcon.ico
|
MD5:
83d0536c8fabf4d4666f855c8bda053a
SHA1:
472fedd0c6182c963fdf1c5037a7a1d3787033e9
SHA256:
a0188ba799fc9c1d69cd4b2088c129af096bf43d14243adfe9f5861c104b662d
SSDeep:
1536:/8MwwyqxMQP8ZOs0JOG58d8vo2zYOvvHAj/4/aXj/Nhhg73BVp5vEdx:/8MQ/gB4H8vo2no0/aX7C7Dcn
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\588bce7c90097ed212\DisplayIcon.ico.gоod
|
MD5:
83d0536c8fabf4d4666f855c8bda053a
SHA1:
472fedd0c6182c963fdf1c5037a7a1d3787033e9
SHA256:
a0188ba799fc9c1d69cd4b2088c129af096bf43d14243adfe9f5861c104b662d
SSDeep:
1536:/8MwwyqxMQP8ZOs0JOG58d8vo2zYOvvHAj/4/aXj/Nhhg73BVp5vEdx:/8MQ/gB4H8vo2no0/aX7C7Dcn
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\588bce7c90097ed212\Extended\HOW_TO_RECOVER_FILES.txt
|
-
|
Access, Create, Write
|
|
C:\588bce7c90097ed212\Extended\Parameterinfo.xml
|
-
|
Access, Read, Write, Delete
|
|
C:\588bce7c90097ed212\Extended\Parameterinfo.xml.gоod
|
-
|
Access, Create
|
|
C:\588bce7c90097ed212\Extended\UiInfo.xml
|
-
|
Access, Read, Write, Delete
|
|
C:\588bce7c90097ed212\Extended\UiInfo.xml.gоod
|
-
|
Access, Create
|
|
C:\588bce7c90097ed212\Graphics\HOW_TO_RECOVER_FILES.txt
|
-
|
Access, Create, Write
|
|
C:\588bce7c90097ed212\Graphics\Print.ico
|
-
|
Access, Create, Read, Write, Delete
|
|
C:\588bce7c90097ed212\Graphics\Print.ico.gоod
|
-
|
Access, Create
|
|
C:\588bce7c90097ed212\Graphics\Rotate1.ico
|
-
|
Access, Create, Read, Write, Delete
|
|
C:\588bce7c90097ed212\Graphics\Rotate1.ico.gоod
|
-
|
Access, Create
|
|
C:\588bce7c90097ed212\Graphics\Rotate2.ico
|
-
|
Access, Create, Read, Write, Delete
|
|
C:\588bce7c90097ed212\Graphics\Rotate2.ico.gоod
|
-
|
Access, Create
|
|
C:\588bce7c90097ed212\Graphics\Rotate3.ico
|
-
|
Access, Create, Read, Write, Delete
|
|
C:\588bce7c90097ed212\Graphics\Rotate3.ico.gоod
|
-
|
Access, Create
|
|
C:\588bce7c90097ed212\Graphics\Rotate4.ico
|
-
|
Access, Create, Read, Write, Delete
|
|
C:\588bce7c90097ed212\Graphics\Rotate4.ico.gоod
|
-
|
Access, Create
|
|
C:\588bce7c90097ed212\Graphics\Rotate5.ico
|
-
|
Access, Create, Read, Write, Delete
|
|
C:\588bce7c90097ed212\Graphics\Rotate5.ico.gоod
|
-
|
Access, Create
|
|
C:\588bce7c90097ed212\Graphics\Rotate6.ico
|
-
|
Access, Create, Read, Write, Delete
|
|
C:\588bce7c90097ed212\Graphics\Rotate6.ico.gоod
|
-
|
Access, Create
|
|
C:\588bce7c90097ed212\Graphics\Rotate7.ico
|
-
|
Access, Create, Read, Write, Delete
|
|
C:\588bce7c90097ed212\Graphics\Rotate7.ico.gоod
|
-
|
Access, Create
|
|
C:\588bce7c90097ed212\Graphics\Rotate8.ico
|
-
|
Access, Create, Read, Write, Delete
|
|
C:\588bce7c90097ed212\Graphics\Rotate8.ico.gоod
|
-
|
Access, Create
|
|
C:\588bce7c90097ed212\Graphics\Save.ico
|
-
|
Access, Create, Read, Write, Delete
|
|
C:\588bce7c90097ed212\Graphics\Save.ico.gоod
|
-
|
Access, Create
|
|
C:\588bce7c90097ed212\Graphics\Setup.ico
|
-
|
Access, Read, Write, Delete
|
|
C:\588bce7c90097ed212\Graphics\Setup.ico.gоod
|
-
|
Access, Create
|
|
C:\588bce7c90097ed212\Graphics\stop.ico
|
-
|
Access, Read, Write, Delete
|
|
C:\588bce7c90097ed212\Graphics\stop.ico.gоod
|
-
|
Access, Create
|
|
C:\588bce7c90097ed212\Graphics\SysReqMet.ico
|
-
|
Access, Create, Read, Write, Delete
|
|
C:\588bce7c90097ed212\Graphics\SysReqMet.ico.gоod
|
-
|
Access, Create
|
|
C:\588bce7c90097ed212\Graphics\SysReqNotMet.ico
|
-
|
Access, Create, Read, Write, Delete
|
|
C:\588bce7c90097ed212\Graphics\SysReqNotMet.ico.gоod
|
-
|
Access, Create
|
|
C:\588bce7c90097ed212\Graphics\warn.ico
|
-
|
Access, Read, Write, Delete
|
|
C:\588bce7c90097ed212\Graphics\warn.ico.gоod
|
-
|
Access, Create
|
|
C:\588bce7c90097ed212\header.bmp
|
MD5:
f391e1dae367d9b1f08e9a8b150d6556
SHA1:
9f91e738f07e74c999954388c884cff5bf638fb2
SHA256:
8cbaebc94aa0763504c57c8fbabf9ad64a9602e9fe94d9f5529e15704af58d47
SSDeep:
96:lV9RN5iyz+SOGOZX+Xtz/8ZCrlQ5VHpx5kQ:hQyoGOZCRQTj5kQ
ImpHash:
None
|
Access, Create, Read, Write, Delete
|
Modified File
|
C:\588bce7c90097ed212\header.bmp.gоod
|
MD5:
f391e1dae367d9b1f08e9a8b150d6556
SHA1:
9f91e738f07e74c999954388c884cff5bf638fb2
SHA256:
8cbaebc94aa0763504c57c8fbabf9ad64a9602e9fe94d9f5529e15704af58d47
SSDeep:
96:lV9RN5iyz+SOGOZX+Xtz/8ZCrlQ5VHpx5kQ:hQyoGOZCRQTj5kQ
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\588bce7c90097ed212\HOW_TO_RECOVER_FILES.txt
|
-
|
Access, Create, Write
|
|
C:\588bce7c90097ed212\netfx_Core_x64.msi
|
MD5:
50075d724a9f1bbb21aae19b279f33d5
SHA1:
b7f43f7348d13f2e2a6c577f880531bd4434a77f
SHA256:
eed8f849d4cab5594b7de70ec1e05fb3e544babfc36e09ee7b58ec1dce01a234
SSDeep:
24576:w/zZ6tsNrQpc+BQbPyxbs4rONSnfiPBC6xahsovoMfjhOGxZWxw0H:k6tuQpcxisfQf2M6FGoMLI
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\588bce7c90097ed212\netfx_Core_x64.msi.gоod
|
MD5:
50075d724a9f1bbb21aae19b279f33d5
SHA1:
b7f43f7348d13f2e2a6c577f880531bd4434a77f
SHA256:
eed8f849d4cab5594b7de70ec1e05fb3e544babfc36e09ee7b58ec1dce01a234
SSDeep:
24576:w/zZ6tsNrQpc+BQbPyxbs4rONSnfiPBC6xahsovoMfjhOGxZWxw0H:k6tuQpcxisfQf2M6FGoMLI
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\588bce7c90097ed212\netfx_Core_x86.msi
|
MD5:
2dd8103072852198ef75784cb0fff09b
SHA1:
c35511d380ee102590dbdab954346eaf7f98a031
SHA256:
d6479a8cb93705b6cc3670d6e8b92f9c81abb20e04bbdb9cb4620ca413a686e2
SSDeep:
24576:Gf6szx1u6dsNbQXcUwabPx9bswH/fd6pxrL:GfhzxI6d+QXcWDsK1w
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\588bce7c90097ed212\netfx_Core_x86.msi.gоod
|
MD5:
2dd8103072852198ef75784cb0fff09b
SHA1:
c35511d380ee102590dbdab954346eaf7f98a031
SHA256:
d6479a8cb93705b6cc3670d6e8b92f9c81abb20e04bbdb9cb4620ca413a686e2
SSDeep:
24576:Gf6szx1u6dsNbQXcUwabPx9bswH/fd6pxrL:GfhzxI6d+QXcWDsK1w
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\588bce7c90097ed212\netfx_Extended_x64.msi
|
MD5:
d904bb84d9bf8974e2ce542f9e543534
SHA1:
4759485f9009e7e80c8e1a40ae8349a9b83e335a
SHA256:
f4a1c4655a4cef66a7790f250919bf60578ef5a021715713a97232e2c3d0cb46
SSDeep:
24576:0/J96doNrQlcqGRpOQSpKiPBD6txBkkkkk5SVh:G6dKQlc4Fc216XmSz
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\588bce7c90097ed212\netfx_Extended_x64.msi.gоod
|
MD5:
d904bb84d9bf8974e2ce542f9e543534
SHA1:
4759485f9009e7e80c8e1a40ae8349a9b83e335a
SHA256:
f4a1c4655a4cef66a7790f250919bf60578ef5a021715713a97232e2c3d0cb46
SSDeep:
24576:0/J96doNrQlcqGRpOQSpKiPBD6txBkkkkk5SVh:G6dKQlc4Fc216XmSz
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\588bce7c90097ed212\netfx_Extended_x86.msi
|
MD5:
3e13c94c72cfcbc43b9253ccd616c6ce
SHA1:
e8362a070ba09c0e261748b146785820a99c6d4c
SHA256:
ca20af5fe4e9894e6406ad1bad270cef005ff67996af6cd2afce602e7aa9e272
SSDeep:
6144:4RHfepsrxRrGh/JD6sAOiOk05c+Q+OjUIsLQUIcFxZSBVv+lYjsm6FBQ0ssT5HG:qHfepsrx1GX6sEsNz7QXcFxZ+VhjErm
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\588bce7c90097ed212\netfx_Extended_x86.msi.gоod
|
MD5:
3e13c94c72cfcbc43b9253ccd616c6ce
SHA1:
e8362a070ba09c0e261748b146785820a99c6d4c
SHA256:
ca20af5fe4e9894e6406ad1bad270cef005ff67996af6cd2afce602e7aa9e272
SSDeep:
6144:4RHfepsrxRrGh/JD6sAOiOk05c+Q+OjUIsLQUIcFxZSBVv+lYjsm6FBQ0ssT5HG:qHfepsrx1GX6sEsNz7QXcFxZ+VhjErm
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\588bce7c90097ed212\ParameterInfo.xml
|
MD5:
f1c65198c27b2e48700ced64ac16fc12
SHA1:
7d4b7d7e1c7d6ed12e914c76ee7493450171afa6
SHA256:
6cdbbda7c47a051c725822dbd4c749d1337e0382bb2425b4bd7dfe0ee8cf197b
SSDeep:
768:snd66DcFROYoVQTLTQTDFdhaaot6PcbrI1:Q86AFRJoDdhaZI1
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\588bce7c90097ed212\ParameterInfo.xml.gоod
|
MD5:
f1c65198c27b2e48700ced64ac16fc12
SHA1:
7d4b7d7e1c7d6ed12e914c76ee7493450171afa6
SHA256:
6cdbbda7c47a051c725822dbd4c749d1337e0382bb2425b4bd7dfe0ee8cf197b
SSDeep:
768:snd66DcFROYoVQTLTQTDFdhaaot6PcbrI1:Q86AFRJoDdhaZI1
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\588bce7c90097ed212\RGB9RAST_x64.msi
|
MD5:
00bb5f2a23c6ec0bfd60e85c5aaa5fd1
SHA1:
144bca9ee0020820685e7a7095b238f61e56a333
SHA256:
4791666f57db3a2e72ad1bf13871ca0cfb0d927035e1c733acc40bc7210d114d
SSDeep:
3072:NZbdgC73Q5H0Un0li+G9A7Kve3Hg5BszizUVQzB7m09g47aEqPNWZKq5uXp0p:Nddgq38l1A7Km3Hg5CzizuE99gVEqiB7
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\588bce7c90097ed212\RGB9RAST_x64.msi.gоod
|
MD5:
00bb5f2a23c6ec0bfd60e85c5aaa5fd1
SHA1:
144bca9ee0020820685e7a7095b238f61e56a333
SHA256:
4791666f57db3a2e72ad1bf13871ca0cfb0d927035e1c733acc40bc7210d114d
SSDeep:
3072:NZbdgC73Q5H0Un0li+G9A7Kve3Hg5BszizUVQzB7m09g47aEqPNWZKq5uXp0p:Nddgq38l1A7Km3Hg5CzizuE99gVEqiB7
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\588bce7c90097ed212\RGB9Rast_x86.msi
|
MD5:
0373accb9e943ca91069452c9163ff1a
SHA1:
694e1366cac963011be0834df86811488d069a43
SHA256:
ee7d0e1fd8a7611e8607b8770c21ec38d6672c1e94b35b12356cab8c20f6680e
SSDeep:
1536:boZdWM41picgCjX3QAoHwDHL0fWi0lrmsIjyG9heHApNR3YHaeAHaeees:BZbdgC73Q5H0Un0li+G9AsxqQs
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\588bce7c90097ed212\RGB9Rast_x86.msi.gоod
|
MD5:
0373accb9e943ca91069452c9163ff1a
SHA1:
694e1366cac963011be0834df86811488d069a43
SHA256:
ee7d0e1fd8a7611e8607b8770c21ec38d6672c1e94b35b12356cab8c20f6680e
SSDeep:
1536:boZdWM41picgCjX3QAoHwDHL0fWi0lrmsIjyG9heHApNR3YHaeAHaeees:BZbdgC73Q5H0Un0li+G9AsxqQs
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\588bce7c90097ed212\Setup.exe
|
MD5:
2fe9888e8446efaa3670939bff1cf228
SHA1:
1b54dbdbd209c362fc1219958893ecb3d8cc534a
SHA256:
c60ab0bbd38834b3a4a072003532b47feefc80a4cd49c50568847ce45c2769bd
SSDeep:
1536:Y3YNItbBL5NWiiESc0exWZnqxMQP8ZOs0JD9rHUM:Y3YNAB9NWTZctc/gBJ9oM
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\588bce7c90097ed212\Setup.exe.gоod
|
MD5:
2fe9888e8446efaa3670939bff1cf228
SHA1:
1b54dbdbd209c362fc1219958893ecb3d8cc534a
SHA256:
c60ab0bbd38834b3a4a072003532b47feefc80a4cd49c50568847ce45c2769bd
SSDeep:
1536:Y3YNItbBL5NWiiESc0exWZnqxMQP8ZOs0JD9rHUM:Y3YNAB9NWTZctc/gBJ9oM
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\588bce7c90097ed212\SetupUi.xsd
|
MD5:
93ab0c4ff11f5a3349bc3a49e2a32f2e
SHA1:
413c3ebbf13da223214e43469be6e39984204c47
SHA256:
4b20989542d4046662188f1a76945a3985e3c994baff5205943c85cb7766209d
SSDeep:
384:zaKWf+13CpJoXXETy26hKaQUwPh7u7l7P7A70mW717u7WiW4WmPH88G2+s+N+5+P:zWG1/ET/chT+cxcW8G2P4oeTMW
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\588bce7c90097ed212\SetupUi.xsd.gоod
|
MD5:
93ab0c4ff11f5a3349bc3a49e2a32f2e
SHA1:
413c3ebbf13da223214e43469be6e39984204c47
SHA256:
4b20989542d4046662188f1a76945a3985e3c994baff5205943c85cb7766209d
SSDeep:
384:zaKWf+13CpJoXXETy26hKaQUwPh7u7l7P7A70mW717u7WiW4WmPH88G2+s+N+5+P:zWG1/ET/chT+cxcW8G2P4oeTMW
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\588bce7c90097ed212\SetupUtility.exe
|
MD5:
97893bf3ffc198c496b6dbfd1bfa077a
SHA1:
f6d5d8f24d3639468cc386305747dbb5509d9001
SHA256:
cebcfe9569f0fb4171f5ed2811b99218719c11420edb1feb43d5d25f166522aa
SSDeep:
1536:IM/+59IKI1N74oszIepIJqwlAno0dwRXPuY6zcVcE7OgkT9vs6M4raUZrH9rHUZ:IM/+59hI1NktIemJllRXGYRKEaVM4raN
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\588bce7c90097ed212\SetupUtility.exe.gоod
|
MD5:
97893bf3ffc198c496b6dbfd1bfa077a
SHA1:
f6d5d8f24d3639468cc386305747dbb5509d9001
SHA256:
cebcfe9569f0fb4171f5ed2811b99218719c11420edb1feb43d5d25f166522aa
SSDeep:
1536:IM/+59IKI1N74oszIepIJqwlAno0dwRXPuY6zcVcE7OgkT9vs6M4raUZrH9rHUZ:IM/+59hI1NktIemJllRXGYRKEaVM4raN
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\588bce7c90097ed212\SplashScreen.bmp
|
MD5:
e5128c9cc2bbf7926de164962d1d7967
SHA1:
06114d25b6e75e84983960e8672d1e74c3c3510f
SHA256:
52456ffa6a68f17b65cbf41a9102e47cce953c2d8fddd1d22ec22ca5ca8bff79
SSDeep:
384:SZckE/vCDfE26zkgxmJGEsU3pP28+Qq1ms68/tUqHUlHGwM7bwv3ETbFr2:SZcrvCQ2DpoapTbimsqHGE
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\588bce7c90097ed212\SplashScreen.bmp.gоod
|
MD5:
e5128c9cc2bbf7926de164962d1d7967
SHA1:
06114d25b6e75e84983960e8672d1e74c3c3510f
SHA256:
52456ffa6a68f17b65cbf41a9102e47cce953c2d8fddd1d22ec22ca5ca8bff79
SSDeep:
384:SZckE/vCDfE26zkgxmJGEsU3pP28+Qq1ms68/tUqHUlHGwM7bwv3ETbFr2:SZcrvCQ2DpoapTbimsqHGE
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\588bce7c90097ed212\Strings.xml
|
MD5:
a19ebbe4ccdb90da92f9df504a29ca6d
SHA1:
608a144b18973debc5d7c3bf7d0de9b8dd920378
SHA256:
1d4381c28a26ead33c8605f7a0053cf85cd306ca95c26e87fdc533dfc6bb9633
SSDeep:
384:1y6k24Pu0N66HnRY3vqaqMnYfHHVXIHjfBHwnwXCa+f:1+OqB
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\588bce7c90097ed212\Strings.xml.gоod
|
MD5:
a19ebbe4ccdb90da92f9df504a29ca6d
SHA1:
608a144b18973debc5d7c3bf7d0de9b8dd920378
SHA256:
1d4381c28a26ead33c8605f7a0053cf85cd306ca95c26e87fdc533dfc6bb9633
SSDeep:
384:1y6k24Pu0N66HnRY3vqaqMnYfHHVXIHjfBHwnwXCa+f:1+OqB
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\588bce7c90097ed212\UiInfo.xml
|
MD5:
eafb290ac67d44942d9d12cdfb210445
SHA1:
c7f2e7b5cce71dee756baedcf897946f344223dd
SHA256:
8fd0abe334fe1df339b873b73a37b0aa770a6341252d9ef5d63a118754467e8e
SSDeep:
768:zIxEZSusgP7ZgZ/vSguJQvFQXvDINJh6Fmhvk71sO0Nep3UL9Eu+dOtOcOdOjTZX:zI6YuTPuZXQYQLIN/6Fmhvk71sO0NepS
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\588bce7c90097ed212\UiInfo.xml.gоod
|
MD5:
eafb290ac67d44942d9d12cdfb210445
SHA1:
c7f2e7b5cce71dee756baedcf897946f344223dd
SHA256:
8fd0abe334fe1df339b873b73a37b0aa770a6341252d9ef5d63a118754467e8e
SSDeep:
768:zIxEZSusgP7ZgZ/vSguJQvFQXvDINJh6Fmhvk71sO0Nep3UL9Eu+dOtOcOdOjTZX:zI6YuTPuZXQYQLIN/6Fmhvk71sO0NepS
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\588bce7c90097ed212\watermark.bmp
|
MD5:
2d61de036acfa58815a429821550fa19
SHA1:
4900eb0cb96310ce823c4510732af453b026a256
SHA256:
2a6019d1b95c6fd3207e97fa4d76919ee28a913a82b875713d35bf2c034a98a7
SSDeep:
768:XCJbKZKUpOeBmAj72KbvEvffvCv7cTIMUHuRzHA8X9H51T9ho4xw7CgBl:XaKZKULmAfbvEv47cIHzE9vo4SuUl
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\588bce7c90097ed212\watermark.bmp.gоod
|
MD5:
2d61de036acfa58815a429821550fa19
SHA1:
4900eb0cb96310ce823c4510732af453b026a256
SHA256:
2a6019d1b95c6fd3207e97fa4d76919ee28a913a82b875713d35bf2c034a98a7
SSDeep:
768:XCJbKZKUpOeBmAj72KbvEvffvCv7cTIMUHuRzHA8X9H51T9ho4xw7CgBl:XaKZKULmAfbvEv47cIHzE9vo4SuUl
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\Boot\BCD
|
-
|
Access
|
|
C:\Boot\BCD.LOG
|
-
|
Access
|
|
C:\Boot\bg-BG\bootmgr.exe.mui
|
-
|
Access
|
|
C:\Boot\bg-BG\HOW_TO_RECOVER_FILES.txt
|
MD5:
c25e52e180ed143127434f7ff3551897
SHA1:
e76c671e886b7f02c5659db3ca7198f1f6236bca
SHA256:
58a5d6fa67f443c45693cd504d52de95162bbcbed1acf8ce1b228f83d0192f28
SSDeep:
24:FE4rVP01jhs7O/kQEX2HtKo/nR3rOeoz41QpwRLF9RSc3LYCkoPQwWRDdav:15MhDwoPRryz4ipOPIc3sCkoPqDMv
ImpHash:
None
|
Access, Create, Write
|
Dropped File
|
C:\Boot\BOOTSTAT.DAT
|
MD5:
bb3b292a034195fa197394b4693f6111
SHA1:
5f42eb6495a17827f19fe0b31381d8d29d1aa9e0
SHA256:
49d8567ab1590a3e38e7a90509e9633db9215218fcdf4f267a92fc0a9a0f2340
SSDeep:
96:4Wo9Q1msMrxjFjPEA9zKIsphibHOujA1+9v/sk86Flsg5eGEidYy:gJsCjhMySw5skcg5LEidL
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\Boot\BOOTSTAT.DAT.gоod
|
MD5:
bb3b292a034195fa197394b4693f6111
SHA1:
5f42eb6495a17827f19fe0b31381d8d29d1aa9e0
SHA256:
49d8567ab1590a3e38e7a90509e9633db9215218fcdf4f267a92fc0a9a0f2340
SSDeep:
96:4Wo9Q1msMrxjFjPEA9zKIsphibHOujA1+9v/sk86Flsg5eGEidYy:gJsCjhMySw5skcg5LEidL
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\Boot\cs-CZ\bootmgr.exe.mui
|
-
|
Access
|
|
C:\Boot\cs-CZ\HOW_TO_RECOVER_FILES.txt
|
MD5:
c25e52e180ed143127434f7ff3551897
SHA1:
e76c671e886b7f02c5659db3ca7198f1f6236bca
SHA256:
58a5d6fa67f443c45693cd504d52de95162bbcbed1acf8ce1b228f83d0192f28
SSDeep:
24:FE4rVP01jhs7O/kQEX2HtKo/nR3rOeoz41QpwRLF9RSc3LYCkoPQwWRDdav:15MhDwoPRryz4ipOPIc3sCkoPqDMv
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\Boot\cs-CZ\memtest.exe.mui
|
-
|
Access
|
|
C:\Boot\da-DK\bootmgr.exe.mui
|
-
|
Access
|
|
C:\Boot\da-DK\HOW_TO_RECOVER_FILES.txt
|
MD5:
c25e52e180ed143127434f7ff3551897
SHA1:
e76c671e886b7f02c5659db3ca7198f1f6236bca
SHA256:
58a5d6fa67f443c45693cd504d52de95162bbcbed1acf8ce1b228f83d0192f28
SSDeep:
24:FE4rVP01jhs7O/kQEX2HtKo/nR3rOeoz41QpwRLF9RSc3LYCkoPQwWRDdav:15MhDwoPRryz4ipOPIc3sCkoPqDMv
ImpHash:
None
|
Access, Create, Write
|
Dropped File
|
C:\Boot\da-DK\memtest.exe.mui
|
-
|
Access
|
|
C:\Boot\de-DE\bootmgr.exe.mui
|
-
|
Access
|
|
C:\Boot\de-DE\HOW_TO_RECOVER_FILES.txt
|
MD5:
c25e52e180ed143127434f7ff3551897
SHA1:
e76c671e886b7f02c5659db3ca7198f1f6236bca
SHA256:
58a5d6fa67f443c45693cd504d52de95162bbcbed1acf8ce1b228f83d0192f28
SSDeep:
24:FE4rVP01jhs7O/kQEX2HtKo/nR3rOeoz41QpwRLF9RSc3LYCkoPQwWRDdav:15MhDwoPRryz4ipOPIc3sCkoPqDMv
ImpHash:
None
|
Access, Create, Write
|
Dropped File
|
C:\Boot\de-DE\memtest.exe.mui
|
-
|
Access
|
|
C:\Boot\el-GR\bootmgr.exe.mui
|
-
|
Access
|
|
C:\Boot\el-GR\HOW_TO_RECOVER_FILES.txt
|
MD5:
c25e52e180ed143127434f7ff3551897
SHA1:
e76c671e886b7f02c5659db3ca7198f1f6236bca
SHA256:
58a5d6fa67f443c45693cd504d52de95162bbcbed1acf8ce1b228f83d0192f28
SSDeep:
24:FE4rVP01jhs7O/kQEX2HtKo/nR3rOeoz41QpwRLF9RSc3LYCkoPQwWRDdav:15MhDwoPRryz4ipOPIc3sCkoPqDMv
ImpHash:
None
|
Access, Create, Write
|
Dropped File
|
C:\Boot\el-GR\memtest.exe.mui
|
-
|
Access
|
|
C:\Boot\en-GB\bootmgr.exe.mui
|
-
|
Access
|
|
C:\Boot\en-GB\HOW_TO_RECOVER_FILES.txt
|
MD5:
c25e52e180ed143127434f7ff3551897
SHA1:
e76c671e886b7f02c5659db3ca7198f1f6236bca
SHA256:
58a5d6fa67f443c45693cd504d52de95162bbcbed1acf8ce1b228f83d0192f28
SSDeep:
24:FE4rVP01jhs7O/kQEX2HtKo/nR3rOeoz41QpwRLF9RSc3LYCkoPQwWRDdav:15MhDwoPRryz4ipOPIc3sCkoPqDMv
ImpHash:
None
|
Access, Create, Write
|
Dropped File
|
C:\Boot\en-US\bootmgr.exe.mui
|
-
|
Access
|
|
C:\Boot\en-US\HOW_TO_RECOVER_FILES.txt
|
MD5:
c25e52e180ed143127434f7ff3551897
SHA1:
e76c671e886b7f02c5659db3ca7198f1f6236bca
SHA256:
58a5d6fa67f443c45693cd504d52de95162bbcbed1acf8ce1b228f83d0192f28
SSDeep:
24:FE4rVP01jhs7O/kQEX2HtKo/nR3rOeoz41QpwRLF9RSc3LYCkoPQwWRDdav:15MhDwoPRryz4ipOPIc3sCkoPqDMv
ImpHash:
None
|
Access, Create, Write
|
Dropped File
|
C:\Boot\en-US\memtest.exe.mui
|
-
|
Access
|
|
C:\Boot\es-ES\bootmgr.exe.mui
|
-
|
Access
|
|
C:\Boot\es-ES\HOW_TO_RECOVER_FILES.txt
|
MD5:
c25e52e180ed143127434f7ff3551897
SHA1:
e76c671e886b7f02c5659db3ca7198f1f6236bca
SHA256:
58a5d6fa67f443c45693cd504d52de95162bbcbed1acf8ce1b228f83d0192f28
SSDeep:
24:FE4rVP01jhs7O/kQEX2HtKo/nR3rOeoz41QpwRLF9RSc3LYCkoPQwWRDdav:15MhDwoPRryz4ipOPIc3sCkoPqDMv
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\Boot\es-ES\memtest.exe.mui
|
-
|
Access
|
|
C:\Boot\es-MX\bootmgr.exe.mui
|
-
|
Access
|
|
C:\Boot\es-MX\HOW_TO_RECOVER_FILES.txt
|
MD5:
c25e52e180ed143127434f7ff3551897
SHA1:
e76c671e886b7f02c5659db3ca7198f1f6236bca
SHA256:
58a5d6fa67f443c45693cd504d52de95162bbcbed1acf8ce1b228f83d0192f28
SSDeep:
24:FE4rVP01jhs7O/kQEX2HtKo/nR3rOeoz41QpwRLF9RSc3LYCkoPQwWRDdav:15MhDwoPRryz4ipOPIc3sCkoPqDMv
ImpHash:
None
|
Access, Create, Write
|
Dropped File
|
C:\Boot\et-EE\bootmgr.exe.mui
|
-
|
Access
|
|
C:\Boot\et-EE\HOW_TO_RECOVER_FILES.txt
|
MD5:
c25e52e180ed143127434f7ff3551897
SHA1:
e76c671e886b7f02c5659db3ca7198f1f6236bca
SHA256:
58a5d6fa67f443c45693cd504d52de95162bbcbed1acf8ce1b228f83d0192f28
SSDeep:
24:FE4rVP01jhs7O/kQEX2HtKo/nR3rOeoz41QpwRLF9RSc3LYCkoPQwWRDdav:15MhDwoPRryz4ipOPIc3sCkoPqDMv
ImpHash:
None
|
Access, Create, Write
|
Dropped File
|
C:\Boot\fi-FI\bootmgr.exe.mui
|
-
|
Access
|
|
C:\Boot\fi-FI\HOW_TO_RECOVER_FILES.txt
|
MD5:
c25e52e180ed143127434f7ff3551897
SHA1:
e76c671e886b7f02c5659db3ca7198f1f6236bca
SHA256:
58a5d6fa67f443c45693cd504d52de95162bbcbed1acf8ce1b228f83d0192f28
SSDeep:
24:FE4rVP01jhs7O/kQEX2HtKo/nR3rOeoz41QpwRLF9RSc3LYCkoPQwWRDdav:15MhDwoPRryz4ipOPIc3sCkoPqDMv
ImpHash:
None
|
Access, Create, Write
|
Dropped File
|
C:\Boot\fi-FI\memtest.exe.mui
|
-
|
Access
|
|
C:\Boot\Fonts\HOW_TO_RECOVER_FILES.txt
|
MD5:
c25e52e180ed143127434f7ff3551897
SHA1:
e76c671e886b7f02c5659db3ca7198f1f6236bca
SHA256:
58a5d6fa67f443c45693cd504d52de95162bbcbed1acf8ce1b228f83d0192f28
SSDeep:
24:FE4rVP01jhs7O/kQEX2HtKo/nR3rOeoz41QpwRLF9RSc3LYCkoPQwWRDdav:15MhDwoPRryz4ipOPIc3sCkoPqDMv
ImpHash:
None
|
Access, Create, Write
|
Dropped File
|
C:\Boot\fr-CA\bootmgr.exe.mui
|
-
|
Access
|
|
C:\Boot\fr-CA\HOW_TO_RECOVER_FILES.txt
|
MD5:
c25e52e180ed143127434f7ff3551897
SHA1:
e76c671e886b7f02c5659db3ca7198f1f6236bca
SHA256:
58a5d6fa67f443c45693cd504d52de95162bbcbed1acf8ce1b228f83d0192f28
SSDeep:
24:FE4rVP01jhs7O/kQEX2HtKo/nR3rOeoz41QpwRLF9RSc3LYCkoPQwWRDdav:15MhDwoPRryz4ipOPIc3sCkoPqDMv
ImpHash:
None
|
Access, Create, Write
|
Dropped File
|
C:\Boot\fr-FR\bootmgr.exe.mui
|
-
|
Access
|
|
C:\Boot\fr-FR\HOW_TO_RECOVER_FILES.txt
|
MD5:
c25e52e180ed143127434f7ff3551897
SHA1:
e76c671e886b7f02c5659db3ca7198f1f6236bca
SHA256:
58a5d6fa67f443c45693cd504d52de95162bbcbed1acf8ce1b228f83d0192f28
SSDeep:
24:FE4rVP01jhs7O/kQEX2HtKo/nR3rOeoz41QpwRLF9RSc3LYCkoPQwWRDdav:15MhDwoPRryz4ipOPIc3sCkoPqDMv
ImpHash:
None
|
Access, Create, Write
|
Dropped File
|
C:\Boot\fr-FR\memtest.exe.mui
|
-
|
Access
|
|
C:\Boot\HOW_TO_RECOVER_FILES.txt
|
MD5:
c25e52e180ed143127434f7ff3551897
SHA1:
e76c671e886b7f02c5659db3ca7198f1f6236bca
SHA256:
58a5d6fa67f443c45693cd504d52de95162bbcbed1acf8ce1b228f83d0192f28
SSDeep:
24:FE4rVP01jhs7O/kQEX2HtKo/nR3rOeoz41QpwRLF9RSc3LYCkoPQwWRDdav:15MhDwoPRryz4ipOPIc3sCkoPqDMv
ImpHash:
None
|
Access, Create, Write
|
Dropped File
|
C:\Boot\hr-HR\bootmgr.exe.mui
|
-
|
Access
|
|
C:\Boot\hr-HR\HOW_TO_RECOVER_FILES.txt
|
MD5:
c25e52e180ed143127434f7ff3551897
SHA1:
e76c671e886b7f02c5659db3ca7198f1f6236bca
SHA256:
58a5d6fa67f443c45693cd504d52de95162bbcbed1acf8ce1b228f83d0192f28
SSDeep:
24:FE4rVP01jhs7O/kQEX2HtKo/nR3rOeoz41QpwRLF9RSc3LYCkoPQwWRDdav:15MhDwoPRryz4ipOPIc3sCkoPqDMv
ImpHash:
None
|
Access, Create, Write
|
Dropped File
|
C:\Boot\hu-HU\bootmgr.exe.mui
|
-
|
Access
|
|
C:\Boot\hu-HU\HOW_TO_RECOVER_FILES.txt
|
MD5:
c25e52e180ed143127434f7ff3551897
SHA1:
e76c671e886b7f02c5659db3ca7198f1f6236bca
SHA256:
58a5d6fa67f443c45693cd504d52de95162bbcbed1acf8ce1b228f83d0192f28
SSDeep:
24:FE4rVP01jhs7O/kQEX2HtKo/nR3rOeoz41QpwRLF9RSc3LYCkoPQwWRDdav:15MhDwoPRryz4ipOPIc3sCkoPqDMv
ImpHash:
None
|
Access, Create, Write
|
Dropped File
|
C:\Boot\hu-HU\memtest.exe.mui
|
-
|
Access
|
|
C:\Boot\it-IT\bootmgr.exe.mui
|
-
|
Access
|
|
C:\Boot\it-IT\HOW_TO_RECOVER_FILES.txt
|
MD5:
c25e52e180ed143127434f7ff3551897
SHA1:
e76c671e886b7f02c5659db3ca7198f1f6236bca
SHA256:
58a5d6fa67f443c45693cd504d52de95162bbcbed1acf8ce1b228f83d0192f28
SSDeep:
24:FE4rVP01jhs7O/kQEX2HtKo/nR3rOeoz41QpwRLF9RSc3LYCkoPQwWRDdav:15MhDwoPRryz4ipOPIc3sCkoPqDMv
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\Boot\it-IT\memtest.exe.mui
|
-
|
Access
|
|
C:\Boot\ja-JP\bootmgr.exe.mui
|
-
|
Access
|
|
C:\Boot\ja-JP\HOW_TO_RECOVER_FILES.txt
|
MD5:
c25e52e180ed143127434f7ff3551897
SHA1:
e76c671e886b7f02c5659db3ca7198f1f6236bca
SHA256:
58a5d6fa67f443c45693cd504d52de95162bbcbed1acf8ce1b228f83d0192f28
SSDeep:
24:FE4rVP01jhs7O/kQEX2HtKo/nR3rOeoz41QpwRLF9RSc3LYCkoPQwWRDdav:15MhDwoPRryz4ipOPIc3sCkoPqDMv
ImpHash:
None
|
Access, Create, Read, Write
|
Dropped File
|
C:\Boot\ja-JP\memtest.exe.mui
|
-
|
Access
|
|
C:\Boot\ko-KR\bootmgr.exe.mui
|
-
|
Access
|
|
C:\Boot\ko-KR\HOW_TO_RECOVER_FILES.txt
|
MD5:
c25e52e180ed143127434f7ff3551897
SHA1:
e76c671e886b7f02c5659db3ca7198f1f6236bca
SHA256:
58a5d6fa67f443c45693cd504d52de95162bbcbed1acf8ce1b228f83d0192f28
SSDeep:
24:FE4rVP01jhs7O/kQEX2HtKo/nR3rOeoz41QpwRLF9RSc3LYCkoPQwWRDdav:15MhDwoPRryz4ipOPIc3sCkoPqDMv
ImpHash:
None
|
Access, Create, Write
|
Dropped File
|
C:\Boot\ko-KR\memtest.exe.mui
|
-
|
Access
|
|
C:\Boot\lt-LT\bootmgr.exe.mui
|
-
|
Access
|
|
C:\Boot\lt-LT\HOW_TO_RECOVER_FILES.txt
|
MD5:
c25e52e180ed143127434f7ff3551897
SHA1:
e76c671e886b7f02c5659db3ca7198f1f6236bca
SHA256:
58a5d6fa67f443c45693cd504d52de95162bbcbed1acf8ce1b228f83d0192f28
SSDeep:
24:FE4rVP01jhs7O/kQEX2HtKo/nR3rOeoz41QpwRLF9RSc3LYCkoPQwWRDdav:15MhDwoPRryz4ipOPIc3sCkoPqDMv
ImpHash:
None
|
Access, Create, Write
|
Dropped File
|
C:\Boot\lv-LV\bootmgr.exe.mui
|
-
|
Access
|
|
C:\Boot\lv-LV\HOW_TO_RECOVER_FILES.txt
|
MD5:
c25e52e180ed143127434f7ff3551897
SHA1:
e76c671e886b7f02c5659db3ca7198f1f6236bca
SHA256:
58a5d6fa67f443c45693cd504d52de95162bbcbed1acf8ce1b228f83d0192f28
SSDeep:
24:FE4rVP01jhs7O/kQEX2HtKo/nR3rOeoz41QpwRLF9RSc3LYCkoPQwWRDdav:15MhDwoPRryz4ipOPIc3sCkoPqDMv
ImpHash:
None
|
Access, Create, Write
|
Dropped File
|
C:\Boot\memtest.exe
|
-
|
Access
|
|
C:\Boot\nb-NO\bootmgr.exe.mui
|
-
|
Access
|
|
C:\Boot\nb-NO\HOW_TO_RECOVER_FILES.txt
|
MD5:
c25e52e180ed143127434f7ff3551897
SHA1:
e76c671e886b7f02c5659db3ca7198f1f6236bca
SHA256:
58a5d6fa67f443c45693cd504d52de95162bbcbed1acf8ce1b228f83d0192f28
SSDeep:
24:FE4rVP01jhs7O/kQEX2HtKo/nR3rOeoz41QpwRLF9RSc3LYCkoPQwWRDdav:15MhDwoPRryz4ipOPIc3sCkoPqDMv
ImpHash:
None
|
Access, Create, Write
|
Dropped File
|
C:\Boot\nb-NO\memtest.exe.mui
|
-
|
Access
|
|
C:\Boot\nl-NL\bootmgr.exe.mui
|
-
|
Access
|
|
C:\Boot\nl-NL\HOW_TO_RECOVER_FILES.txt
|
MD5:
c25e52e180ed143127434f7ff3551897
SHA1:
e76c671e886b7f02c5659db3ca7198f1f6236bca
SHA256:
58a5d6fa67f443c45693cd504d52de95162bbcbed1acf8ce1b228f83d0192f28
SSDeep:
24:FE4rVP01jhs7O/kQEX2HtKo/nR3rOeoz41QpwRLF9RSc3LYCkoPQwWRDdav:15MhDwoPRryz4ipOPIc3sCkoPqDMv
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\Boot\nl-NL\memtest.exe.mui
|
-
|
Access
|
|
C:\Boot\pl-PL\bootmgr.exe.mui
|
-
|
Access
|
|
C:\Boot\pl-PL\HOW_TO_RECOVER_FILES.txt
|
MD5:
c25e52e180ed143127434f7ff3551897
SHA1:
e76c671e886b7f02c5659db3ca7198f1f6236bca
SHA256:
58a5d6fa67f443c45693cd504d52de95162bbcbed1acf8ce1b228f83d0192f28
SSDeep:
24:FE4rVP01jhs7O/kQEX2HtKo/nR3rOeoz41QpwRLF9RSc3LYCkoPQwWRDdav:15MhDwoPRryz4ipOPIc3sCkoPqDMv
ImpHash:
None
|
Access, Create, Write
|
Dropped File
|
C:\Boot\pl-PL\memtest.exe.mui
|
-
|
Access
|
|
C:\Boot\pt-BR\bootmgr.exe.mui
|
-
|
Access
|
|
C:\Boot\pt-BR\HOW_TO_RECOVER_FILES.txt
|
MD5:
c25e52e180ed143127434f7ff3551897
SHA1:
e76c671e886b7f02c5659db3ca7198f1f6236bca
SHA256:
58a5d6fa67f443c45693cd504d52de95162bbcbed1acf8ce1b228f83d0192f28
SSDeep:
24:FE4rVP01jhs7O/kQEX2HtKo/nR3rOeoz41QpwRLF9RSc3LYCkoPQwWRDdav:15MhDwoPRryz4ipOPIc3sCkoPqDMv
ImpHash:
None
|
Access, Create, Write
|
Dropped File
|
C:\Boot\pt-BR\memtest.exe.mui
|
-
|
Access
|
|
C:\Boot\pt-PT\bootmgr.exe.mui
|
-
|
Access
|
|
C:\Boot\pt-PT\HOW_TO_RECOVER_FILES.txt
|
MD5:
c25e52e180ed143127434f7ff3551897
SHA1:
e76c671e886b7f02c5659db3ca7198f1f6236bca
SHA256:
58a5d6fa67f443c45693cd504d52de95162bbcbed1acf8ce1b228f83d0192f28
SSDeep:
24:FE4rVP01jhs7O/kQEX2HtKo/nR3rOeoz41QpwRLF9RSc3LYCkoPQwWRDdav:15MhDwoPRryz4ipOPIc3sCkoPqDMv
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\Boot\pt-PT\memtest.exe.mui
|
-
|
Access
|
|
C:\Boot\qps-ploc\bootmgr.exe.mui
|
-
|
Access
|
|
C:\Boot\qps-ploc\HOW_TO_RECOVER_FILES.txt
|
MD5:
c25e52e180ed143127434f7ff3551897
SHA1:
e76c671e886b7f02c5659db3ca7198f1f6236bca
SHA256:
58a5d6fa67f443c45693cd504d52de95162bbcbed1acf8ce1b228f83d0192f28
SSDeep:
24:FE4rVP01jhs7O/kQEX2HtKo/nR3rOeoz41QpwRLF9RSc3LYCkoPQwWRDdav:15MhDwoPRryz4ipOPIc3sCkoPqDMv
ImpHash:
None
|
Access, Create, Write
|
Dropped File
|
C:\Boot\qps-ploc\memtest.exe.mui
|
-
|
Access
|
|
C:\Boot\Resources\en-US\bootres.dll.mui
|
-
|
Access
|
|
C:\Boot\Resources\en-US\HOW_TO_RECOVER_FILES.txt
|
MD5:
c25e52e180ed143127434f7ff3551897
SHA1:
e76c671e886b7f02c5659db3ca7198f1f6236bca
SHA256:
58a5d6fa67f443c45693cd504d52de95162bbcbed1acf8ce1b228f83d0192f28
SSDeep:
24:FE4rVP01jhs7O/kQEX2HtKo/nR3rOeoz41QpwRLF9RSc3LYCkoPQwWRDdav:15MhDwoPRryz4ipOPIc3sCkoPqDMv
ImpHash:
None
|
Access, Create, Write
|
Dropped File
|
C:\Boot\Resources\HOW_TO_RECOVER_FILES.txt
|
MD5:
c25e52e180ed143127434f7ff3551897
SHA1:
e76c671e886b7f02c5659db3ca7198f1f6236bca
SHA256:
58a5d6fa67f443c45693cd504d52de95162bbcbed1acf8ce1b228f83d0192f28
SSDeep:
24:FE4rVP01jhs7O/kQEX2HtKo/nR3rOeoz41QpwRLF9RSc3LYCkoPQwWRDdav:15MhDwoPRryz4ipOPIc3sCkoPqDMv
ImpHash:
None
|
Access, Create, Write
|
Dropped File
|
C:\Boot\ro-RO\bootmgr.exe.mui
|
-
|
Access
|
|
C:\Boot\ro-RO\HOW_TO_RECOVER_FILES.txt
|
MD5:
c25e52e180ed143127434f7ff3551897
SHA1:
e76c671e886b7f02c5659db3ca7198f1f6236bca
SHA256:
58a5d6fa67f443c45693cd504d52de95162bbcbed1acf8ce1b228f83d0192f28
SSDeep:
24:FE4rVP01jhs7O/kQEX2HtKo/nR3rOeoz41QpwRLF9RSc3LYCkoPQwWRDdav:15MhDwoPRryz4ipOPIc3sCkoPqDMv
ImpHash:
None
|
Access, Create, Write
|
Dropped File
|
C:\Boot\ru-RU\bootmgr.exe.mui
|
-
|
Access
|
|
C:\Boot\ru-RU\HOW_TO_RECOVER_FILES.txt
|
MD5:
c25e52e180ed143127434f7ff3551897
SHA1:
e76c671e886b7f02c5659db3ca7198f1f6236bca
SHA256:
58a5d6fa67f443c45693cd504d52de95162bbcbed1acf8ce1b228f83d0192f28
SSDeep:
24:FE4rVP01jhs7O/kQEX2HtKo/nR3rOeoz41QpwRLF9RSc3LYCkoPQwWRDdav:15MhDwoPRryz4ipOPIc3sCkoPqDMv
ImpHash:
None
|
Access, Create, Write
|
Dropped File
|
C:\Boot\ru-RU\memtest.exe.mui
|
-
|
Access
|
|
C:\Boot\sk-SK\bootmgr.exe.mui
|
-
|
Access
|
|
C:\Boot\sk-SK\HOW_TO_RECOVER_FILES.txt
|
MD5:
c25e52e180ed143127434f7ff3551897
SHA1:
e76c671e886b7f02c5659db3ca7198f1f6236bca
SHA256:
58a5d6fa67f443c45693cd504d52de95162bbcbed1acf8ce1b228f83d0192f28
SSDeep:
24:FE4rVP01jhs7O/kQEX2HtKo/nR3rOeoz41QpwRLF9RSc3LYCkoPQwWRDdav:15MhDwoPRryz4ipOPIc3sCkoPqDMv
ImpHash:
None
|
Access, Create, Write
|
Dropped File
|
C:\Boot\sl-SI\bootmgr.exe.mui
|
-
|
Access
|
|
C:\Boot\sl-SI\HOW_TO_RECOVER_FILES.txt
|
MD5:
c25e52e180ed143127434f7ff3551897
SHA1:
e76c671e886b7f02c5659db3ca7198f1f6236bca
SHA256:
58a5d6fa67f443c45693cd504d52de95162bbcbed1acf8ce1b228f83d0192f28
SSDeep:
24:FE4rVP01jhs7O/kQEX2HtKo/nR3rOeoz41QpwRLF9RSc3LYCkoPQwWRDdav:15MhDwoPRryz4ipOPIc3sCkoPqDMv
ImpHash:
None
|
Access, Create, Write
|
Dropped File
|
C:\Boot\sr-Latn-CS\bootmgr.exe.mui
|
-
|
Access
|
|
C:\Boot\sr-Latn-CS\HOW_TO_RECOVER_FILES.txt
|
MD5:
c25e52e180ed143127434f7ff3551897
SHA1:
e76c671e886b7f02c5659db3ca7198f1f6236bca
SHA256:
58a5d6fa67f443c45693cd504d52de95162bbcbed1acf8ce1b228f83d0192f28
SSDeep:
24:FE4rVP01jhs7O/kQEX2HtKo/nR3rOeoz41QpwRLF9RSc3LYCkoPQwWRDdav:15MhDwoPRryz4ipOPIc3sCkoPqDMv
ImpHash:
None
|
Access, Create, Write
|
Dropped File
|
C:\Boot\sr-Latn-CS\memtest.exe.mui
|
-
|
Access
|
|
C:\Boot\sr-Latn-RS\bootmgr.exe.mui
|
-
|
Access
|
|
C:\Boot\sr-Latn-RS\HOW_TO_RECOVER_FILES.txt
|
MD5:
c25e52e180ed143127434f7ff3551897
SHA1:
e76c671e886b7f02c5659db3ca7198f1f6236bca
SHA256:
58a5d6fa67f443c45693cd504d52de95162bbcbed1acf8ce1b228f83d0192f28
SSDeep:
24:FE4rVP01jhs7O/kQEX2HtKo/nR3rOeoz41QpwRLF9RSc3LYCkoPQwWRDdav:15MhDwoPRryz4ipOPIc3sCkoPqDMv
ImpHash:
None
|
Access, Create, Write
|
Dropped File
|
C:\Boot\sv-SE\bootmgr.exe.mui
|
-
|
Access
|
|
C:\Boot\sv-SE\HOW_TO_RECOVER_FILES.txt
|
MD5:
c25e52e180ed143127434f7ff3551897
SHA1:
e76c671e886b7f02c5659db3ca7198f1f6236bca
SHA256:
58a5d6fa67f443c45693cd504d52de95162bbcbed1acf8ce1b228f83d0192f28
SSDeep:
24:FE4rVP01jhs7O/kQEX2HtKo/nR3rOeoz41QpwRLF9RSc3LYCkoPQwWRDdav:15MhDwoPRryz4ipOPIc3sCkoPqDMv
ImpHash:
None
|
Access, Create, Write
|
Dropped File
|
C:\Boot\sv-SE\memtest.exe.mui
|
-
|
Access
|
|
C:\Boot\tr-TR\bootmgr.exe.mui
|
-
|
Access
|
|
C:\Boot\tr-TR\HOW_TO_RECOVER_FILES.txt
|
MD5:
c25e52e180ed143127434f7ff3551897
SHA1:
e76c671e886b7f02c5659db3ca7198f1f6236bca
SHA256:
58a5d6fa67f443c45693cd504d52de95162bbcbed1acf8ce1b228f83d0192f28
SSDeep:
24:FE4rVP01jhs7O/kQEX2HtKo/nR3rOeoz41QpwRLF9RSc3LYCkoPQwWRDdav:15MhDwoPRryz4ipOPIc3sCkoPqDMv
ImpHash:
None
|
Access, Create, Write
|
Dropped File
|
C:\Boot\tr-TR\memtest.exe.mui
|
-
|
Access
|
|
C:\Boot\uk-UA\bootmgr.exe.mui
|
-
|
Access
|
|
C:\Boot\uk-UA\HOW_TO_RECOVER_FILES.txt
|
MD5:
c25e52e180ed143127434f7ff3551897
SHA1:
e76c671e886b7f02c5659db3ca7198f1f6236bca
SHA256:
58a5d6fa67f443c45693cd504d52de95162bbcbed1acf8ce1b228f83d0192f28
SSDeep:
24:FE4rVP01jhs7O/kQEX2HtKo/nR3rOeoz41QpwRLF9RSc3LYCkoPQwWRDdav:15MhDwoPRryz4ipOPIc3sCkoPqDMv
ImpHash:
None
|
Access, Create, Write
|
Dropped File
|
C:\Boot\updaterevokesipolicy.p7b
|
-
|
Access
|
|
C:\Boot\zh-CN\bootmgr.exe.mui
|
-
|
Access
|
|
C:\Boot\zh-CN\HOW_TO_RECOVER_FILES.txt
|
MD5:
c25e52e180ed143127434f7ff3551897
SHA1:
e76c671e886b7f02c5659db3ca7198f1f6236bca
SHA256:
58a5d6fa67f443c45693cd504d52de95162bbcbed1acf8ce1b228f83d0192f28
SSDeep:
24:FE4rVP01jhs7O/kQEX2HtKo/nR3rOeoz41QpwRLF9RSc3LYCkoPQwWRDdav:15MhDwoPRryz4ipOPIc3sCkoPqDMv
ImpHash:
None
|
Access, Create, Write
|
Dropped File
|
C:\Boot\zh-CN\memtest.exe.mui
|
-
|
Access
|
|
C:\Boot\zh-HK\bootmgr.exe.mui
|
-
|
Access
|
|
C:\Boot\zh-HK\HOW_TO_RECOVER_FILES.txt
|
MD5:
c25e52e180ed143127434f7ff3551897
SHA1:
e76c671e886b7f02c5659db3ca7198f1f6236bca
SHA256:
58a5d6fa67f443c45693cd504d52de95162bbcbed1acf8ce1b228f83d0192f28
SSDeep:
24:FE4rVP01jhs7O/kQEX2HtKo/nR3rOeoz41QpwRLF9RSc3LYCkoPQwWRDdav:15MhDwoPRryz4ipOPIc3sCkoPqDMv
ImpHash:
None
|
Access, Create, Write
|
Dropped File
|
C:\Boot\zh-HK\memtest.exe.mui
|
-
|
Access
|
|
C:\Boot\zh-TW\bootmgr.exe.mui
|
-
|
Access
|
|
C:\Boot\zh-TW\HOW_TO_RECOVER_FILES.txt
|
MD5:
c25e52e180ed143127434f7ff3551897
SHA1:
e76c671e886b7f02c5659db3ca7198f1f6236bca
SHA256:
58a5d6fa67f443c45693cd504d52de95162bbcbed1acf8ce1b228f83d0192f28
SSDeep:
24:FE4rVP01jhs7O/kQEX2HtKo/nR3rOeoz41QpwRLF9RSc3LYCkoPQwWRDdav:15MhDwoPRryz4ipOPIc3sCkoPqDMv
ImpHash:
None
|
Access, Create, Write
|
Dropped File
|
C:\Boot\zh-TW\memtest.exe.mui
|
-
|
Access
|
|
C:\bootmgr
|
-
|
Access
|
|
C:\BOOTNXT
|
-
|
Access, Create, Read
|
|
C:\BOOTSECT.BAK
|
-
|
Access
|
|
C:\Documents and Settings\HOW_TO_RECOVER_FILES.txt
|
-
|
Access, Create, Write
|
|
C:\ESD\HOW_TO_RECOVER_FILES.txt
|
MD5:
c25e52e180ed143127434f7ff3551897
SHA1:
e76c671e886b7f02c5659db3ca7198f1f6236bca
SHA256:
58a5d6fa67f443c45693cd504d52de95162bbcbed1acf8ce1b228f83d0192f28
SSDeep:
24:FE4rVP01jhs7O/kQEX2HtKo/nR3rOeoz41QpwRLF9RSc3LYCkoPQwWRDdav:15MhDwoPRryz4ipOPIc3sCkoPqDMv
ImpHash:
None
|
Access, Create, Write
|
Dropped File
|
C:\Logs\HOW_TO_RECOVER_FILES.txt
|
MD5:
c25e52e180ed143127434f7ff3551897
SHA1:
e76c671e886b7f02c5659db3ca7198f1f6236bca
SHA256:
58a5d6fa67f443c45693cd504d52de95162bbcbed1acf8ce1b228f83d0192f28
SSDeep:
24:FE4rVP01jhs7O/kQEX2HtKo/nR3rOeoz41QpwRLF9RSc3LYCkoPQwWRDdav:15MhDwoPRryz4ipOPIc3sCkoPqDMv
ImpHash:
None
|
Access, Create, Write
|
Dropped File
|
C:\PerfLogs\HOW_TO_RECOVER_FILES.txt
|
MD5:
c25e52e180ed143127434f7ff3551897
SHA1:
e76c671e886b7f02c5659db3ca7198f1f6236bca
SHA256:
58a5d6fa67f443c45693cd504d52de95162bbcbed1acf8ce1b228f83d0192f28
SSDeep:
24:FE4rVP01jhs7O/kQEX2HtKo/nR3rOeoz41QpwRLF9RSc3LYCkoPQwWRDdav:15MhDwoPRryz4ipOPIc3sCkoPqDMv
ImpHash:
None
|
Access, Create, Write
|
Dropped File
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\HOW_TO_RECOVER_FILES.txt
|
MD5:
c25e52e180ed143127434f7ff3551897
SHA1:
e76c671e886b7f02c5659db3ca7198f1f6236bca
SHA256:
58a5d6fa67f443c45693cd504d52de95162bbcbed1acf8ce1b228f83d0192f28
SSDeep:
24:FE4rVP01jhs7O/kQEX2HtKo/nR3rOeoz41QpwRLF9RSc3LYCkoPQwWRDdav:15MhDwoPRryz4ipOPIc3sCkoPqDMv
ImpHash:
None
|
Access, Create, Write
|
Dropped File
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\1494870C-9912-C184-4CC9-B401-A53F4D8DE290.pdf
|
MD5:
cf9fc500cf3327bdb8927ff8382fb902
SHA1:
1aabe40fb7e0db918cdae8ddfe7157fb8f373066
SHA256:
84e0b8e6c234d18f26114c1c3d927f407cc278631d73213033179e0511c19e02
SSDeep:
3072:nLwils1MS60xwZODn/TJTHuX2T/5/dGc4uka2AtSyNLMDTJ5MtvVmbvx:nL/ls1b60zbJTuXa5McZd2At7mJ5Muzx
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\1494870C-9912-C184-4CC9-B401-A53F4D8DE290.pdf.gоod
|
MD5:
cf9fc500cf3327bdb8927ff8382fb902
SHA1:
1aabe40fb7e0db918cdae8ddfe7157fb8f373066
SHA256:
84e0b8e6c234d18f26114c1c3d927f407cc278631d73213033179e0511c19e02
SSDeep:
3072:nLwils1MS60xwZODn/TJTHuX2T/5/dGc4uka2AtSyNLMDTJ5MtvVmbvx:nL/ls1b60zbJTuXa5McZd2At7mJ5Muzx
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroApp\ENU\HOW_TO_RECOVER_FILES.txt
|
MD5:
c25e52e180ed143127434f7ff3551897
SHA1:
e76c671e886b7f02c5659db3ca7198f1f6236bca
SHA256:
58a5d6fa67f443c45693cd504d52de95162bbcbed1acf8ce1b228f83d0192f28
SSDeep:
24:FE4rVP01jhs7O/kQEX2HtKo/nR3rOeoz41QpwRLF9RSc3LYCkoPQwWRDdav:15MhDwoPRryz4ipOPIc3sCkoPqDMv
ImpHash:
None
|
Access, Create, Write
|
Dropped File
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroApp\HOW_TO_RECOVER_FILES.txt
|
MD5:
c25e52e180ed143127434f7ff3551897
SHA1:
e76c671e886b7f02c5659db3ca7198f1f6236bca
SHA256:
58a5d6fa67f443c45693cd504d52de95162bbcbed1acf8ce1b228f83d0192f28
SSDeep:
24:FE4rVP01jhs7O/kQEX2HtKo/nR3rOeoz41QpwRLF9RSc3LYCkoPQwWRDdav:15MhDwoPRryz4ipOPIc3sCkoPqDMv
ImpHash:
None
|
Access, Create, Write
|
Dropped File
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroBroker.exe
|
MD5:
6faf33feb39bb9ddda0c76d9b150e88b
SHA1:
bba153e3cd4b11af501dacdb52acd6a93a67660d
SHA256:
c4744e4d0b9352b217eee6976a38b6f2c75e4d19280003891523903bee9d3464
SSDeep:
6144:eZe8PFjiY/V8rex+E9sy8nqGaoSFC20vdU:eckjiY/Gre2MoEH
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroBroker.exe.gоod
|
MD5:
6faf33feb39bb9ddda0c76d9b150e88b
SHA1:
bba153e3cd4b11af501dacdb52acd6a93a67660d
SHA256:
c4744e4d0b9352b217eee6976a38b6f2c75e4d19280003891523903bee9d3464
SSDeep:
6144:eZe8PFjiY/V8rex+E9sy8nqGaoSFC20vdU:eckjiY/Gre2MoEH
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\cef.pak
|
MD5:
0e1d5e3fe2004567d37a0b7d17629fd9
SHA1:
ad1a294e38d8b313aec18d7ddf202d00bff8b7ef
SHA256:
a46756499d0eae2256366be0598c6c722339a312c7ee7b8b0d6b4d9e89d0a85f
SSDeep:
3:a2s+R:bnR
ImpHash:
None
|
Access, Create, Write, Delete
|
Modified File
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\cef.pak.gоod
|
MD5:
0e1d5e3fe2004567d37a0b7d17629fd9
SHA1:
ad1a294e38d8b313aec18d7ddf202d00bff8b7ef
SHA256:
a46756499d0eae2256366be0598c6c722339a312c7ee7b8b0d6b4d9e89d0a85f
SSDeep:
3:a2s+R:bnR
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\cef_100_percent.pak
|
MD5:
0e1d5e3fe2004567d37a0b7d17629fd9
SHA1:
ad1a294e38d8b313aec18d7ddf202d00bff8b7ef
SHA256:
a46756499d0eae2256366be0598c6c722339a312c7ee7b8b0d6b4d9e89d0a85f
SSDeep:
3:a2s+R:bnR
ImpHash:
None
|
Access, Create, Write, Delete
|
Modified File
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\cef_100_percent.pak.gоod
|
MD5:
0e1d5e3fe2004567d37a0b7d17629fd9
SHA1:
ad1a294e38d8b313aec18d7ddf202d00bff8b7ef
SHA256:
a46756499d0eae2256366be0598c6c722339a312c7ee7b8b0d6b4d9e89d0a85f
SSDeep:
3:a2s+R:bnR
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\cef_200_percent.pak
|
MD5:
0e1d5e3fe2004567d37a0b7d17629fd9
SHA1:
ad1a294e38d8b313aec18d7ddf202d00bff8b7ef
SHA256:
a46756499d0eae2256366be0598c6c722339a312c7ee7b8b0d6b4d9e89d0a85f
SSDeep:
3:a2s+R:bnR
ImpHash:
None
|
Access, Create, Write, Delete
|
Modified File
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\cef_200_percent.pak.gоod
|
MD5:
0e1d5e3fe2004567d37a0b7d17629fd9
SHA1:
ad1a294e38d8b313aec18d7ddf202d00bff8b7ef
SHA256:
a46756499d0eae2256366be0598c6c722339a312c7ee7b8b0d6b4d9e89d0a85f
SSDeep:
3:a2s+R:bnR
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\cef_extensions.pak
|
MD5:
0e1d5e3fe2004567d37a0b7d17629fd9
SHA1:
ad1a294e38d8b313aec18d7ddf202d00bff8b7ef
SHA256:
a46756499d0eae2256366be0598c6c722339a312c7ee7b8b0d6b4d9e89d0a85f
SSDeep:
3:a2s+R:bnR
ImpHash:
None
|
Access, Create, Write, Delete
|
Modified File
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\cef_extensions.pak.gоod
|
MD5:
0e1d5e3fe2004567d37a0b7d17629fd9
SHA1:
ad1a294e38d8b313aec18d7ddf202d00bff8b7ef
SHA256:
a46756499d0eae2256366be0598c6c722339a312c7ee7b8b0d6b4d9e89d0a85f
SSDeep:
3:a2s+R:bnR
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\COPYING.LGPLv2.1.txt
|
MD5:
83987af08fc1792c60d043d017104176
SHA1:
0adfc7ab8c1cf0bd1174a1b766fa0ccefc5a37b3
SHA256:
971cb4788343c36926522dbb929bd341fff752f104e0507e3ec783f549a5024b
SSDeep:
384:m4c7vlmpMaBZN018X6sT6AATeINgKP+nHQ41fgcmmItyOQeM9YfWEJZBfuod:Evgpm8OTeDnLqFXTflJZBfuod
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\COPYING.LGPLv2.1.txt.gоod
|
MD5:
83987af08fc1792c60d043d017104176
SHA1:
0adfc7ab8c1cf0bd1174a1b766fa0ccefc5a37b3
SHA256:
971cb4788343c36926522dbb929bd341fff752f104e0507e3ec783f549a5024b
SSDeep:
384:m4c7vlmpMaBZN018X6sT6AATeINgKP+nHQ41fgcmmItyOQeM9YfWEJZBfuod:Evgpm8OTeDnLqFXTflJZBfuod
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\HOW_TO_RECOVER_FILES.txt
|
-
|
Access, Create
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\icudtl.dat
|
MD5:
0e1d5e3fe2004567d37a0b7d17629fd9
SHA1:
ad1a294e38d8b313aec18d7ddf202d00bff8b7ef
SHA256:
a46756499d0eae2256366be0598c6c722339a312c7ee7b8b0d6b4d9e89d0a85f
SSDeep:
3:a2s+R:bnR
ImpHash:
None
|
Access, Create, Write, Delete
|
Modified File
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\icudtl.dat.gоod
|
MD5:
0e1d5e3fe2004567d37a0b7d17629fd9
SHA1:
ad1a294e38d8b313aec18d7ddf202d00bff8b7ef
SHA256:
a46756499d0eae2256366be0598c6c722339a312c7ee7b8b0d6b4d9e89d0a85f
SSDeep:
3:a2s+R:bnR
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\LICENSE.txt
|
MD5:
9611b07265cf01f89b9039175bdf9da7
SHA1:
2e2be3bb30062583b48f7193443ebf33cf37c61a
SHA256:
b67dbe234279d7f152f2b020682ac3c3280523fbbfcdd7f4b5e61a9d17c19314
SSDeep:
24:TnMmuVO7byAdf1JtGcT1ig7dKGv2YhhQYLmZfwZltfi1ZvClvNf/P13dQTUM3WhQ:D8O7byANHtGcpiq1XyZs7NfHB/Mmn8B
ImpHash:
None
|
Access, Create, Read, Write, Delete
|
Modified File
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\LICENSE.txt.gоod
|
MD5:
9611b07265cf01f89b9039175bdf9da7
SHA1:
2e2be3bb30062583b48f7193443ebf33cf37c61a
SHA256:
b67dbe234279d7f152f2b020682ac3c3280523fbbfcdd7f4b5e61a9d17c19314
SSDeep:
24:TnMmuVO7byAdf1JtGcT1ig7dKGv2YhhQYLmZfwZltfi1ZvClvNf/P13dQTUM3WhQ:D8O7byANHtGcpiq1XyZs7NfHB/Mmn8B
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\locales\en-US.pak
|
-
|
Access, Create, Write, Delete
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\locales\en-US.pak.gоod
|
-
|
Access, Create
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\locales\HOW_TO_RECOVER_FILES.txt
|
-
|
Access, Create, Write
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\natives_blob.bin
|
-
|
Access, Create, Write, Delete
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\natives_blob.bin.gоod
|
-
|
Access, Create
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
|
-
|
Access, Read, Write, Delete
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe.gоod
|
-
|
Access, Create
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrServicesUpdater.exe
|
-
|
Access, Read, Write, Delete
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrServicesUpdater.exe.gоod
|
-
|
Access, Create
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\snapshot_blob.bin
|
-
|
Access, Create, Write, Delete
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\snapshot_blob.bin.gоod
|
-
|
Access, Create
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
|
MD5:
cba6fc8018b7b0f18fbaafacc4c9a3c2
SHA1:
a50d53652c3375f30cdf7cca6c09e23b0aaffd1c
SHA256:
7d82d6176b6914aeeae0cb0d7a271ad11f253ee10b9c72d5055bec102cad817f
SSDeep:
49152:fmLYIuXm8GNHxyyVn2W4z17A6wz8f4O8b8ITDnlVP80iiN:fPwPHF2Wy17GPF
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe.gоod
|
MD5:
cba6fc8018b7b0f18fbaafacc4c9a3c2
SHA1:
a50d53652c3375f30cdf7cca6c09e23b0aaffd1c
SHA256:
7d82d6176b6914aeeae0cb0d7a271ad11f253ee10b9c72d5055bec102cad817f
SSDeep:
49152:fmLYIuXm8GNHxyyVn2W4z17A6wz8f4O8b8ITDnlVP80iiN:fPwPHF2Wy17GPF
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32Info.exe
|
MD5:
84ccb6f97bd6a74017e7765c88ca42be
SHA1:
989dace617c8b445fe71bdab9041db61674e066a
SHA256:
9b0dc708586ef4cd53a9ee876e4fa3b323d0940f27f3502bef8ba10052eba515
SSDeep:
768:YS1UCcPMp0yqRFBD9LgnFzEyHakK80uBF3whE:YS1f2Mp0BPxa57a20aFghE
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32Info.exe.gоod
|
MD5:
84ccb6f97bd6a74017e7765c88ca42be
SHA1:
989dace617c8b445fe71bdab9041db61674e066a
SHA256:
9b0dc708586ef4cd53a9ee876e4fa3b323d0940f27f3502bef8ba10052eba515
SSDeep:
768:YS1UCcPMp0yqRFBD9LgnFzEyHakK80uBF3whE:YS1f2Mp0BPxa57a20aFghE
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroTextExtractor.exe
|
MD5:
464f966d4b2c4c9dad68536cc487c1b7
SHA1:
7c984540c781f7cfac6da92531687a6a704f5039
SHA256:
81df0a4a88eab57d7d8b8377dc4a4ac766999583b73b8088575e2df9b5ccf0f7
SSDeep:
768:COvSAW7C/sqNhZcGGTA6VPdzGEbJOaNmyZk3E0zwhWZ6r63wh1:XSAW7C/RNhZcGWdz7vHuhwhe62gh1
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroTextExtractor.exe.gоod
|
MD5:
464f966d4b2c4c9dad68536cc487c1b7
SHA1:
7c984540c781f7cfac6da92531687a6a704f5039
SHA256:
81df0a4a88eab57d7d8b8377dc4a4ac766999583b73b8088575e2df9b5ccf0f7
SSDeep:
768:COvSAW7C/sqNhZcGGTA6VPdzGEbJOaNmyZk3E0zwhWZ6r63wh1:XSAW7C/RNhZcGWdz7vHuhwhe62gh1
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\ADelRCP.exe
|
MD5:
e86f42b21d7ef94605928031222ed9a5
SHA1:
d2316042dd34df58f13b0b0a2e2c82c20e14ae6b
SHA256:
8b1b66af4babc9b95f995769c8918ca223b20e0b77818382702bf9ea8754d630
SSDeep:
3072:/XAceGl1aZbAdVTCcv/7VjFgg6Db4fcIJ1L2CgLxrUm:ObAzxv/7VP6PrggLxD
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\ADelRCP.exe.gоod
|
MD5:
e86f42b21d7ef94605928031222ed9a5
SHA1:
d2316042dd34df58f13b0b0a2e2c82c20e14ae6b
SHA256:
8b1b66af4babc9b95f995769c8918ca223b20e0b77818382702bf9ea8754d630
SSDeep:
3072:/XAceGl1aZbAdVTCcv/7VjFgg6Db4fcIJ1L2CgLxrUm:ObAzxv/7VP6PrggLxD
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe
|
MD5:
58679df4fa70ddcf269cd7860525d755
SHA1:
fbc572fbf3702a250bfc5395fd82f0c377cc8ca1
SHA256:
a749a368d61d94a40a2193f0da1422a9e9072c4ac67fd4554ef4617fd4103b6e
SSDeep:
12288:nOqkbALY1XWxkESzG/R3+vTK9SG2nL4tDTgcQzl0e4E5RUj3rXM13cl/o7:nOqhYIx+chP4dnLMDT0B0e4AYT1Q
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe.gоod
|
MD5:
58679df4fa70ddcf269cd7860525d755
SHA1:
fbc572fbf3702a250bfc5395fd82f0c377cc8ca1
SHA256:
a749a368d61d94a40a2193f0da1422a9e9072c4ac67fd4554ef4617fd4103b6e
SSDeep:
12288:nOqkbALY1XWxkESzG/R3+vTK9SG2nL4tDTgcQzl0e4E5RUj3rXM13cl/o7:nOqhYIx+chP4dnLMDT0B0e4AYT1Q
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\HOW_TO_RECOVER_FILES.txt
|
-
|
Access, Create, Write
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\arh.exe
|
MD5:
f34858dc1ec0c55ec27aca3f457ca1d3
SHA1:
5aef4f4806677acbba4f84bb1101264071f5422c
SHA256:
faab830058d49c8b1e563bc38295bb758fab4da57a6e18c41007fbc8d3c19d4d
SSDeep:
1536:mTfN/XDyO4zkm8dbHVLokF8iJTwRH0IM2D57Kykf8d/R8Tyr5J5is7MQ:i5Mzkm8PL3E7Qw/STyr5Jks7MQ
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\arh.exe.gоod
|
MD5:
f34858dc1ec0c55ec27aca3f457ca1d3
SHA1:
5aef4f4806677acbba4f84bb1101264071f5422c
SHA256:
faab830058d49c8b1e563bc38295bb758fab4da57a6e18c41007fbc8d3c19d4d
SSDeep:
1536:mTfN/XDyO4zkm8dbHVLokF8iJTwRH0IM2D57Kykf8d/R8Tyr5J5is7MQ:i5Mzkm8PL3E7Qw/STyr5Jks7MQ
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Browser\HOW_TO_RECOVER_FILES.txt
|
-
|
Access, Create, Write
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Browser\WCChromeExtn\HOW_TO_RECOVER_FILES.txt
|
-
|
Access, Create, Write
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Browser\WCChromeExtn\manifest.json
|
-
|
Access, Create, Read, Write, Delete
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Browser\WCChromeExtn\manifest.json.gоod
|
-
|
Access, Create
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Browser\WCChromeExtn\WCChromeNativeMessagingHost.exe
|
-
|
Access, Read, Write, Delete
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Browser\WCChromeExtn\WCChromeNativeMessagingHost.exe.gоod
|
-
|
Access, Create
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Click on 'Change' to select default PDF handler.pdf
|
MD5:
cf9fc500cf3327bdb8927ff8382fb902
SHA1:
1aabe40fb7e0db918cdae8ddfe7157fb8f373066
SHA256:
84e0b8e6c234d18f26114c1c3d927f407cc278631d73213033179e0511c19e02
SSDeep:
3072:nLwils1MS60xwZODn/TJTHuX2T/5/dGc4uka2AtSyNLMDTJ5MtvVmbvx:nL/ls1b60zbJTuXa5McZd2At7mJ5Muzx
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Click on 'Change' to select default PDF handler.pdf.gоod
|
MD5:
cf9fc500cf3327bdb8927ff8382fb902
SHA1:
1aabe40fb7e0db918cdae8ddfe7157fb8f373066
SHA256:
84e0b8e6c234d18f26114c1c3d927f407cc278631d73213033179e0511c19e02
SSDeep:
3072:nLwils1MS60xwZODn/TJTHuX2T/5/dGc4uka2AtSyNLMDTJ5MtvVmbvx:nL/ls1b60zbJTuXa5McZd2At7mJ5Muzx
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Eula.exe
|
MD5:
b1e3550576b52c9e57b184eb3eeb534e
SHA1:
b2351f6b09ac8d7e2233056cc3c1e0854cc633b1
SHA256:
0b4387179c982219dee779312df64d819b614d678876fe25c6a0f34f7ed0b30b
SSDeep:
1536:Y2HIbScYYEbptHwIToBaALeq9p/qqqEHk9JIx40zrdp9+4owckM3KyjO9zVIbF/k:Y2obvYYEbptQMMLeL4H4JItzrdp9jc58
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Eula.exe.gоod
|
MD5:
b1e3550576b52c9e57b184eb3eeb534e
SHA1:
b2351f6b09ac8d7e2233056cc3c1e0854cc633b1
SHA256:
0b4387179c982219dee779312df64d819b614d678876fe25c6a0f34f7ed0b30b
SSDeep:
1536:Y2HIbScYYEbptHwIToBaALeq9p/qqqEHk9JIx40zrdp9+4owckM3KyjO9zVIbF/k:Y2obvYYEbptQMMLeL4H4JItzrdp9jc58
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\IDTemplates\ENU\AdobeID.pdf
|
-
|
Access, Read, Write, Delete
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\IDTemplates\ENU\AdobeID.pdf.gоod
|
-
|
Access, Create
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\IDTemplates\ENU\DefaultID.pdf
|
-
|
Access, Read, Write, Delete
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\IDTemplates\ENU\DefaultID.pdf.gоod
|
-
|
Access, Create
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\IDTemplates\ENU\HOW_TO_RECOVER_FILES.txt
|
-
|
Access, Create, Write
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\IDTemplates\HOW_TO_RECOVER_FILES.txt
|
-
|
Access, Create, Write
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Javascripts\HOW_TO_RECOVER_FILES.txt
|
-
|
Access, Create, Write
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Javascripts\JSByteCodeWin.bin
|
-
|
Access, Read, Write, Delete
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Javascripts\JSByteCodeWin.bin.gоod
|
-
|
Access, Create
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Legal\ENU\HOW_TO_RECOVER_FILES.txt
|
-
|
Access, Create, Write
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Legal\ENU\license.html
|
-
|
Access, Read, Write, Delete
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Legal\ENU\license.html.gоod
|
-
|
Access, Create
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Legal\HOW_TO_RECOVER_FILES.txt
|
-
|
Access, Create, Write
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Locale\en_US\HOW_TO_RECOVER_FILES.txt
|
-
|
Access, Create, Write
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Locale\HOW_TO_RECOVER_FILES.txt
|
-
|
Access, Create, Write
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\LogTransport2.exe
|
MD5:
7c268d22328b9a85f87007280243519b
SHA1:
d35cee9cd0d7ddfeb4fe49be8061018643a747a0
SHA256:
e9b954ed47c525eedd82b353193520d2cf9bd66de76770a2c728c71ad826517f
SSDeep:
6144:WRsrJ3n0dK2NP0RHx8D98WTBPW8fF8oABm1nKd:WqwKhHSDeWTRW8fdebd
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\LogTransport2.exe.gоod
|
MD5:
7c268d22328b9a85f87007280243519b
SHA1:
d35cee9cd0d7ddfeb4fe49be8061018643a747a0
SHA256:
e9b954ed47c525eedd82b353193520d2cf9bd66de76770a2c728c71ad826517f
SSDeep:
6144:WRsrJ3n0dK2NP0RHx8D98WTBPW8fF8oABm1nKd:WqwKhHSDeWTRW8fdebd
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\PDFSigQFormalRep.pdf
|
MD5:
cb615db54a0fc0f0a7a92d4f93d0df13
SHA1:
ce1c7839f6c454950bd093d1f98554486bef1b81
SHA256:
a409fad8696787261187d99bf42cedfe9132b60890143ac4ad6357973b119f8c
SSDeep:
12288:dwvEbwosc3h+N8hcBk5/732yYLmAQktFgn/AURkOZo8KYCqt6YSAaEM+ZS3VO6sZ:dwkYnHN+/3H
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\PDFSigQFormalRep.pdf.gоod
|
MD5:
cb615db54a0fc0f0a7a92d4f93d0df13
SHA1:
ce1c7839f6c454950bd093d1f98554486bef1b81
SHA256:
a409fad8696787261187d99bf42cedfe9132b60890143ac4ad6357973b119f8c
SSDeep:
12288:dwvEbwosc3h+N8hcBk5/732yYLmAQktFgn/AURkOZo8KYCqt6YSAaEM+ZS3VO6sZ:dwkYnHN+/3H
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins3d\HOW_TO_RECOVER_FILES.txt
|
-
|
Access, Create, Write
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins3d\prc\HOW_TO_RECOVER_FILES.txt
|
-
|
Access, Create, Write
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins3d\prc\MyriadCAD.otf
|
-
|
Access, Read, Write, Delete
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins3d\prc\MyriadCAD.otf.gоod
|
-
|
Access, Create
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\Accessibility.api
|
-
|
Access, Read, Write, Delete
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\Accessibility.api.gоod
|
-
|
Access, Create
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\AcroForm.api
|
-
|
Access, Read, Write, Delete
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\AcroForm.api.gоod
|
-
|
Access, Create
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\AcroForm\adobepdf.xdc
|
-
|
Access, Read, Write, Delete
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\AcroForm\adobepdf.xdc.gоod
|
-
|
Access, Create
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\AcroForm\HOW_TO_RECOVER_FILES.txt
|
-
|
Access, Create, Write
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\AcroForm\PMP\HOW_TO_RECOVER_FILES.txt
|
-
|
Access, Create, Write
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\Annotations\HOW_TO_RECOVER_FILES.txt
|
-
|
Access, Create, Write
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\Annotations\Stamps\ENU\Dynamic.pdf
|
-
|
Access, Read, Write, Delete
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\Annotations\Stamps\ENU\Dynamic.pdf.gоod
|
-
|
Access, Create
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\Annotations\Stamps\ENU\HOW_TO_RECOVER_FILES.txt
|
-
|
Access, Create, Write
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\Annotations\Stamps\ENU\SignHere.pdf
|
-
|
Access, Read, Write, Delete
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\Annotations\Stamps\ENU\SignHere.pdf.gоod
|
-
|
Access, Create
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\Annotations\Stamps\ENU\StandardBusiness.pdf
|
-
|
Access, Read, Write, Delete
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\Annotations\Stamps\ENU\StandardBusiness.pdf.gоod
|
-
|
Access, Create
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\Annotations\Stamps\HOW_TO_RECOVER_FILES.txt
|
-
|
Access, Create, Write
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\Annotations\Stamps\Words.pdf
|
-
|
Access, Read, Write, Delete
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\Annotations\Stamps\Words.pdf.gоod
|
-
|
Access, Create
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\Annots.api
|
-
|
Access, Read, Write, Delete
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\Annots.api.gоod
|
-
|
Access, Create
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\Checkers.api
|
-
|
Access, Read, Write, Delete
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\Checkers.api.gоod
|
-
|
Access, Create
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\DigSig.api
|
-
|
Access, Read, Write, Delete
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\DigSig.api.gоod
|
-
|
Access, Create
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\DropboxStorage.api
|
-
|
Access, Read, Write, Delete
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\DropboxStorage.api.gоod
|
-
|
Access, Create
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\DVA.api
|
-
|
Access, Read, Write, Delete
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\DVA.api.gоod
|
-
|
Access, Create
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\eBook.api
|
-
|
Access, Read, Write, Delete
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\eBook.api.gоod
|
-
|
Access, Create
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\EScript.api
|
-
|
Access, Read, Write, Delete
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\EScript.api.gоod
|
-
|
Access, Create
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\HOW_TO_RECOVER_FILES.txt
|
-
|
Access, Create, Write
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\IA32.api
|
-
|
Access, Read, Write, Delete
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\IA32.api.gоod
|
-
|
Access, Create
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\MakeAccessible.api
|
-
|
Access, Read, Write, Delete
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\MakeAccessible.api.gоod
|
-
|
Access, Create
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\Multimedia.api
|
-
|
Access, Read, Write, Delete
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\Multimedia.api.gоod
|
-
|
Access, Create
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\Multimedia\HOW_TO_RECOVER_FILES.txt
|
-
|
Access, Create, Write
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\Multimedia\MPP\HOW_TO_RECOVER_FILES.txt
|
-
|
Access, Create, Write
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\PDDom.api
|
-
|
Access, Read, Write, Delete
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\PDDom.api.gоod
|
-
|
Access, Create
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\pi_brokers\32BitMAPIBroker.exe
|
-
|
Access, Read, Write, Delete
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\pi_brokers\32BitMAPIBroker.exe.gоod
|
-
|
Access, Create
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\pi_brokers\64BitMAPIBroker.exe
|
-
|
Access, Read, Write, Delete
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\pi_brokers\64BitMAPIBroker.exe.gоod
|
-
|
Access, Create
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\pi_brokers\HOW_TO_RECOVER_FILES.txt
|
-
|
Access, Create, Write
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\PPKLite.api
|
-
|
Access, Read, Write, Delete
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\PPKLite.api.gоod
|
-
|
Access, Create
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\ReadOutLoud.api
|
-
|
Access, Read, Write, Delete
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\ReadOutLoud.api.gоod
|
-
|
Access, Create
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\reflow.api
|
-
|
Access, Read, Write, Delete
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\reflow.api.gоod
|
-
|
Access, Create
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\SaveAsRTF.api
|
-
|
Access, Read, Write, Delete
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\SaveAsRTF.api.gоod
|
-
|
Access, Create
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\Search.api
|
-
|
Access, Read, Write, Delete
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\Search.api.gоod
|
-
|
Access, Create
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\SendMail.api
|
-
|
Access, Read, Write, Delete
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\SendMail.api.gоod
|
-
|
Access, Create
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\Spelling.api
|
-
|
Access, Read, Write, Delete
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\Spelling.api.gоod
|
-
|
Access, Create
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\StorageConnectors.api
|
-
|
Access, Read, Write, Delete
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\StorageConnectors.api.gоod
|
-
|
Access, Create
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\Updater.api
|
-
|
Access, Read, Write, Delete
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\Updater.api.gоod
|
-
|
Access, Create
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\weblink.api
|
-
|
Access, Read, Write, Delete
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\weblink.api.gоod
|
-
|
Access, Create
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\pmd.cer
|
MD5:
3e00a2d0ced01639d7ec2d46104a1f50
SHA1:
204f2a4ae397635728b66d41fa26960f3fe964e7
SHA256:
1fb8f58748dfe0e4766aab25c4fc1428aa337c556235ae6f392a0bfadd10fe52
SSDeep:
6:WZ/ZmFAW7AD32v11ozNiAGi+Jc+FuUjhHAW13ruANGxRIX36hUIpD3b75RhaLsRl:WnCaDmvEYmKgW1azm6zp5RM7Fm
ImpHash:
None
|
Access, Create, Read, Write, Delete
|
Modified File
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\pmd.cer.gоod
|
MD5:
3e00a2d0ced01639d7ec2d46104a1f50
SHA1:
204f2a4ae397635728b66d41fa26960f3fe964e7
SHA256:
1fb8f58748dfe0e4766aab25c4fc1428aa337c556235ae6f392a0bfadd10fe52
SSDeep:
6:WZ/ZmFAW7AD32v11ozNiAGi+Jc+FuUjhHAW13ruANGxRIX36hUIpD3b75RhaLsRl:WnCaDmvEYmKgW1azm6zp5RM7Fm
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\reader_sl.exe
|
MD5:
a397bfb63717325c20bf1bab4a838d8a
SHA1:
6e568c256dffa8eaaf2f9679796601926c553382
SHA256:
944be3e08846fb994d3c6ca26e45076ed80777a0848f897431b7a5b5b48480f0
SSDeep:
768:PLFjr7QTanFOI9/ScWkPAG51JFPXdLbZmscCWvy3ELTibwjh3Ddg7ocAhQ:PLNr7SUL9sG/ZEs2g7bwjh367/AhQ
ImpHash:
None
|
Access, Read, Write, Delete
|
Modified File
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\reader_sl.exe.gоod
|
MD5:
a397bfb63717325c20bf1bab4a838d8a
SHA1:
6e568c256dffa8eaaf2f9679796601926c553382
SHA256:
944be3e08846fb994d3c6ca26e45076ed80777a0848f897431b7a5b5b48480f0
SSDeep:
768:PLFjr7QTanFOI9/ScWkPAG51JFPXdLbZmscCWvy3ELTibwjh3Ddg7ocAhQ:PLNr7SUL9sG/ZEs2g7bwjh367/AhQ
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\RTC.der
|
MD5:
5e591da44d2f0e83677cef2d44cd69c8
SHA1:
f6ac41298fe34d53902b18b666ef86bf28d7c79c
SHA256:
5d29b67e98d7b5d4e41340d7a326a3a59473fb6b4bd883a526d0017981f690cd
SSDeep:
24:Ku3fwo1NUThutyFgjdBXWgA4bZY8e5sZvCoHttq3jYl:33YoXUT5SjGgJb2h5sZvCfjE
ImpHash:
None
|
Access, Create, Read, Write, Delete
|
Modified File
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\RTC.der.gоod
|
MD5:
5e591da44d2f0e83677cef2d44cd69c8
SHA1:
f6ac41298fe34d53902b18b666ef86bf28d7c79c
SHA256:
5d29b67e98d7b5d4e41340d7a326a3a59473fb6b4bd883a526d0017981f690cd
SSDeep:
24:Ku3fwo1NUThutyFgjdBXWgA4bZY8e5sZvCoHttq3jYl:33YoXUT5SjGgJb2h5sZvCfjE
ImpHash:
None
|
Access, Create
|
Dropped File
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Tracker\add_reviewer.gif
|
-
|
Access, Create, Read, Write, Delete
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Tracker\add_reviewer.gif.gоod
|
-
|
Access, Create
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Tracker\bl.gif
|
-
|
Access, Create, Read, Write, Delete
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Tracker\bl.gif.gоod
|
-
|
Access, Create
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Tracker\br.gif
|
-
|
Access, Create, Read, Delete
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Tracker\br.gif.gоod
|
-
|
Access, Create
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Tracker\create_form.gif
|
-
|
Access, Create, Read, Write, Delete
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Tracker\create_form.gif.gоod
|
-
|
Access, Create
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Tracker\distribute_form.gif
|
-
|
Access, Create, Read, Write, Delete
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Tracker\distribute_form.gif.gоod
|
-
|
Access, Create
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Tracker\email_all.gif
|
-
|
Access, Create, Read, Write, Delete
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Tracker\email_all.gif.gоod
|
-
|
Access, Create
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Tracker\email_initiator.gif
|
-
|
Access, Create, Read, Write, Delete
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Tracker\email_initiator.gif.gоod
|
-
|
Access, Create
|
|
For performance reasons, the remaining 6579 entries are omitted.
The remaining entries can be found in
ioc_export.txt
or
ioc_export.json
.
|