93986d4e88a8c12ff6844cb508223379756d44f9f8762e3298ef5a5c657a6dc4 (SHA256)
GlobalHack[RUEUNAVN][17.02.2019] .exe
Windows Exe (x86-32)
Created at 2019-02-17 13:35:00
Monitored Processes
Behavior Information - Grouped by Category
Process #1: globalhack[rueunavn][17.02.2019] .exe
2013
1359
| Information | Value |
|---|---|
| ID | #1 |
| File Name | c:\users\ciihmnxmn6ps\desktop\globalhack[rueunavn][17.02.2019] .exe |
| Command Line | "C:\Users\CIiHmnxMn6Ps\Desktop\GlobalHack[RUEUNAVN][17.02.2019] .exe" |
| Initial Working Directory | C:\Users\CIiHmnxMn6Ps\Desktop\ |
| Monitor | Start Time: 00:00:37, Reason: Analysis Target |
| Unmonitor | End Time: 00:04:47, Reason: Terminated by Timeout |
| Monitor Duration | 00:04:10 |
OS Process Information
| Information | Value |
|---|---|
| PID | 0xe10 |
| Parent PID | 0x57c (c:\windows\explorer.exe) |
| Is Created or Modified Executable |
|
| Integrity Level | High (Elevated) |
| Username | LHNIWSJ\CIiHmnxMn6Ps |
| Enabled Privileges | SeChangeNotifyPrivilege, SeImpersonatePrivilege, SeCreateGlobalPrivilege |
| Thread IDs |
0x
E14
0x
E18
0x
E1C
0x
E20
0x
E28
0x
E58
0x
E5C
0x
EE8
0x
FEC
0x
548
0x
804
0x
270
0x
6D0
|
Region
| Name | Start VA | End VA | Type | Permissions | Monitored | Dumped | YARA | Actions |
|---|---|---|---|---|---|---|---|---|
| private_0x0000000000010000 | 0x00010000 | 0x0002ffff | Private Memory | rw |
|
|
|
- |
| pagefile_0x0000000000010000 | 0x00010000 | 0x0001ffff | Pagefile Backed Memory | rw |
|
|
|
- |
| private_0x0000000000020000 | 0x00020000 | 0x00023fff | Private Memory | rw |
|
|
|
- |
| private_0x0000000000030000 | 0x00030000 | 0x00031fff | Private Memory | rw |
|
|
|
- |
| private_0x0000000000030000 | 0x00030000 | 0x00030fff | Private Memory | rw |
|
|
|
- |
| pagefile_0x0000000000040000 | 0x00040000 | 0x00053fff | Pagefile Backed Memory | r |
|
|
|
- |
| private_0x0000000000060000 | 0x00060000 | 0x0009ffff | Private Memory | rw |
|
|
|
- |
| private_0x00000000000a0000 | 0x000a0000 | 0x0019ffff | Private Memory | rw |
|
|
|
- |
| pagefile_0x00000000001a0000 | 0x001a0000 | 0x001a3fff | Pagefile Backed Memory | r |
|
|
|
- |
| private_0x00000000001b0000 | 0x001b0000 | 0x001b1fff | Private Memory | rw |
|
|
|
- |
| locale.nls | 0x001c0000 | 0x0027dfff | Memory Mapped File | r |
|
|
|
- |
| private_0x0000000000280000 | 0x00280000 | 0x002bffff | Private Memory | rw |
|
|
|
- |
| private_0x00000000002c0000 | 0x002c0000 | 0x002c0fff | Private Memory | rw |
|
|
|
- |
| private_0x00000000002d0000 | 0x002d0000 | 0x002dffff | Private Memory | rw |
|
|
|
- |
| private_0x00000000002e0000 | 0x002e0000 | 0x003dffff | Private Memory | rw |
|
|
|
- |
| pagefile_0x00000000003e0000 | 0x003e0000 | 0x003e0fff | Pagefile Backed Memory | rw |
|
|
|
- |
| counters.dat | 0x003f0000 | 0x003f0fff | Memory Mapped File | rw |
|
|
|
|
| globalhack[rueunavn][17.02.2019] .exe | 0x00400000 | 0x0048efff | Memory Mapped File | rwx |
|
|
|
|
| private_0x0000000000490000 | 0x00490000 | 0x004cffff | Private Memory | rw |
|
|
|
- |
| private_0x00000000004d0000 | 0x004d0000 | 0x0050ffff | Private Memory | rw |
|
|
|
- |
| pagefile_0x0000000000510000 | 0x00510000 | 0x0051ffff | Pagefile Backed Memory | r |
|
|
|
- |
| private_0x0000000000520000 | 0x00520000 | 0x0055ffff | Private Memory | rw |
|
|
|
- |
| private_0x0000000000560000 | 0x00560000 | 0x0065ffff | Private Memory | rw |
|
|
|
- |
| pagefile_0x0000000000660000 | 0x00660000 | 0x007e7fff | Pagefile Backed Memory | r |
|
|
|
- |
| pagefile_0x00000000007f0000 | 0x007f0000 | 0x00970fff | Pagefile Backed Memory | r |
|
|
|
- |
| pagefile_0x0000000000980000 | 0x00980000 | 0x00980fff | Pagefile Backed Memory | rw |
|
|
|
- |
| pagefile_0x0000000000990000 | 0x00990000 | 0x00991fff | Pagefile Backed Memory | r |
|
|
|
- |
| private_0x00000000009a0000 | 0x009a0000 | 0x009affff | Private Memory | rw |
|
|
|
- |
| pagefile_0x00000000009b0000 | 0x009b0000 | 0x01daffff | Pagefile Backed Memory | r |
|
|
|
- |
| private_0x0000000001db0000 | 0x01db0000 | 0x01e8ffff | Private Memory | rw |
|
|
|
- |
| mswsock.dll.mui | 0x01db0000 | 0x01db2fff | Memory Mapped File | r |
|
|
|
- |
| pagefile_0x0000000001dc0000 | 0x01dc0000 | 0x01dc1fff | Pagefile Backed Memory | r |
|
|
|
- |
| private_0x0000000001dd0000 | 0x01dd0000 | 0x01dd3fff | Private Memory | rw |
|
|
|
- |
| tzres.dll | 0x01de0000 | 0x01de2fff | Memory Mapped File | r |
|
|
|
- |
| c_20127.nls | 0x01de0000 | 0x01df0fff | Memory Mapped File | r |
|
|
|
- |
| tzres.dll.mui | 0x01df0000 | 0x01df8fff | Memory Mapped File | r |
|
|
|
- |
| private_0x0000000001e00000 | 0x01e00000 | 0x01e0ffff | Private Memory | rw |
|
|
|
- |
| private_0x0000000001e00000 | 0x01e00000 | 0x01e13fff | Private Memory | rw |
|
|
|
- |
| pagefile_0x0000000001e00000 | 0x01e00000 | 0x01e07fff | Pagefile Backed Memory | rw |
|
|
|
- |
| private_0x0000000001e00000 | 0x01e00000 | 0x01e3ffff | Private Memory | rw |
|
|
|
- |
| pagefile_0x0000000001e20000 | 0x01e20000 | 0x01e27fff | Pagefile Backed Memory | rw |
|
|
|
- |
| private_0x0000000001e40000 | 0x01e40000 | 0x01e7ffff | Private Memory | rw |
|
|
|
- |
| private_0x0000000001e80000 | 0x01e80000 | 0x01e8ffff | Private Memory | rw |
|
|
|
- |
| private_0x0000000001e90000 | 0x01e90000 | 0x01f8ffff | Private Memory | rw |
|
|
|
- |
| sortdefault.nls | 0x01f90000 | 0x022c6fff | Memory Mapped File | r |
|
|
|
- |
| private_0x00000000022d0000 | 0x022d0000 | 0x023cffff | Private Memory | rw |
|
|
|
- |
| private_0x00000000023d0000 | 0x023d0000 | 0x024cffff | Private Memory | rw |
|
|
|
- |
| private_0x00000000024d0000 | 0x024d0000 | 0x025cffff | Private Memory | rw |
|
|
|
- |
| private_0x00000000025d0000 | 0x025d0000 | 0x027cffff | Private Memory | rw |
|
|
|
- |
| private_0x00000000027d0000 | 0x027d0000 | 0x0285efff | Private Memory | rw |
|
|
|
- |
| private_0x00000000027d0000 | 0x027d0000 | 0x0286efff | Private Memory | rw |
|
|
|
- |
| private_0x00000000027d0000 | 0x027d0000 | 0x0288cfff | Private Memory | rw |
|
|
|
- |
| private_0x00000000027d0000 | 0x027d0000 | 0x02899fff | Private Memory | rw |
|
|
|
- |
| private_0x00000000027d0000 | 0x027d0000 | 0x028b6fff | Private Memory | rw |
|
|
|
- |
| private_0x00000000027d0000 | 0x027d0000 | 0x028b9fff | Private Memory | rw |
|
|
|
- |
| private_0x00000000027d0000 | 0x027d0000 | 0x028d7fff | Private Memory | rw |
|
|
|
- |
| private_0x00000000027d0000 | 0x027d0000 | 0x028f1fff | Private Memory | rw |
|
|
|
- |
| private_0x00000000027d0000 | 0x027d0000 | 0x028fafff | Private Memory | rw |
|
|
|
- |
| private_0x00000000027d0000 | 0x027d0000 | 0x028cffff | Private Memory | rw |
|
|
|
- |
| private_0x0000000002860000 | 0x02860000 | 0x028f4fff | Private Memory | rw |
|
|
|
- |
| private_0x0000000002870000 | 0x02870000 | 0x02914fff | Private Memory | rw |
|
|
|
- |
| private_0x0000000002890000 | 0x02890000 | 0x02953fff | Private Memory | rw |
|
|
|
- |
| private_0x00000000028a0000 | 0x028a0000 | 0x02970fff | Private Memory | rw |
|
|
|
- |
| private_0x00000000028c0000 | 0x028c0000 | 0x029aefff | Private Memory | rw |
|
|
|
- |
| private_0x00000000028c0000 | 0x028c0000 | 0x029bbfff | Private Memory | rw |
|
|
|
- |
| private_0x00000000028d0000 | 0x028d0000 | 0x029cffff | Private Memory | rw |
|
|
|
- |
| private_0x00000000028e0000 | 0x028e0000 | 0x029f6fff | Private Memory | rw |
|
|
|
- |
| private_0x0000000002900000 | 0x02900000 | 0x02998fff | Private Memory | rw |
|
|
|
- |
| private_0x0000000002900000 | 0x02900000 | 0x02a22fff | Private Memory | rw |
|
|
|
- |
| private_0x0000000002900000 | 0x02900000 | 0x02a37fff | Private Memory | rw |
|
|
|
- |
| private_0x0000000002920000 | 0x02920000 | 0x029c8fff | Private Memory | rw |
|
|
|
- |
| private_0x0000000002960000 | 0x02960000 | 0x02a2bfff | Private Memory | rw |
|
|
|
- |
| private_0x0000000002980000 | 0x02980000 | 0x02a5ffff | Private Memory | rw |
|
|
|
- |
| private_0x00000000029c0000 | 0x029c0000 | 0x02abdfff | Private Memory | rw |
|
|
|
- |
| ucrtbase.dll | 0x029d0000 | 0x02aabfff | Memory Mapped File | rwx |
|
|
|
- |
| c-shm | 0x029e0000 | 0x029e7fff | Memory Mapped File | rw |
|
|
|
|
| private_0x0000000002a00000 | 0x02a00000 | 0x02b1dfff | Private Memory | rw |
|
|
|
- |
| private_0x0000000002a40000 | 0x02a40000 | 0x02b74fff | Private Memory | rw |
|
|
|
- |
| private_0x0000000002ab0000 | 0x02ab0000 | 0x02baffff | Private Memory | rw |
|
|
|
- |
| wow64cpu.dll | 0x5baa0000 | 0x5baa7fff | Memory Mapped File | rwx |
|
|
|
- |
| wow64win.dll | 0x5bab0000 | 0x5bb22fff | Memory Mapped File | rwx |
|
|
|
- |
| wow64.dll | 0x5bb30000 | 0x5bb7efff | Memory Mapped File | rwx |
|
|
|
- |
| msvcp140.dll | 0x73510000 | 0x73580fff | Memory Mapped File | rwx |
|
|
|
- |
| dbghelp.dll | 0x73590000 | 0x736cefff | Memory Mapped File | rwx |
|
|
|
- |
| winmmbase.dll | 0x736d0000 | 0x736f2fff | Memory Mapped File | rwx |
|
|
|
- |
| version.dll | 0x73700000 | 0x73707fff | Memory Mapped File | rwx |
|
|
|
- |
| ucrtbase.dll | 0x73710000 | 0x737ebfff | Memory Mapped File | rwx |
|
|
|
- |
| vcruntime140.dll | 0x737f0000 | 0x73804fff | Memory Mapped File | rwx |
|
|
|
- |
| wsock32.dll | 0x73810000 | 0x73817fff | Memory Mapped File | rwx |
|
|
|
- |
| winmm.dll | 0x73820000 | 0x73843fff | Memory Mapped File | rwx |
|
|
|
- |
| mozglue.dll | 0x73850000 | 0x73873fff | Memory Mapped File | rwx |
|
|
|
|
| nss3.dll | 0x73880000 | 0x739b3fff | Memory Mapped File | rwx |
|
|
|
|
| comctl32.dll | 0x739c0000 | 0x73bc8fff | Memory Mapped File | rwx |
|
|
|
- |
| bcrypt.dll | 0x73bd0000 | 0x73beafff | Memory Mapped File | rwx |
|
|
|
- |
| fwpuclnt.dll | 0x73bf0000 | 0x73c35fff | Memory Mapped File | rwx |
|
|
|
- |
| rasadhlp.dll | 0x73c40000 | 0x73c47fff | Memory Mapped File | rwx |
|
|
|
- |
| urlmon.dll | 0x73c50000 | 0x73daffff | Memory Mapped File | rwx |
|
|
|
- |
| dnsapi.dll | 0x73db0000 | 0x73e33fff | Memory Mapped File | rwx |
|
|
|
- |
| mswsock.dll | 0x73e40000 | 0x73e8dfff | Memory Mapped File | rwx |
|
|
|
- |
| winhttp.dll | 0x73e90000 | 0x73f36fff | Memory Mapped File | rwx |
|
|
|
- |
| winnsi.dll | 0x73f40000 | 0x73f47fff | Memory Mapped File | rwx |
|
|
|
- |
| iphlpapi.dll | 0x73f50000 | 0x73f7ffff | Memory Mapped File | rwx |
|
|
|
- |
| ondemandconnroutehelper.dll | 0x73f80000 | 0x73f90fff | Memory Mapped File | rwx |
|
|
|
- |
| iertutil.dll | 0x73fa0000 | 0x74260fff | Memory Mapped File | rwx |
|
|
|
- |
| gdiplus.dll | 0x74270000 | 0x743dafff | Memory Mapped File | rwx |
|
|
|
- |
| wininet.dll | 0x743e0000 | 0x74603fff | Memory Mapped File | rwx |
|
|
|
- |
| apphelp.dll | 0x746b0000 | 0x74740fff | Memory Mapped File | rwx |
|
|
|
- |
| bcryptprimitives.dll | 0x74750000 | 0x747a8fff | Memory Mapped File | rwx |
|
|
|
- |
| cryptbase.dll | 0x747b0000 | 0x747b9fff | Memory Mapped File | rwx |
|
|
|
- |
| sspicli.dll | 0x747c0000 | 0x747ddfff | Memory Mapped File | rwx |
|
|
|
- |
| crypt32.dll | 0x74880000 | 0x749f4fff | Memory Mapped File | rwx |
|
|
|
- |
| rpcrt4.dll | 0x74a00000 | 0x74aabfff | Memory Mapped File | rwx |
|
|
|
- |
| kernel.appcore.dll | 0x74ab0000 | 0x74abbfff | Memory Mapped File | rwx |
|
|
|
- |
| ws2_32.dll | 0x74d30000 | 0x74d8bfff | Memory Mapped File | rwx |
|
|
|
- |
| psapi.dll | 0x74d90000 | 0x74d95fff | Memory Mapped File | rwx |
|
|
|
- |
| shlwapi.dll | 0x74da0000 | 0x74de3fff | Memory Mapped File | rwx |
|
|
|
- |
| msctf.dll | 0x74df0000 | 0x74f0ffff | Memory Mapped File | rwx |
|
|
|
- |
| imm32.dll | 0x74f10000 | 0x74f3afff | Memory Mapped File | rwx |
|
|
|
- |
| kernel32.dll | 0x74f40000 | 0x7502ffff | Memory Mapped File | rwx |
|
|
|
- |
| gdi32.dll | 0x75030000 | 0x7517cfff | Memory Mapped File | rwx |
|
|
|
- |
| profapi.dll | 0x75180000 | 0x7518efff | Memory Mapped File | rwx |
|
|
|
- |
| kernelbase.dll | 0x75190000 | 0x75305fff | Memory Mapped File | rwx |
|
|
|
- |
| shell32.dll | 0x75310000 | 0x766cefff | Memory Mapped File | rwx |
|
|
|
- |
| windows.storage.dll | 0x76790000 | 0x76c6cfff | Memory Mapped File | rwx |
|
|
|
- |
| user32.dll | 0x76c70000 | 0x76daffff | Memory Mapped File | rwx |
|
|
|
- |
| msvcrt.dll | 0x76f20000 | 0x76fddfff | Memory Mapped File | rwx |
|
|
|
- |
| msasn1.dll | 0x77070000 | 0x7707dfff | Memory Mapped File | rwx |
|
|
|
- |
| cfgmgr32.dll | 0x77080000 | 0x770b5fff | Memory Mapped File | rwx |
|
|
|
- |
| nsi.dll | 0x770c0000 | 0x770c6fff | Memory Mapped File | rwx |
|
|
|
- |
| oleaut32.dll | 0x770d0000 | 0x77161fff | Memory Mapped File | rwx |
|
|
|
- |
| ole32.dll | 0x77170000 | 0x77259fff | Memory Mapped File | rwx |
|
|
|
- |
| powrprof.dll | 0x77260000 | 0x772a3fff | Memory Mapped File | rwx |
|
|
|
- |
| sechost.dll | 0x772b0000 | 0x772f2fff | Memory Mapped File | rwx |
|
|
|
- |
| shcore.dll | 0x77300000 | 0x7738cfff | Memory Mapped File | rwx |
|
|
|
- |
| combase.dll | 0x77390000 | 0x77549fff | Memory Mapped File | rwx |
|
|
|
- |
| advapi32.dll | 0x77550000 | 0x775cafff | Memory Mapped File | rwx |
|
|
|
- |
| ntdll.dll | 0x776b0000 | 0x77828fff | Memory Mapped File | rwx |
|
|
|
- |
| private_0x000000007fea7000 | 0x7fea7000 | 0x7fea9fff | Private Memory | rw |
|
|
|
- |
| private_0x000000007feaa000 | 0x7feaa000 | 0x7feacfff | Private Memory | rw |
|
|
|
- |
| private_0x000000007fead000 | 0x7fead000 | 0x7feaffff | Private Memory | rw |
|
|
|
- |
| pagefile_0x000000007feb0000 | 0x7feb0000 | 0x7ffaffff | Pagefile Backed Memory | r |
|
|
|
- |
| pagefile_0x000000007ffb0000 | 0x7ffb0000 | 0x7ffd2fff | Pagefile Backed Memory | r |
|
|
|
- |
| private_0x000000007ffd5000 | 0x7ffd5000 | 0x7ffd7fff | Private Memory | rw |
|
|
|
- |
| private_0x000000007ffd8000 | 0x7ffd8000 | 0x7ffdafff | Private Memory | rw |
|
|
|
- |
| private_0x000000007ffdb000 | 0x7ffdb000 | 0x7ffddfff | Private Memory | rw |
|
|
|
- |
| private_0x000000007ffde000 | 0x7ffde000 | 0x7ffdefff | Private Memory | rw |
|
|
|
- |
| private_0x000000007ffdf000 | 0x7ffdf000 | 0x7ffdffff | Private Memory | rw |
|
|
|
- |
| private_0x000000007ffe0000 | 0x7ffe0000 | 0x7ffeffff | Private Memory | r |
|
|
|
- |
| private_0x000000007fff0000 | 0x7fff0000 | 0x7ffc57b4ffff | Private Memory | r |
|
|
|
- |
| ntdll.dll | 0x7ffc57b50000 | 0x7ffc57d11fff | Memory Mapped File | rwx |
|
|
|
- |
| private_0x00007ffc57d12000 | 0x7ffc57d12000 | 0x7ffffffeffff | Private Memory | r |
|
|
|
- |
|
For performance reasons, the remaining 24 entries are omitted.
The remaining entries can be found in flog.txt. |
||||||||
Created Files
| Filename | File Size | Hash Values | YARA Match | Actions |
|---|---|---|---|---|
| C:\ProgramData\\msvcp140.dll | 429.80 KB |
MD5:
109f0f02fd37c84bfc7508d4227d7ed5
SHA1: ef7420141bb15ac334d3964082361a460bfdb975 SHA256: 334e69ac9367f708ce601a6f490ff227d6c20636da5222f148b25831d22e13d4 SSDeep: 12288:Mlp4PwrPTlZ+/wKzY+dM+gjZ+UGhUgiW6QR7t5s03Ooc8dHkC2es9oV:Mlp4PePozGMA03Ooc8dHkC2ecI |
|
|
| C:\ProgramData\\vcruntime140.dll | 81.82 KB |
MD5:
7587bf9cb4147022cd5681b015183046
SHA1: f2106306a8f6f0da5afb7fc765cfa0757ad5a628 SHA256: c40bb03199a2054dabfc7a8e01d6098e91de7193619effbd0f142a7bf031c14d SSDeep: 1536:AQXQNgAuCDeHFtg3uYQkDqiVsv39niI35kU2yecbVKHHwhbfugbZyk:AQXQNVDeHFtO5d/A39ie6yecbVKHHwJF |
|
|
| C:\ProgramData\\mozglue.dll | 133.95 KB |
MD5:
8f73c08a9660691143661bf7332c3c27
SHA1: 37fa65dd737c50fda710fdbde89e51374d0c204a SHA256: 3fe6b1c54b8cf28f571e0c5d6636b4069a8ab00b4f11dd842cfec00691d0c9cd SSDeep: 3072:7Gyzk/x2Wp53pUzPoNpj/kVghp1qt/dXDyp4D2JJJvPhrSeTuk:6yQ2Wp53iO/kVghp12/dXDyyD2JJJvPR |
|
|
| files\passwords.txt | 0.00 KB |
MD5:
d41d8cd98f00b204e9800998ecf8427e
SHA1: da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 SSDeep: 3:: |
|
|
| C:\ProgramData\\freebl3.dll | 326.45 KB |
MD5:
ef2834ac4ee7d6724f255beaf527e635
SHA1: 5be8c1e73a21b49f353c2ecfa4108e43a883cb7b SHA256: a770ecba3b08bbabd0a567fc978e50615f8b346709f8eb3cfacf3faab24090ba SSDeep: 6144:C8YBC2NpfYjGg7t5xb7WOBOLFwh8yGHrIrvqqDL6XPowD:CbG7F35BVh8yIZqn65D |
|
|
| C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\c-shm | 32.00 KB |
MD5:
b7c14ec6110fa820ca6b65f5aec85911
SHA1: 608eeb7488042453c9ca40f7e1398fc1a270f3f4 SHA256: fd4c9fda9cd3f9ae7c962b0ddf37232294d55580e1aa165aa06129b8549389eb SSDeep: 3:G8lQs2TSlElQs2TtPRp//:G0QjSaQjrpX |
|
|
| C:\ProgramData\\nss3.dll | 1.19 MB |
MD5:
bfac4e3c5908856ba17d41edcd455a51
SHA1: 8eec7e888767aa9e4cca8ff246eb2aacb9170428 SHA256: e2935b5b28550d47dc971f456d6961f20d1633b4892998750140e0eaa9ae9d78 SSDeep: 24576:Sb5zzlswYNYLVJAwfpeYQ1Dw/fEE8DhSJVIVfRyAkgO6S/V/jbHpls4MSRSMxkoo:4zW5ygDwnEZIYkjgWjblMSRSMqH |
|
|
| C:\ProgramData\\softokn3.dll | 141.45 KB |
MD5:
a2ee53de9167bf0d6c019303b7ca84e5
SHA1: 2a3c737fa1157e8483815e98b666408a18c0db42 SHA256: 43536adef2ddcc811c28d35fa6ce3031029a2424ad393989db36169ff2995083 SSDeep: 3072:UAf6suip+d7FEk/oJz69sFaXeu9CoT2nIVFetBWsqeFwdMIo:p6PbsF4CoT2OeU4SMB |
|
|
| files\Cookies\cookies_Mozilla Firefox_8i341t8m.default.txt | 6.57 KB |
MD5:
1ad09bf298087fa07aada634b28349cc
SHA1: 1c32001fbaef4233500071ca58ec3e2bf5a69b13 SHA256: 4f2676820c363b6f75054807cd1fa4bc4ac1951347c13080fd3170c950106b86 SSDeep: 96:hbgZ9ZFk3l4IDR4TxA3TRNAXmsRi7vVuapZO2DY5PSeQAtQU:hgZ9z++IDAA39NSXapZORGax |
|
|
| c | 512.00 KB |
MD5:
c086878e29f58295040165b8d529978f
SHA1: f82adf6832b0170d777e8414c905da9ae7615814 SHA256: 33399fef9e8e65a148887fb112a866d47b92dd08d861cd510f4e1f2fe8b6a41d SSDeep: 384:NDf+J1VSvfVRvtIdaYK/gVzV7drvVmDIlGRYJf2:NDf+L6CdbV5t9LGR |
|
|
| c:\programdata\z7oy7o0xpwlxm7m23rjk\files\screenshot.jpg | 89.53 KB |
MD5:
eff3c8b5842db3e1227a3d3bd88e746f
SHA1: 79ba61c1eaac5d7603d150716ddd8026a5e579b9 SHA256: 5ecdc44efa48dc13eb04ba1bafc6a69f1ff4573ec8705b58febec78723e86dbc SSDeep: 1536:bmJu4GD6hXJwKbklkA0LXRbPGIYzTocbpeZEI7a3NQZxAk1nXhg1GDktLi+J:SJ+dWRLXLYzTrwEQ3r1nXhg1UktL5J |
|
|
| files\Cookies\Edge_Cookies.txt | 2.15 KB |
MD5:
2f8cd47f017c6fb70ed43420648a4e7d
SHA1: 0ee53ee7615114696060184e1036a6fb79aa145f SHA256: 6495ffb2eca1e2ee36ac9927df0c3c66c7ba3f3065826116201b0dc4fda97178 SSDeep: 24:jAZv1ov5VGwng9tUwhDXDePYiJH2ekVsUhtHAjlc6aF/dqGLKbKEd5fkUBCBcjc1:jgIeoQip2ekV7EU8tvd5xExNJiXq |
|
|
Modified Files
| Filename | File Size | Hash Values | YARA Match | Actions |
|---|---|---|---|---|
| c:\users\ciihmnxmn6ps\appdata\local\microsoft\windows\inetcache\counters.dat | 0.12 KB |
MD5:
0fc07622856a4f02ec32f3b8cdc7d79a
SHA1: 69227fbe52d3fbfa3af508fee363698fd2a3613c SHA256: 0ac6eba5d515f5a55c7d5bd712cb191aac9bbef780cac77f3a69e357d8c3d746 SSDeep: 3:/lV/l3l:d |
|
|
Host Behavior
File (1602)
| Operation | Filename | Additional Information | Success | Count | Logfile |
|---|---|---|---|---|---|
| Create | files\passwords.txt | desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| Create | C:\ProgramData\\freebl3.dll | desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ |
|
1 | |
| Create | C:\ProgramData\\mozglue.dll | desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ |
|
1 | |
| Create | C:\ProgramData\\msvcp140.dll | desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ |
|
1 | |
| Create | C:\ProgramData\\nss3.dll | desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ |
|
1 | |
| Create | C:\ProgramData\\softokn3.dll | desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ |
|
1 | |
| Create | C:\ProgramData\\vcruntime140.dll | desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ |
|
1 | |
| Create | C:\Users\CIiHmnxMn6Ps\AppData\Roaming\Mozilla\Firefox\Profiles\8i341t8m.default\cookies.sqlite | desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| Create | c | desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| Create | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\c | desired_access = GENERIC_WRITE, GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| Create | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\c-wal | desired_access = GENERIC_WRITE, GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| Create | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\c-shm | desired_access = GENERIC_WRITE, GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| Create | files\Cookies\cookies_Mozilla Firefox_8i341t8m.default.txt | desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| Create | files\Cookies\cookies_Mozilla Firefox_8i341t8m.default.txt | desired_access = GENERIC_WRITE, GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| Create | C:\Users\CIiHmnxMn6Ps\AppData\Roaming\Mozilla\Firefox\Profiles\8i341t8m.default\places.sqlite | desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| Create | history | desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| Create | files\passwords.txt | desired_access = GENERIC_WRITE, GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
25 | |
| Create | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\Default\Login Data | desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| Create | ld | desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| Create | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\ld | desired_access = GENERIC_WRITE, GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| Create | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\Default\History | desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| Create | historych | desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| Create | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\historych | desired_access = GENERIC_WRITE, GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| Create | files\History\Google Chrome_Default.txt | desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| Create | files\Downloads\Google Chrome_Default.txt | desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| Create | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\Default\Cookies | desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| Create | c | desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| Create | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\c | desired_access = GENERIC_WRITE, GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| Create | files\Cookies\Google Chrome_Default.txt | desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| Create | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\Default\Web Data | desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| Create | wd | desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| Create | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\wd | desired_access = GENERIC_WRITE, GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| Create | files\Autofill\Google Chrome_Default.txt | desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| Create | files\CC\Google Chrome_Default.txt | desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| Create | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\Default\Web Data | desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| Create | wd | desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| Create | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\wd | desired_access = GENERIC_WRITE, GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| Create | files\Cookies\IE_Cookies.txt | desired_access = GENERIC_WRITE, GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| Create | C:\Users\CIiHmnxMn6Ps\AppData\Roaming\Microsoft\Windows\Cookies\Low\?? | desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| Create | files\Cookies\Edge_Cookies.txt | desired_access = GENERIC_WRITE, GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| Create | C:\Users\CIiHmnxMn6Ps\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\ | desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| Create | files\Cookies\Edge_Cookies.txt | desired_access = GENERIC_WRITE, GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| Create | C:\Users\CIiHmnxMn6Ps\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\1ZJA02JO.txt | desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| Create | C:\Users\CIiHmnxMn6Ps\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\268TPJIA.txt | desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| Create | C:\Users\CIiHmnxMn6Ps\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\6KWA3R8C.txt | desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| Create | C:\Users\CIiHmnxMn6Ps\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\85DGK2J5.txt | desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| Create | C:\Users\CIiHmnxMn6Ps\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\FPNDV7T3.txt | desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| Create | C:\Users\CIiHmnxMn6Ps\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\J9KFLZDX.txt | desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| Create | C:\Users\CIiHmnxMn6Ps\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\JN00AKV9.txt | desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| Create | C:\Users\CIiHmnxMn6Ps\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\OR8K8VRM.txt | desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| Create | C:\Users\CIiHmnxMn6Ps\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\TK0LXHBL.txt | desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| Create | C:\Users\CIiHmnxMn6Ps\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\VC62GJSF.txt | desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| Create | C:\Users\CIiHmnxMn6Ps\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\VSMDVD55.txt | desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| Create | C:\Users\CIiHmnxMn6Ps\AppData\Roaming\.purple\accounts.xml | desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| Create | files\cookie_list.txt | desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| Create | files\information.txt | desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| Create | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\files\Autofill | desired_access = GENERIC_READ, share_mode = FILE_SHARE_READ |
|
1 | |
| Create | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\files\CC\Google Chrome_Default.txt | desired_access = GENERIC_READ, share_mode = FILE_SHARE_READ |
|
1 | |
| Create | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\files\CC | desired_access = GENERIC_READ, share_mode = FILE_SHARE_READ |
|
1 | |
| Create | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\files\Cookies\cookies_Mozilla Firefox_8i341t8m.default.txt | desired_access = GENERIC_READ, share_mode = FILE_SHARE_READ |
|
1 | |
| Create | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\files\Cookies\Edge_Cookies.txt | desired_access = GENERIC_READ, share_mode = FILE_SHARE_READ |
|
1 | |
| Create | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\files\Cookies\Google Chrome_Default.txt | desired_access = GENERIC_READ, share_mode = FILE_SHARE_READ |
|
1 | |
| Create | DE_427a1946-e0ff-4097-8c9e-ca2c1e22780b1188567168.zip | desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ |
|
1 | |
| Create | DE_427a1946-e0ff-4097-8c9e-ca2c1e22780b1188567168.zip | desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ |
|
1 | |
| Create Directory | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK | - |
|
1 | |
| Create Directory | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\files | - |
|
1 | |
| Create Directory | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\files\Autofill | - |
|
1 | |
| Create Directory | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\files\Cookies | - |
|
1 | |
| Create Directory | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\files\CC | - |
|
1 | |
| Create Directory | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\files\History | - |
|
1 | |
| Create Directory | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\files\Downloads | - |
|
1 | |
| Create Directory | C:\ProgramData\ | - |
|
1 | |
| Create Directory | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\files\Soft | - |
|
1 | |
| Create Directory | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\files\Soft\Authy | - |
|
1 | |
| Create Directory | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\files\Wallets | - |
|
1 | |
| Create Directory | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\files\Wallets\Ethereum | - |
|
1 | |
| Create Directory | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\files\Wallets\Electrum | - |
|
1 | |
| Create Directory | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\files\Wallets\ElectrumLTC | - |
|
1 | |
| Create Directory | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\files\Wallets\Exodus | - |
|
1 | |
| Create Directory | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\files\Wallets\Exodus | - |
|
4 | |
| Create Directory | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\files\Wallets\ElectronCash | - |
|
1 | |
| Create Directory | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\files\Wallets\MultiDoge | - |
|
1 | |
| Create Directory | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\files\Wallets\JAXX | - |
|
1 | |
| Get Info | files\passwords.txt | type = file_type |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Roaming\Mozilla\Firefox\Profiles\. | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Roaming\Mozilla\Firefox\Profiles\.\cookies.sqlite | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Roaming\Mozilla\Firefox\Profiles\.\places.sqlite | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Roaming\Mozilla\Firefox\Profiles\.\logins.json | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Roaming\Mozilla\Firefox\Profiles\.. | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Roaming\Mozilla\Firefox\Profiles\..\cookies.sqlite | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Roaming\Mozilla\Firefox\Profiles\..\places.sqlite | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Roaming\Mozilla\Firefox\Profiles\..\logins.json | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Roaming\Mozilla\Firefox\Profiles\8i341t8m.default | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Roaming\Mozilla\Firefox\Profiles\8i341t8m.default\cookies.sqlite | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Roaming\Mozilla\Firefox\Profiles\8i341t8m.default\cookies.sqlite | type = file_type |
|
1 | |
| Get Info | c | type = file_type |
|
1 | |
| Get Info | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\c-journal | type = file_attributes |
|
2 | |
| Get Info | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\c | type = size, size_out = 0 |
|
4 | |
| Get Info | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\c-wal | type = file_attributes |
|
3 | |
| Get Info | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\c-shm | type = size, size_out = 0 |
|
2 | |
| Get Info | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\c-wal | type = size, size_out = 0 |
|
1 | |
| Get Info | files\Cookies\cookies_Mozilla Firefox_8i341t8m.default.txt | type = file_type |
|
2 | |
| Get Info | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\c-shm | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Roaming\Mozilla\Firefox\Profiles\8i341t8m.default\places.sqlite | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Roaming\Mozilla\Firefox\Profiles\8i341t8m.default\places.sqlite | type = file_type |
|
1 | |
| Get Info | history | type = file_type |
|
1 | |
| Get Info | files\passwords.txt | type = file_type |
|
25 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\. | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\.\Login Data | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\.\History | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\.\Cookies | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\.\Web Data | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\.. | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\..\Login Data | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\..\History | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\..\Cookies | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\..\Web Data | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\CertificateTransparency | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\CertificateTransparency\Login Data | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\CertificateTransparency\History | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\CertificateTransparency\Cookies | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\CertificateTransparency\Web Data | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\Crashpad | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\Crashpad\Login Data | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\Crashpad\History | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\Crashpad\Cookies | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\Crashpad\Web Data | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\Default | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\Default\Login Data | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\Default\Login Data | type = file_type |
|
1 | |
| Get Info | ld | type = file_type |
|
1 | |
| Get Info | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\ld-journal | type = file_attributes |
|
2 | |
| Get Info | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\ld | type = size, size_out = 0 |
|
5 | |
| Get Info | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\ld-wal | type = file_attributes |
|
2 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\Default\History | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\Default\History | type = file_type |
|
1 | |
| Get Info | historych | type = file_type |
|
1 | |
| Get Info | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\historych-journal | type = file_attributes |
|
3 | |
| Get Info | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\historych | type = size, size_out = 0 |
|
8 | |
| Get Info | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\historych-wal | type = file_attributes |
|
3 | |
| Get Info | files\History\Google Chrome_Default.txt | type = file_type |
|
1 | |
| Get Info | files\Downloads\Google Chrome_Default.txt | type = file_type |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\Default\Cookies | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\Default\Cookies | type = file_type |
|
1 | |
| Get Info | c | type = file_type |
|
1 | |
| Get Info | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\c | type = size, size_out = 0 |
|
2 | |
| Get Info | files\Cookies\Google Chrome_Default.txt | type = file_type |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\Default\Web Data | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\Default\Web Data | type = file_type |
|
1 | |
| Get Info | wd | type = file_type |
|
1 | |
| Get Info | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\wd-journal | type = file_attributes |
|
4 | |
| Get Info | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\wd | type = size, size_out = 0 |
|
5 | |
| Get Info | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\wd-wal | type = file_attributes |
|
4 | |
| Get Info | files\Autofill\Google Chrome_Default.txt | type = file_type |
|
1 | |
| Get Info | files\CC\Google Chrome_Default.txt | type = file_type |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\Default\Web Data | type = file_type |
|
1 | |
| Get Info | wd | type = file_type |
|
1 | |
| Get Info | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\wd | type = size, size_out = 0 |
|
5 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\EVWhitelist | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\EVWhitelist\Login Data | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\EVWhitelist\History | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\EVWhitelist\Cookies | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\EVWhitelist\Web Data | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\FileTypePolicies | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\FileTypePolicies\Login Data | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\FileTypePolicies\History | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\FileTypePolicies\Cookies | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\FileTypePolicies\Web Data | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\First Run | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\Local State | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\OriginTrials | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\OriginTrials\Login Data | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\OriginTrials\History | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\OriginTrials\Cookies | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\OriginTrials\Web Data | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\PepperFlash | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\PepperFlash\Login Data | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\PepperFlash\History | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\PepperFlash\Cookies | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\PepperFlash\Web Data | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\pnacl | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\pnacl\Login Data | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\pnacl\History | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\pnacl\Cookies | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\pnacl\Web Data | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\Safe Browsing Bloom | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\Safe Browsing Bloom Prefix Set | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\Safe Browsing Channel IDs | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\Safe Browsing Channel IDs-journal | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\Safe Browsing Cookies | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\Safe Browsing Cookies-journal | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\Safe Browsing Csd Whitelist | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\Safe Browsing Download | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\Safe Browsing Download Whitelist | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\Safe Browsing Extension Blacklist | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\Safe Browsing IP Blacklist | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\Safe Browsing Module Whitelist | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\Safe Browsing Resource Blacklist | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\Safe Browsing UwS List | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\Safe Browsing UwS List Prefix Set | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\SSLErrorAssistant | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\SSLErrorAssistant\Login Data | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\SSLErrorAssistant\History | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\SSLErrorAssistant\Cookies | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\SSLErrorAssistant\Web Data | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\Subresource Filter | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\Subresource Filter\Login Data | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\Subresource Filter\History | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\Subresource Filter\Cookies | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\Subresource Filter\Web Data | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\SwReporter | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\SwReporter\Login Data | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\SwReporter\History | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\SwReporter\Cookies | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\SwReporter\Web Data | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\WidevineCdm | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\WidevineCdm\Login Data | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\WidevineCdm\History | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\WidevineCdm\Cookies | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\WidevineCdm\Web Data | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Roaming\Opera Software\Opera Stable\Login Data | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Roaming\Opera Software\Opera Stable\History | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Roaming\Opera Software\Opera Stable\Cookies | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Roaming\Opera Software\Opera Stable\Web Data | type = file_attributes |
|
1 | |
| Get Info | files\Cookies\IE_Cookies.txt | type = file_type |
|
1 | |
| Get Info | files\Cookies\Edge_Cookies.txt | type = file_type |
|
1 | |
| Get Info | files\Cookies\Edge_Cookies.txt | type = file_type |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\1ZJA02JO.txt | type = file_type |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\268TPJIA.txt | type = file_type |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\6KWA3R8C.txt | type = file_type |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\85DGK2J5.txt | type = file_type |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\FPNDV7T3.txt | type = file_type |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\J9KFLZDX.txt | type = file_type |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\JN00AKV9.txt | type = file_type |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\OR8K8VRM.txt | type = file_type |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\TK0LXHBL.txt | type = file_type |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\VC62GJSF.txt | type = file_type |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\VSMDVD55.txt | type = file_type |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Roaming\FileZilla\recentservers.xml | type = file_attributes |
|
1 | |
| Get Info | files\cookie_list.txt | type = file_type |
|
1 | |
| Get Info | files\information.txt | type = file_type |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Roaming\Ethereum\ | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Roaming\Electrum\wallets\`Wa`et??Et???Kum?K` | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Roaming\Electrum-LTC\wallets\`Wa?et??El???Kum?K` | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Roaming\Exodus\???? | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Roaming\Exodus\??Wa` | type = file_attributes |
|
2 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Roaming\Exodus\exodus.wallet\`Wa`et???????K | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Roaming\Exodus\exodus.wallet\`Wa?et??Ex???K | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Roaming\ElectronCash\wallets\` | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Roaming\MultiDoge\`Wa`et??El???Kon?K` | type = file_attributes |
|
1 | |
| Get Info | C:\Users\CIiHmnxMn6Ps\AppData\Roaming\jaxx\Local Storage\`Wa?et??Mu???Kog?K` | type = file_attributes |
|
1 | |
| Get Info | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\files\CC\Google Chrome_Default.txt | type = attributes,time,size,volserialno |
|
1 | |
| Get Info | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\files\CC\Google Chrome_Default.txt | type = size |
|
1 | |
| Get Info | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\files\Cookies\cookies_Mozilla Firefox_8i341t8m.default.txt | type = attributes,time,size,volserialno |
|
1 | |
| Get Info | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\files\Cookies\cookies_Mozilla Firefox_8i341t8m.default.txt | type = size |
|
1 | |
| Get Info | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\files\Cookies\Edge_Cookies.txt | type = attributes,time,size,volserialno |
|
1 | |
| Get Info | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\files\Cookies\Edge_Cookies.txt | type = size |
|
1 | |
| Get Info | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\files\Cookies\Google Chrome_Default.txt | type = attributes,time,size,volserialno |
|
1 | |
| Get Info | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\files\Cookies\Google Chrome_Default.txt | type = size |
|
1 | |
| Get Info | DE_427a1946-e0ff-4097-8c9e-ca2c1e22780b1188567168.zip | type = size |
|
1 | |
| Get Info | DE_427a1946-e0ff-4097-8c9e-ca2c1e22780b1188567168.zip | type = size |
|
1 | |
| Open | STD_INPUT_HANDLE | - |
|
1 | |
| Open | STD_OUTPUT_HANDLE | - |
|
1 | |
| Open | STD_ERROR_HANDLE | - |
|
1 | |
| Copy | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\files\Soft\Authy\ | source_filename = C:\Users\CIiHmnxMn6Ps\AppData\Roaming\Authy Desktop\Local Storage\ |
|
1 | |
| Copy | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\files\Wallets\Ethereum\ | source_filename = C:\Users\CIiHmnxMn6Ps\AppData\Roaming\Ethereum\ |
|
1 | |
| Copy | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\files\Wallets\Electrum\̀Wàetᝲ洈Etᝲ洈龲Ǩum鿄Ǩ̀ | source_filename = C:\Users\CIiHmnxMn6Ps\AppData\Roaming\Electrum\wallets\`Wa`et??Et???Kum?K` |
|
1 | |
| Copy | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\files\Wallets\ElectrumLTC\̀WaȀetᝲ洈Elᝲ洈龲Ǩum龲Ǩ̀ | source_filename = C:\Users\CIiHmnxMn6Ps\AppData\Roaming\Electrum-LTC\wallets\`Wa?et??El???Kum?K` |
|
1 | |
| Copy | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\files\Wallets\Exodus\ȀȀ | source_filename = C:\Users\CIiHmnxMn6Ps\AppData\Roaming\Exodus\???? |
|
1 | |
| Copy | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\files\Wallets\Exodus\ᝲ洈Wà | source_filename = C:\Users\CIiHmnxMn6Ps\AppData\Roaming\Exodus\??Wa` |
|
2 | |
| Copy | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\files\Wallets\Exodus\̀Wàetᝲ洈ᝲ洈龲Ǩ | source_filename = C:\Users\CIiHmnxMn6Ps\AppData\Roaming\Exodus\exodus.wallet\`Wa`et???????K |
|
1 | |
| Copy | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\files\Wallets\Exodus\̀WaȀetᝲ洈Exᝲ洈龲Ǩ | source_filename = C:\Users\CIiHmnxMn6Ps\AppData\Roaming\Exodus\exodus.wallet\`Wa?et??Ex???K |
|
1 | |
| Copy | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\files\Wallets\ElectronCash\̀ | source_filename = C:\Users\CIiHmnxMn6Ps\AppData\Roaming\ElectronCash\wallets\` |
|
1 | |
| Copy | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\files\Wallets\MultiDoge\̀Wàetᝲ洈Elᝲ洈龲Ǩon鿄Ǩ̀ | source_filename = C:\Users\CIiHmnxMn6Ps\AppData\Roaming\MultiDoge\`Wa`et??El???Kon?K` |
|
1 | |
| Copy | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\files\Wallets\JAXX\̀WaȀetᝲ洈Muᝲ洈龲Ǩog龲Ǩ̀ | source_filename = C:\Users\CIiHmnxMn6Ps\AppData\Roaming\jaxx\Local Storage\`Wa?et??Mu???Kog?K` |
|
1 | |
| Read | C:\Users\CIiHmnxMn6Ps\AppData\Roaming\Mozilla\Firefox\Profiles\8i341t8m.default\cookies.sqlite | size = 4096, size_out = 4096 |
|
128 | |
| Read | C:\Users\CIiHmnxMn6Ps\AppData\Roaming\Mozilla\Firefox\Profiles\8i341t8m.default\cookies.sqlite | size = 4096, size_out = 0 |
|
1 | |
| Read | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\c | size = 100, size_out = 100 |
|
1 | |
| Read | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\c | size = 32768, size_out = 32768 |
|
3 | |
| Read | C:\Users\CIiHmnxMn6Ps\AppData\Roaming\Mozilla\Firefox\Profiles\8i341t8m.default\places.sqlite | size = 4096, size_out = 4096 |
|
249 | |
| Read | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\Default\Login Data | size = 4096, size_out = 4096 |
|
4 | |
| Read | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\Default\Login Data | size = 4096, size_out = 2048 |
|
1 | |
| Read | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\Default\Login Data | size = 4096, size_out = 0 |
|
1 | |
| Read | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\ld | size = 100, size_out = 100 |
|
1 | |
| Read | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\ld | size = 2048, size_out = 2048 |
|
2 | |
| Read | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\ld | size = 16, size_out = 16 |
|
1 | |
| Read | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\Default\History | size = 4096, size_out = 4096 |
|
25 | |
| Read | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\Default\History | size = 4096, size_out = 0 |
|
1 | |
| Read | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\historych | size = 100, size_out = 100 |
|
1 | |
| Read | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\historych | size = 4096, size_out = 4096 |
|
3 | |
| Read | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\historych | size = 16, size_out = 16 |
|
2 | |
| Read | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\Default\Cookies | size = 4096, size_out = 4096 |
|
3 | |
| Read | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\Default\Cookies | size = 4096, size_out = 1024 |
|
1 | |
| Read | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\Default\Cookies | size = 4096, size_out = 0 |
|
1 | |
| Read | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\c | size = 100, size_out = 100 |
|
1 | |
| Read | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\c | size = 1024, size_out = 1024 |
|
1 | |
| Read | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\Default\Web Data | size = 4096, size_out = 4096 |
|
17 | |
| Read | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\Default\Web Data | size = 4096, size_out = 0 |
|
1 | |
| Read | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\wd | size = 100, size_out = 100 |
|
1 | |
| Read | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\wd | size = 2048, size_out = 2048 |
|
5 | |
| Read | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\wd | size = 16, size_out = 16 |
|
1 | |
| Read | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\Default\Web Data | size = 4096, size_out = 4096 |
|
17 | |
| Read | C:\Users\CIiHmnxMn6Ps\AppData\Local\Google\Chrome\User Data\Default\Web Data | size = 4096, size_out = 0 |
|
1 | |
| Read | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\wd | size = 100, size_out = 100 |
|
1 | |
| Read | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\wd | size = 2048, size_out = 2048 |
|
5 | |
| Read | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\wd | size = 16, size_out = 16 |
|
1 | |
| Read | C:\Users\CIiHmnxMn6Ps\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\1ZJA02JO.txt | size = 4096, size_out = 111 |
|
1 | |
| Read | C:\Users\CIiHmnxMn6Ps\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\1ZJA02JO.txt | size = 4096, size_out = 0 |
|
1 | |
| Read | C:\Users\CIiHmnxMn6Ps\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\268TPJIA.txt | size = 4096, size_out = 620 |
|
1 | |
| Read | C:\Users\CIiHmnxMn6Ps\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\268TPJIA.txt | size = 4096, size_out = 0 |
|
1 | |
| Read | C:\Users\CIiHmnxMn6Ps\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\6KWA3R8C.txt | size = 4096, size_out = 77 |
|
1 | |
| Read | C:\Users\CIiHmnxMn6Ps\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\6KWA3R8C.txt | size = 4096, size_out = 0 |
|
1 | |
| Read | C:\Users\CIiHmnxMn6Ps\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\85DGK2J5.txt | size = 4096, size_out = 213 |
|
1 | |
| Read | C:\Users\CIiHmnxMn6Ps\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\85DGK2J5.txt | size = 4096, size_out = 0 |
|
1 | |
| Read | C:\Users\CIiHmnxMn6Ps\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\FPNDV7T3.txt | size = 4096, size_out = 416 |
|
1 | |
| Read | C:\Users\CIiHmnxMn6Ps\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\FPNDV7T3.txt | size = 4096, size_out = 0 |
|
1 | |
| Read | C:\Users\CIiHmnxMn6Ps\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\J9KFLZDX.txt | size = 4096, size_out = 385 |
|
1 | |
| Read | C:\Users\CIiHmnxMn6Ps\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\J9KFLZDX.txt | size = 4096, size_out = 0 |
|
1 | |
| Read | C:\Users\CIiHmnxMn6Ps\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\JN00AKV9.txt | size = 4096, size_out = 88 |
|
1 | |
| Read | C:\Users\CIiHmnxMn6Ps\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\JN00AKV9.txt | size = 4096, size_out = 0 |
|
1 | |
| Read | C:\Users\CIiHmnxMn6Ps\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\OR8K8VRM.txt | size = 4096, size_out = 260 |
|
1 | |
| Read | C:\Users\CIiHmnxMn6Ps\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\OR8K8VRM.txt | size = 4096, size_out = 0 |
|
1 | |
| Read | C:\Users\CIiHmnxMn6Ps\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\TK0LXHBL.txt | size = 4096, size_out = 211 |
|
1 | |
| Read | C:\Users\CIiHmnxMn6Ps\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\TK0LXHBL.txt | size = 4096, size_out = 0 |
|
1 | |
| Read | C:\Users\CIiHmnxMn6Ps\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\VC62GJSF.txt | size = 4096, size_out = 182 |
|
1 | |
| Read | C:\Users\CIiHmnxMn6Ps\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\VC62GJSF.txt | size = 4096, size_out = 0 |
|
1 | |
| Read | C:\Users\CIiHmnxMn6Ps\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\VSMDVD55.txt | size = 4096, size_out = 92 |
|
1 | |
| Read | C:\Users\CIiHmnxMn6Ps\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\VSMDVD55.txt | size = 4096, size_out = 0 |
|
1 | |
| Read | - | size = 65536, size_out = 0 |
|
1 | |
| Read | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\files\CC\Google Chrome_Default.txt | size = 65536, size_out = 0 |
|
1 | |
| Read | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\files\Cookies\cookies_Mozilla Firefox_8i341t8m.default.txt | size = 2, size_out = 2 |
|
1 | |
| Read | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\files\Cookies\cookies_Mozilla Firefox_8i341t8m.default.txt | size = 4, size_out = 4 |
|
1 | |
| Read | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\files\Cookies\cookies_Mozilla Firefox_8i341t8m.default.txt | size = 65536, size_out = 6731 |
|
1 | |
| Read | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\files\Cookies\cookies_Mozilla Firefox_8i341t8m.default.txt | size = 58805, size_out = 0 |
|
1 | |
| Read | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\files\Cookies\Edge_Cookies.txt | size = 2, size_out = 2 |
|
1 | |
| Read | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\files\Cookies\Edge_Cookies.txt | size = 4, size_out = 4 |
|
1 | |
| Read | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\files\Cookies\Edge_Cookies.txt | size = 65536, size_out = 2202 |
|
1 | |
| Read | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\files\Cookies\Edge_Cookies.txt | size = 63334, size_out = 0 |
|
1 | |
| Read | DE_427a1946-e0ff-4097-8c9e-ca2c1e22780b1188567168.zip | size = 97312, size_out = 97312 |
|
1 | |
| Read | DE_427a1946-e0ff-4097-8c9e-ca2c1e22780b1188567168.zip | size = 97312, size_out = 97312 |
|
1 | |
| Write | C:\ProgramData\\freebl3.dll | size = 334288 |
|
1 | |
| Write | C:\ProgramData\\mozglue.dll | size = 137168 |
|
1 | |
| Write | C:\ProgramData\\msvcp140.dll | size = 440120 |
|
1 | |
| Write | C:\ProgramData\\nss3.dll | size = 1246160 |
|
1 | |
| Write | C:\ProgramData\\softokn3.dll | size = 144848 |
|
1 | |
| Write | C:\ProgramData\\vcruntime140.dll | size = 83784 |
|
1 | |
| Write | c | size = 4096 |
|
128 | |
| Write | files\Cookies\cookies_Mozilla Firefox_8i341t8m.default.txt | size = 4141 |
|
1 | |
| Write | files\Cookies\cookies_Mozilla Firefox_8i341t8m.default.txt | size = 2590 |
|
1 | |
| Write | history | size = 4096 |
|
248 | |
| Write | ld | size = 4096 |
|
4 | |
| Write | ld | size = 2048 |
|
1 | |
| Write | historych | size = 4096 |
|
25 | |
| Write | files\History\Google Chrome_Default.txt | size = 232 |
|
1 | |
| Write | c | size = 4096 |
|
3 | |
| Write | c | size = 1024 |
|
1 | |
| Write | wd | size = 4096 |
|
17 | |
| Write | wd | size = 4096 |
|
17 | |
| Write | files\Cookies\Edge_Cookies.txt | size = 2202 |
|
1 | |
| Write | files\cookie_list.txt | size = 449 |
|
1 | |
| Write | files\information.txt | size = 3544 |
|
1 | |
| Write | C:\Users\CIiHmnxMn6Ps\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\VSMDVD55.txt | size = 2 |
|
2 | |
| Write | C:\Users\CIiHmnxMn6Ps\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\VSMDVD55.txt | size = 1 |
|
231 | |
| Write | C:\Users\CIiHmnxMn6Ps\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\VSMDVD55.txt | size = 35 |
|
1 | |
| Write | C:\Users\CIiHmnxMn6Ps\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\VSMDVD55.txt | size = 17 |
|
7 | |
| Write | C:\Users\CIiHmnxMn6Ps\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\VSMDVD55.txt | size = 29 |
|
2 | |
| Write | C:\Users\CIiHmnxMn6Ps\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\VSMDVD55.txt | size = 53 |
|
2 | |
| Write | C:\Users\CIiHmnxMn6Ps\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\VSMDVD55.txt | size = 2689 |
|
1 | |
| Write | C:\Users\CIiHmnxMn6Ps\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\VSMDVD55.txt | size = 25 |
|
2 | |
| Write | C:\Users\CIiHmnxMn6Ps\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\VSMDVD55.txt | size = 992 |
|
1 | |
| Delete | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\c-shm | - |
|
1 | |
| Delete | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\c-wal | - |
|
1 | |
| Delete | C:\ProgramData\freebl3.dll | - |
|
1 | |
| Delete | C:\ProgramData\mozglue.dll | - |
|
1 | |
| Delete | C:\ProgramData\msvcp140.dll | - |
|
1 | |
| Delete | C:\ProgramData\nss3.dll | - |
|
1 | |
| Delete | C:\ProgramData\softokn3.dll | - |
|
1 | |
| Delete | C:\ProgramData\vcruntime140.dll | - |
|
1 | |
| Delete | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\files\Autofill\Google Chrome_Default.txt | - |
|
1 | |
| Delete | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\files\Autofill | - |
|
1 | |
| Delete | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\files\CC\Google Chrome_Default.txt | - |
|
1 | |
| Delete | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\files\CC | - |
|
1 | |
| Delete | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\files\Cookies\cookies_Mozilla Firefox_8i341t8m.default.txt | - |
|
1 | |
| Delete | C:\ProgramData\Z7OY7O0XPWLXM7M23RJK\files\Cookies\Edge_Cookies.txt | - |
|
1 |
Registry (190)
| Operation | Key | Additional Information | Success | Count | Logfile |
|---|---|---|---|---|---|
| Open Key | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography | - |
|
1 | |
| Open Key | HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration | - |
|
1 | |
| Open Key | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography | - |
|
3 | |
| Open Key | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion | - |
|
1 | |
| Open Key | HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | - |
|
1 | |
| Open Key | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall | - |
|
1 | |
| Open Key | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AddressBook | - |
|
1 | |
| Open Key | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Connection Manager | - |
|
1 | |
| Open Key | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DirectDrawEx | - |
|
1 | |
| Open Key | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DXM_Runtime | - |
|
1 | |
| Open Key | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Fontcore | - |
|
1 | |
| Open Key | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome | - |
|
1 | |
| Open Key | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE40 | - |
|
1 | |
| Open Key | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE4Data | - |
|
1 | |
| Open Key | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE5BAKEX | - |
|
1 | |
| Open Key | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IEData | - |
|
1 | |
| Open Key | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MobileOptionPack | - |
|
1 | |
| Open Key | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Mozilla Firefox 53.0.3 (x86 en-GB) | - |
|
1 | |
| Open Key | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MPlayer2 | - |
|
1 | |
| Open Key | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SchedulingAgent | - |
|
1 | |
| Open Key | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WIC | - |
|
1 | |
| Open Key | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E} | - |
|
1 | |
| Open Key | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}.KB2151757 | - |
|
1 | |
| Open Key | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}.KB2467173 | - |
|
1 | |
| Open Key | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}.KB2524860 | - |
|
1 | |
| Open Key | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}.KB2544655 | - |
|
1 | |
| Open Key | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}.KB2549743 | - |
|
1 | |
| Open Key | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}.KB2565063 | - |
|
1 | |
| Open Key | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}.KB982573 | - |
|
1 | |
| Open Key | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f} | - |
|
1 | |
| Open Key | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3c3aafc8-d898-43ec-998f-965ffdae065a} | - |
|
1 | |
| Open Key | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3D82C954-2957-418B-908F-FE78BF3A8BEB} | - |
|
1 | |
| Open Key | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10} | - |
|
1 | |
| Open Key | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2} | - |
|
1 | |
| Open Key | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{74d0e5db-b326-4dae-a6b2-445b9de1836e} | - |
|
1 | |
| Open Key | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{9BE518E6-ECC6-35A9-88E4-87755C07200F} | - |
|
1 | |
| Open Key | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A2563E55-3BEC-3828-8D67-E5E8B9E8B675} | - |
|
1 | |
| Open Key | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AC76BA86-0804-1033-1959-001824245926} | - |
|
1 | |
| Open Key | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AC76BA86-7AD7-1033-7B44-AC0F074E4100} | - |
|
1 | |
| Open Key | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B175520C-86A2-35A7-8619-86DC379688B9} | - |
|
1 | |
| Open Key | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB} | - |
|
1 | |
| Open Key | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{BE960C1C-7BAD-3DE6-8B1A-2616FE532845} | - |
|
1 | |
| Open Key | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6} | - |
|
1 | |
| Open Key | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{e52a6842-b0ac-476e-b48f-378a97a67346} | - |
|
1 | |
| Open Key | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{e6e75766-da0f-4ba2-9788-6ea593ce702d} | - |
|
1 | |
| Open Key | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5} | - |
|
1 | |
| Open Key | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}.KB2151757 | - |
|
1 | |
| Open Key | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}.KB2467173 | - |
|
1 | |
| Open Key | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}.KB2524860 | - |
|
1 | |
| Open Key | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}.KB2544655 | - |
|
1 | |
| Open Key | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}.KB2549743 | - |
|
1 | |
| Open Key | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}.KB2565063 | - |
|
1 | |
| Open Key | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}.KB982573 | - |
|
1 | |
| Open Key | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185} | - |
|
1 | |
| Open Key | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion | - |
|
1 | |
| Open Key | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography | - |
|
1 | |
| Open Key | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion | - |
|
1 | |
| Open Key | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography | - |
|
1 | |
| Open Key | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion | - |
|
1 | |
| Read Value | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography | value_name = MachineGuid, data = 52 |
|
1 | |
| Read Value | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography | value_name = MachineGuid, data = 52 |
|
3 | |
| Read Value | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion | value_name = ProductName, data = 87 |
|
1 | |
| Read Value | HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | value_name = ProcessorNameString, data = 73 |
|
1 | |
| Read Value | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AddressBook | value_name = DisplayName, data = 0, type = REG_NONE |
|
1 | |
| Read Value | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Connection Manager | value_name = DisplayName, data = 0, type = REG_NONE |
|
1 | |
| Read Value | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DirectDrawEx | value_name = DisplayName, data = 0, type = REG_NONE |
|
1 | |
| Read Value | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DXM_Runtime | value_name = DisplayName, data = 0, type = REG_NONE |
|
1 | |
| Read Value | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Fontcore | value_name = DisplayName, data = 0, type = REG_NONE |
|
1 | |
| Read Value | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome | value_name = DisplayName, data = Google Chrome, type = REG_SZ |
|
1 | |
| Read Value | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome | value_name = DisplayVersion, data = 58.0.3029.110, type = REG_SZ |
|
1 | |
| Read Value | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE40 | value_name = DisplayName, data = 53, type = REG_NONE |
|
1 | |
| Read Value | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE4Data | value_name = DisplayName, data = 53, type = REG_NONE |
|
1 | |
| Read Value | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE5BAKEX | value_name = DisplayName, data = 53, type = REG_NONE |
|
1 | |
| Read Value | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IEData | value_name = DisplayName, data = 53, type = REG_NONE |
|
1 | |
| Read Value | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MobileOptionPack | value_name = DisplayName, data = 53, type = REG_NONE |
|
1 | |
| Read Value | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Mozilla Firefox 53.0.3 (x86 en-GB) | value_name = DisplayName, data = Mozilla Firefox 53.0.3 (x86 en-GB), type = REG_SZ |
|
1 | |
| Read Value | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Mozilla Firefox 53.0.3 (x86 en-GB) | value_name = DisplayVersion, data = 53.0.3, type = REG_SZ |
|
1 | |
| Read Value | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MPlayer2 | value_name = DisplayName, data = 53, type = REG_NONE |
|
1 | |
| Read Value | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SchedulingAgent | value_name = DisplayName, data = 53, type = REG_NONE |
|
1 | |
| Read Value | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WIC | value_name = DisplayName, data = 53, type = REG_NONE |
|
1 | |
| Read Value | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E} | value_name = DisplayName, data = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005, type = REG_SZ |
|
1 | |
| Read Value | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E} | value_name = DisplayVersion, data = 12.0.21005, type = REG_SZ |
|
1 | |
| Read Value | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}.KB2151757 | value_name = DisplayName, data = 49, type = REG_NONE |
|
1 | |
| Read Value | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}.KB2467173 | value_name = DisplayName, data = 49, type = REG_NONE |
|
1 | |
| Read Value | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}.KB2524860 | value_name = DisplayName, data = 49, type = REG_NONE |
|
1 | |
| Read Value | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}.KB2544655 | value_name = DisplayName, data = 49, type = REG_NONE |
|
1 | |
| Read Value | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}.KB2549743 | value_name = DisplayName, data = 49, type = REG_NONE |
|
1 | |
| Read Value | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}.KB2565063 | value_name = DisplayName, data = 49, type = REG_NONE |
|
1 | |
| Read Value | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}.KB982573 | value_name = DisplayName, data = 49, type = REG_NONE |
|
1 | |
| Read Value | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f} | value_name = DisplayName, data = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030, type = REG_SZ |
|
1 | |
| Read Value | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f} | value_name = DisplayVersion, data = 11.0.61030.0, type = REG_SZ |
|
1 | |
| Read Value | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3c3aafc8-d898-43ec-998f-965ffdae065a} | value_name = DisplayName, data = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501, type = REG_SZ |
|
1 | |
| Read Value | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3c3aafc8-d898-43ec-998f-965ffdae065a} | value_name = DisplayVersion, data = 12.0.30501.0, type = REG_SZ |
|
1 | |
| Read Value | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3D82C954-2957-418B-908F-FE78BF3A8BEB} | value_name = DisplayName, data = Adobe Flash Player 25 NPAPI, type = REG_SZ |
|
1 | |
| Read Value | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3D82C954-2957-418B-908F-FE78BF3A8BEB} | value_name = DisplayVersion, data = 25.0.0.148, type = REG_SZ |
|
1 | |
| Read Value | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10} | value_name = DisplayName, data = Java Auto Updater, type = REG_SZ |
|
1 | |
| Read Value | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10} | value_name = DisplayVersion, data = 2.8.131.11, type = REG_SZ |
|
1 | |
| Read Value | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2} | value_name = DisplayName, data = Microsoft Visual C++ 2005 Redistributable, type = REG_SZ |
|
1 | |
| Read Value | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2} | value_name = DisplayVersion, data = 8.0.61001, type = REG_SZ |
|
1 | |
| Read Value | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{74d0e5db-b326-4dae-a6b2-445b9de1836e} | value_name = DisplayName, data = Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026, type = REG_SZ |
|
1 | |
| Read Value | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{74d0e5db-b326-4dae-a6b2-445b9de1836e} | value_name = DisplayVersion, data = 14.0.23026.0, type = REG_SZ |
|
1 | |
| Read Value | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{9BE518E6-ECC6-35A9-88E4-87755C07200F} | value_name = DisplayName, data = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161, type = REG_SZ |
|
1 | |
| Read Value | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{9BE518E6-ECC6-35A9-88E4-87755C07200F} | value_name = DisplayVersion, data = 9.0.30729.6161, type = REG_SZ |
|
1 | |
| Read Value | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A2563E55-3BEC-3828-8D67-E5E8B9E8B675} | value_name = DisplayName, data = Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.23026, type = REG_SZ |
|
1 | |
| Read Value | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A2563E55-3BEC-3828-8D67-E5E8B9E8B675} | value_name = DisplayVersion, data = 14.0.23026, type = REG_SZ |
|
1 | |
| Read Value | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AC76BA86-0804-1033-1959-001824245926} | value_name = DisplayName, data = Adobe Refresh Manager, type = REG_SZ |
|
1 | |
| Read Value | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AC76BA86-0804-1033-1959-001824245926} | value_name = DisplayVersion, data = 1.8.0, type = REG_SZ |
|
1 | |
| Read Value | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AC76BA86-7AD7-1033-7B44-AC0F074E4100} | value_name = DisplayName, data = Adobe Acrobat Reader DC, type = REG_SZ |
|
1 | |
| Read Value | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AC76BA86-7AD7-1033-7B44-AC0F074E4100} | value_name = DisplayVersion, data = 18.009.20050, type = REG_SZ |
|
1 | |
| Read Value | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B175520C-86A2-35A7-8619-86DC379688B9} | value_name = DisplayName, data = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030, type = REG_SZ |
|
1 | |
| Read Value | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B175520C-86A2-35A7-8619-86DC379688B9} | value_name = DisplayVersion, data = 11.0.61030, type = REG_SZ |
|
1 | |
| Read Value | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB} | value_name = DisplayName, data = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030, type = REG_SZ |
|
1 | |
| Read Value | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB} | value_name = DisplayVersion, data = 11.0.61030, type = REG_SZ |
|
1 | |
| Read Value | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{BE960C1C-7BAD-3DE6-8B1A-2616FE532845} | value_name = DisplayName, data = Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.23026, type = REG_SZ |
|
1 | |
| Read Value | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{BE960C1C-7BAD-3DE6-8B1A-2616FE532845} | value_name = DisplayVersion, data = 14.0.23026, type = REG_SZ |
|
1 | |
| Read Value | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6} | value_name = DisplayName, data = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030, type = REG_SZ |
|
1 | |
| Read Value | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6} | value_name = DisplayVersion, data = 11.0.61030.0, type = REG_SZ |
|
1 | |
| Read Value | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{e52a6842-b0ac-476e-b48f-378a97a67346} | value_name = DisplayName, data = Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25017, type = REG_SZ |
|
1 | |
| Read Value | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{e52a6842-b0ac-476e-b48f-378a97a67346} | value_name = DisplayVersion, data = 14.10.25017.0, type = REG_SZ |
|
1 | |
| Read Value | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{e6e75766-da0f-4ba2-9788-6ea593ce702d} | value_name = DisplayName, data = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501, type = REG_SZ |
|
1 | |
| Read Value | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{e6e75766-da0f-4ba2-9788-6ea593ce702d} | value_name = DisplayVersion, data = 12.0.30501.0, type = REG_SZ |
|
1 | |
| Read Value | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5} | value_name = DisplayName, data = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219, type = REG_SZ |
|
1 | |
| Read Value | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5} | value_name = DisplayVersion, data = 10.0.40219, type = REG_SZ |
|
1 | |
| Read Value | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}.KB2151757 | value_name = DisplayName, data = 49, type = REG_NONE |
|
1 | |
| Read Value | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}.KB2467173 | value_name = DisplayName, data = 49, type = REG_NONE |
|
1 | |
| Read Value | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}.KB2524860 | value_name = DisplayName, data = 49, type = REG_NONE |
|
1 | |
| Read Value | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}.KB2544655 | value_name = DisplayName, data = 49, type = REG_NONE |
|
1 | |
| Read Value | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}.KB2549743 | value_name = DisplayName, data = 49, type = REG_NONE |
|
1 | |
| Read Value | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}.KB2565063 | value_name = DisplayName, data = 49, type = REG_NONE |
|
1 | |
| Read Value | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}.KB982573 | value_name = DisplayName, data = 49, type = REG_NONE |
|
1 | |
| Read Value | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185} | value_name = DisplayName, data = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005, type = REG_SZ |
|
1 | |
| Read Value | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185} | value_name = DisplayVersion, data = 12.0.21005, type = REG_SZ |
|
1 | |
| Read Value | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion | value_name = ProductName, data = 87 |
|
1 | |
| Read Value | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography | value_name = MachineGuid, data = 52 |
|
1 | |
| Read Value | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion | value_name = ProductName, data = 87 |
|
1 | |
| Read Value | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography | value_name = MachineGuid, data = 52 |
|
1 | |
| Read Value | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion | value_name = ProductName, data = 87 |
|
1 | |
| Enumerate Keys | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall | - |
|
1 | |
| Enumerate Keys | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall | - |
|
1 | |
| Enumerate Keys | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall | - |
|
1 | |
| Enumerate Keys | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall | - |
|
1 | |
| Enumerate Keys | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall | - |
|
1 | |
| Enumerate Keys | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall | - |
|
1 | |
| Enumerate Keys | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall | - |
|
1 | |
| Enumerate Keys | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall | - |
|
1 | |
| Enumerate Keys | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall | - |
|
1 | |
| Enumerate Keys | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall | - |
|
1 | |
| Enumerate Keys | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall | - |
|
1 | |
| Enumerate Keys | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall | - |
|
1 | |
| Enumerate Keys | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall | - |
|
1 | |
| Enumerate Keys | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall | - |
|
1 | |
| Enumerate Keys | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall | - |
|
1 | |
| Enumerate Keys | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall | - |
|
1 | |
| Enumerate Keys | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall | - |
|
1 | |
| Enumerate Keys | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall | - |
|
1 | |
| Enumerate Keys | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall | - |
|
1 | |
| Enumerate Keys | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall | - |
|
1 | |
| Enumerate Keys | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall | - |
|
1 | |
| Enumerate Keys | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall | - |
|
1 | |
| Enumerate Keys | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall | - |
|
1 | |
| Enumerate Keys | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall | - |
|
1 | |
| Enumerate Keys | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall | - |
|
1 | |
| Enumerate Keys | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall | - |
|
1 | |
| Enumerate Keys | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall | - |
|
1 | |
| Enumerate Keys | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall | - |
|
1 | |
| Enumerate Keys | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall | - |
|
1 | |
| Enumerate Keys | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall | - |
|
1 | |
| Enumerate Keys | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall | - |
|
1 | |
| Enumerate Keys | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall | - |
|
1 | |
| Enumerate Keys | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall | - |
|
1 | |
| Enumerate Keys | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall | - |
|
1 | |
| Enumerate Keys | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall | - |
|
1 | |
| Enumerate Keys | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall | - |
|
1 | |
| Enumerate Keys | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall | - |
|
1 | |
| Enumerate Keys | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall | - |
|
1 | |
| Enumerate Keys | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall | - |
|
1 | |
| Enumerate Keys | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall | - |
|
1 | |
| Enumerate Keys | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall | - |
|
1 | |
| Enumerate Keys | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall | - |
|
1 | |
| Enumerate Keys | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall | - |
|
1 | |
| Enumerate Keys | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall | - |
|
1 | |
| Enumerate Keys | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall | - |
|
1 | |
| Enumerate Keys | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall | - |
|
1 | |
| Enumerate Keys | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall | - |
|
1 | |
| Enumerate Keys | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall | - |
|
1 | |
| Enumerate Keys | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall | - |
|
1 |
Module (100)
| Operation | Module | Additional Information | Success | Count | Logfile |
|---|---|---|---|---|---|
| Load | C:\ProgramData\nss3.dll | base_address = 0x73880000 |
|
7 | |
| Load | vaultcli.dll | base_address = 0x734a0000 |
|
1 | |
| Load | C:\Program Files (x86)\Mozilla Thunderbird\nss3.dll | base_address = 0x0 |
|
1 | |
| Get Handle | c:\windows\syswow64\kernel32.dll | base_address = 0x74f40000 |
|
3 | |
| Get Handle | c:\windows\syswow64\kernelbase.dll | base_address = 0x75190000 |
|
1 | |
| Get Filename | - | process_name = c:\users\ciihmnxmn6ps\desktop\globalhack[rueunavn][17.02.2019] .exe, file_name_orig = C:\Users\CIiHmnxMn6Ps\Desktop\GlobalHack[RUEUNAVN][17.02.2019] .exe, size = 260 |
|
1 | |
| Get Filename | C:\Program Files (x86)\Mozilla Thunderbird\nss3.dll | process_name = c:\users\ciihmnxmn6ps\desktop\globalhack[rueunavn][17.02.2019] .exe, file_name_orig = C:\Users\CIiHmnxMn6Ps\Desktop\GlobalHack[RUEUNAVN][17.02.2019] .exe, size = 260 |
|
1 | |
| Get Address | c:\windows\syswow64\kernel32.dll | function = FlsAlloc, address_out = 0x74f5a330 |
|
1 | |
| Get Address | c:\windows\syswow64\kernel32.dll | function = FlsGetValue, address_out = 0x74f57580 |
|
1 | |
| Get Address | c:\windows\syswow64\kernel32.dll | function = FlsSetValue, address_out = 0x74f59910 |
|
1 | |
| Get Address | c:\windows\syswow64\kernel32.dll | function = FlsFree, address_out = 0x74f5f400 |
|
1 | |
| Get Address | c:\windows\syswow64\kernelbase.dll | function = InitializeConditionVariable, address_out = 0x77709da0 |
|
1 | |
| Get Address | c:\windows\syswow64\kernelbase.dll | function = SleepConditionVariableCS, address_out = 0x752c2850 |
|
1 | |
| Get Address | c:\windows\syswow64\kernelbase.dll | function = WakeAllConditionVariable, address_out = 0x77713370 |
|
1 | |
| Get Address | c:\programdata\nss3.dll | function = NSS_Init, address_out = 0x7390dc11 |
|
7 | |
| Get Address | c:\programdata\nss3.dll | function = NSS_Shutdown, address_out = 0x7390de9c |
|
7 | |
| Get Address | c:\programdata\nss3.dll | function = PK11_GetInternalKeySlot, address_out = 0x739322b8 |
|
7 | |
| Get Address | c:\programdata\nss3.dll | function = PK11_FreeSlot, address_out = 0x73931d2a |
|
7 | |
| Get Address | c:\programdata\nss3.dll | function = PK11_Authenticate, address_out = 0x7391aa95 |
|
7 | |
| Get Address | c:\programdata\nss3.dll | function = PK11SDR_Decrypt, address_out = 0x7392e262 |
|
7 | |
| Get Address | c:\programdata\nss3.dll | function = sqlite3_open, address_out = 0x73884077 |
|
7 | |
| Get Address | c:\programdata\nss3.dll | function = sqlite3_prepare_v2, address_out = 0x738848cd |
|
7 | |
| Get Address | c:\programdata\nss3.dll | function = sqlite3_step, address_out = 0x73885efb |
|
7 | |
| Get Address | c:\programdata\nss3.dll | function = sqlite3_column_text, address_out = 0x738861da |
|
7 | |
| Get Address | Unknown module name | function = VaultOpenVault, address_out = 0x734a9e10 |
|
1 | |
| Get Address | Unknown module name | function = VaultCloseVault, address_out = 0x734a9e80 |
|
1 | |
| Get Address | Unknown module name | function = VaultEnumerateItems, address_out = 0x734a9c80 |
|
1 | |
| Get Address | Unknown module name | function = VaultGetItem, address_out = 0x734a9bf0 |
|
1 | |
| Get Address | Unknown module name | function = VaultFree, address_out = 0x734a9690 |
|
1 | |
| Get Address | c:\windows\syswow64\kernel32.dll | function = GlobalMemoryStatusEx, address_out = 0x74f5a650 |
|
1 | |
| Map | - | process_name = c:\users\ciihmnxmn6ps\desktop\globalhack[rueunavn][17.02.2019] .exe, desired_access = FILE_MAP_WRITE, FILE_MAP_READ |
|
2 |
Keyboard (2)
| Operation | Additional Information | Success | Count | Logfile |
|---|---|---|---|---|
| Get Info | type = KB_LOCALE_ID |
|
2 |
System (25)
| Operation | Additional Information | Success | Count | Logfile |
|---|---|---|---|---|
| Get Computer Name | result_out = LHNIWSJ |
|
1 | |
| Sleep | duration = 100 milliseconds (0.100 seconds) |
|
1 | |
| Get Time | type = System Time, time = 2019-02-17 13:36:21 (UTC) |
|
1 | |
| Get Time | type = Ticks, time = 125843 |
|
1 | |
| Get Time | type = System Time, time = 2019-02-17 13:36:22 (UTC) |
|
1 | |
| Get Time | type = Ticks, time = 131984 |
|
1 | |
| Get Time | type = System Time, time = 2019-02-17 13:36:30 (UTC) |
|
1 | |
| Get Time | type = Ticks, time = 136765 |
|
2 | |
| Get Time | type = Ticks, time = 136781 |
|
1 | |
| Get Time | type = Ticks, time = 136796 |
|
6 | |
| Get Time | type = Ticks, time = 136812 |
|
5 | |
| Get Info | type = Hardware Information |
|
2 | |
| Get Info | type = Operating System |
|
2 |
Mutex (1)
| Operation | Additional Information | Success | Count | Logfile |
|---|---|---|---|---|
| Create | mutex_name = 427a1946-e0ff-4097-8c9e-ca2c1e22780b{6bb4f034-2706-11e5-9bbe-806e6f6e6963} |
|
1 |
Environment (10)
| Operation | Additional Information | Success | Count | Logfile |
|---|---|---|---|---|
| Get Environment String | - |
|
2 | |
| Set Environment String | name = PATH, value = C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\ProgramData |
|
1 | |
| Set Environment String | name = PATH, value = C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\ProgramData;C:\ProgramData |
|
1 | |
| Set Environment String | name = PATH, value = C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\ProgramData;C:\ProgramData;C:\ProgramData |
|
1 | |
| Set Environment String | name = PATH, value = C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\ProgramData;C:\ProgramData;C:\ProgramData;C:\ProgramData |
|
1 | |
| Set Environment String | name = PATH, value = C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\ProgramData;C:\ProgramData;C:\ProgramData;C:\ProgramData;C:\ProgramData |
|
1 | |
| Set Environment String | name = PATH, value = C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\ProgramData;C:\ProgramData;C:\ProgramData;C:\ProgramData;C:\ProgramData;C:\ProgramData |
|
1 | |
| Set Environment String | name = PATH, value = C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\ProgramData;C:\ProgramData;C:\ProgramData;C:\ProgramData;C:\ProgramData;C:\ProgramData;C:\ProgramData |
|
1 | |
| Set Environment String | name = PATH, value = C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\ProgramData;C:\ProgramData;C:\ProgramData;C:\ProgramData;C:\ProgramData;C:\ProgramData;C:\ProgramData;C:\Program Files (x86)\Mozilla Thunderbird |
|
1 |
Network Behavior
HTTP Sessions (11)
| Information | Value |
|---|---|
| Total Data Sent | 2.01 KB |
| Total Data Received | 1.06 MB |
| Contacted Host Count | 2 |
| Contacted Hosts | supermen22.beget.tech, ip-api.com |
HTTP Session #1
| Information | Value |
|---|---|
| Server Name | supermen22.beget.tech |
| Server Port | 80 |
| Data Sent | 185 |
| Data Received | 354 |
| Operation | Additional Information | Success | Count | Logfile |
|---|---|---|---|---|
| Open Session | access_type = INTERNET_OPEN_TYPE_PRECONFIG |
|
1 | |
| Open Connection | protocol = HTTP, server_name = supermen22.beget.tech, server_port = 80 |
|
1 | |
| Open HTTP Request | http_verb = POST, http_version = HTTP 1.1, target_resource = /11, accept_types = 0, flags = INTERNET_FLAG_KEEP_CONNECTION |
|
1 | |
| Add HTTP Request Headers | headers = Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1 |
|
1 | |
| Add HTTP Request Headers | headers = Accept-Language: ru-RU,ru;q=0.9,en;q=0.8 |
|
1 | |
| Add HTTP Request Headers | headers = Accept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1 |
|
1 | |
| Add HTTP Request Headers | headers = Accept-Encoding: deflate, gzip, x-gzip, identity, *;q=0 |
|
1 | |
| Add HTTP Request Headers | headers = Content-Type: multipart/form-data; boundary=1BEF0A57BE110FD467A |
|
1 | |
| Add HTTP Request Headers | headers = Content-Length: 25 |
|
1 | |
| Send HTTP Request | headers = WINHTTP_NO_ADDITIONAL_HEADERS, url = supermen22.beget.tech/11 |
|
1 | |
| Query HTTP Info | flags = HTTP_QUERY_REFRESH |
|
1 | |
| Read Response | size = 1000, size_out = 354 |
|
1 | |
| Read Response | size = 1000, size_out = 0 |
|
1 | |
| Query HTTP Info | flags = HTTP_QUERY_CONTENT_ENCODING |
|
1 | |
| Close Session | - |
|
11 |
HTTP Session #2
| Information | Value |
|---|---|
| Server Name | supermen22.beget.tech |
| Server Port | 80 |
| Data Sent | 193 |
| Data Received | 249000 |
| Operation | Additional Information | Success | Count | Logfile |
|---|---|---|---|---|
| Open Session | access_type = INTERNET_OPEN_TYPE_PRECONFIG |
|
1 | |
| Open Connection | protocol = HTTP, server_name = supermen22.beget.tech, server_port = 80 |
|
1 | |
| Open HTTP Request | http_verb = GET, http_version = HTTP 1.1, target_resource = /freebl3.dll, accept_types = 0, flags = INTERNET_FLAG_KEEP_CONNECTION |
|
1 | |
| Add HTTP Request Headers | headers = Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1 |
|
1 | |
| Add HTTP Request Headers | headers = Accept-Language: ru-RU,ru;q=0.9,en;q=0.8 |
|
1 | |
| Add HTTP Request Headers | headers = Accept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1 |
|
1 | |
| Add HTTP Request Headers | headers = Accept-Encoding: deflate, gzip, x-gzip, identity, *;q=0 |
|
1 | |
| Send HTTP Request | headers = WINHTTP_NO_ADDITIONAL_HEADERS, url = supermen22.beget.tech/freebl3.dll |
|
1 | |
| Read Response | size = 1000, size_out = 1000 |
|
249 | |
| Query HTTP Info | flags = HTTP_QUERY_CONTENT_ENCODING |
|
1 | |
| Close Session | - |
|
11 |
HTTP Session #3
| Information | Value |
|---|---|
| Server Name | supermen22.beget.tech |
| Server Port | 80 |
| Data Sent | 193 |
| Data Received | 137168 |
| Operation | Additional Information | Success | Count | Logfile |
|---|---|---|---|---|
| Open Session | access_type = INTERNET_OPEN_TYPE_PRECONFIG |
|
1 | |
| Open Connection | protocol = HTTP, server_name = supermen22.beget.tech, server_port = 80 |
|
1 | |
| Open HTTP Request | http_verb = GET, http_version = HTTP 1.1, target_resource = /mozglue.dll, accept_types = 0, flags = INTERNET_FLAG_KEEP_CONNECTION |
|
1 | |
| Add HTTP Request Headers | headers = Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1 |
|
1 | |
| Add HTTP Request Headers | headers = Accept-Language: ru-RU,ru;q=0.9,en;q=0.8 |
|
1 | |
| Add HTTP Request Headers | headers = Accept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1 |
|
1 | |
| Add HTTP Request Headers | headers = Accept-Encoding: deflate, gzip, x-gzip, identity, *;q=0 |
|
1 | |
| Send HTTP Request | headers = WINHTTP_NO_ADDITIONAL_HEADERS, url = supermen22.beget.tech/mozglue.dll |
|
1 | |
| Read Response | size = 1000, size_out = 1000 |
|
137 | |
| Read Response | size = 1000, size_out = 168 |
|
1 | |
| Read Response | size = 1000, size_out = 0 |
|
1 | |
| Query HTTP Info | flags = HTTP_QUERY_CONTENT_ENCODING |
|
1 | |
| Close Session | - |
|
11 |
HTTP Session #4
| Information | Value |
|---|---|
| Server Name | supermen22.beget.tech |
| Server Port | 80 |
| Data Sent | 194 |
| Data Received | 249000 |
| Operation | Additional Information | Success | Count | Logfile |
|---|---|---|---|---|
| Open Session | access_type = INTERNET_OPEN_TYPE_PRECONFIG |
|
1 | |
| Open Connection | protocol = HTTP, server_name = supermen22.beget.tech, server_port = 80 |
|
1 | |
| Open HTTP Request | http_verb = GET, http_version = HTTP 1.1, target_resource = /msvcp140.dll, accept_types = 0, flags = INTERNET_FLAG_KEEP_CONNECTION |
|
1 | |
| Add HTTP Request Headers | headers = Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1 |
|
1 | |
| Add HTTP Request Headers | headers = Accept-Language: ru-RU,ru;q=0.9,en;q=0.8 |
|
1 | |
| Add HTTP Request Headers | headers = Accept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1 |
|
1 | |
| Add HTTP Request Headers | headers = Accept-Encoding: deflate, gzip, x-gzip, identity, *;q=0 |
|
1 | |
| Send HTTP Request | headers = WINHTTP_NO_ADDITIONAL_HEADERS, url = supermen22.beget.tech/msvcp140.dll |
|
1 | |
| Read Response | size = 1000, size_out = 1000 |
|
249 | |
| Query HTTP Info | flags = HTTP_QUERY_CONTENT_ENCODING |
|
1 | |
| Close Session | - |
|
11 |
HTTP Session #5
| Information | Value |
|---|---|
| Server Name | supermen22.beget.tech |
| Server Port | 80 |
| Data Sent | 190 |
| Data Received | 249000 |
| Operation | Additional Information | Success | Count | Logfile |
|---|---|---|---|---|
| Open Session | access_type = INTERNET_OPEN_TYPE_PRECONFIG |
|
1 | |
| Open Connection | protocol = HTTP, server_name = supermen22.beget.tech, server_port = 80 |
|
1 | |
| Open HTTP Request | http_verb = GET, http_version = HTTP 1.1, target_resource = /nss3.dll, accept_types = 0, flags = INTERNET_FLAG_KEEP_CONNECTION |
|
1 | |
| Add HTTP Request Headers | headers = Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1 |
|
1 | |
| Add HTTP Request Headers | headers = Accept-Language: ru-RU,ru;q=0.9,en;q=0.8 |
|
1 | |
| Add HTTP Request Headers | headers = Accept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1 |
|
1 | |
| Add HTTP Request Headers | headers = Accept-Encoding: deflate, gzip, x-gzip, identity, *;q=0 |
|
1 | |
| Send HTTP Request | headers = WINHTTP_NO_ADDITIONAL_HEADERS, url = supermen22.beget.tech/nss3.dll |
|
1 | |
| Read Response | size = 1000, size_out = 1000 |
|
249 | |
| Query HTTP Info | flags = HTTP_QUERY_CONTENT_ENCODING |
|
1 | |
| Close Session | - |
|
11 |
HTTP Session #6
| Information | Value |
|---|---|
| Server Name | supermen22.beget.tech |
| Server Port | 80 |
| Data Sent | 194 |
| Data Received | 144848 |
| Operation | Additional Information | Success | Count | Logfile |
|---|---|---|---|---|
| Open Session | access_type = INTERNET_OPEN_TYPE_PRECONFIG |
|
1 | |
| Open Connection | protocol = HTTP, server_name = supermen22.beget.tech, server_port = 80 |
|
1 | |
| Open HTTP Request | http_verb = GET, http_version = HTTP 1.1, target_resource = /softokn3.dll, accept_types = 0, flags = INTERNET_FLAG_KEEP_CONNECTION |
|
1 | |
| Add HTTP Request Headers | headers = Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1 |
|
1 | |
| Add HTTP Request Headers | headers = Accept-Language: ru-RU,ru;q=0.9,en;q=0.8 |
|
1 | |
| Add HTTP Request Headers | headers = Accept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1 |
|
1 | |
| Add HTTP Request Headers | headers = Accept-Encoding: deflate, gzip, x-gzip, identity, *;q=0 |
|
1 | |
| Send HTTP Request | headers = WINHTTP_NO_ADDITIONAL_HEADERS, url = supermen22.beget.tech/softokn3.dll |
|
1 | |
| Read Response | size = 1000, size_out = 1000 |
|
144 | |
| Read Response | size = 1000, size_out = 848 |
|
1 | |
| Read Response | size = 1000, size_out = 0 |
|
1 | |
| Query HTTP Info | flags = HTTP_QUERY_CONTENT_ENCODING |
|
1 | |
| Close Session | - |
|
11 |
HTTP Session #7
| Information | Value |
|---|---|
| Server Name | supermen22.beget.tech |
| Server Port | 80 |
| Data Sent | 198 |
| Data Received | 83784 |
| Operation | Additional Information | Success | Count | Logfile |
|---|---|---|---|---|
| Open Session | access_type = INTERNET_OPEN_TYPE_PRECONFIG |
|
1 | |
| Open Connection | protocol = HTTP, server_name = supermen22.beget.tech, server_port = 80 |
|
1 | |
| Open HTTP Request | http_verb = GET, http_version = HTTP 1.1, target_resource = /vcruntime140.dll, accept_types = 0, flags = INTERNET_FLAG_KEEP_CONNECTION |
|
1 | |
| Add HTTP Request Headers | headers = Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1 |
|
1 | |
| Add HTTP Request Headers | headers = Accept-Language: ru-RU,ru;q=0.9,en;q=0.8 |
|
1 | |
| Add HTTP Request Headers | headers = Accept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1 |
|
1 | |
| Add HTTP Request Headers | headers = Accept-Encoding: deflate, gzip, x-gzip, identity, *;q=0 |
|
1 | |
| Send HTTP Request | headers = WINHTTP_NO_ADDITIONAL_HEADERS, url = supermen22.beget.tech/vcruntime140.dll |
|
1 | |
| Read Response | size = 1000, size_out = 1000 |
|
83 | |
| Read Response | size = 1000, size_out = 784 |
|
1 | |
| Read Response | size = 1000, size_out = 0 |
|
1 | |
| Query HTTP Info | flags = HTTP_QUERY_CONTENT_ENCODING |
|
1 | |
| Close Session | - |
|
11 |
HTTP Session #8
| Information | Value |
|---|---|
| Server Name | ip-api.com |
| Server Port | 80 |
| Data Sent | 166 |
| Data Received | 168 |
| Operation | Additional Information | Success | Count | Logfile |
|---|---|---|---|---|
| Open Session | access_type = INTERNET_OPEN_TYPE_PRECONFIG |
|
1 | |
| Open Connection | protocol = HTTP, server_name = ip-api.com, server_port = 80 |
|
1 | |
| Open HTTP Request | http_verb = POST, http_version = HTTP 1.1, target_resource = /line/, accept_types = 0, flags = INTERNET_FLAG_KEEP_CONNECTION |
|
1 | |
| Add HTTP Request Headers | headers = Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1 |
|
1 | |
| Add HTTP Request Headers | headers = Accept-Language: ru-RU,ru;q=0.9,en;q=0.8 |
|
1 | |
| Add HTTP Request Headers | headers = Accept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1 |
|
1 | |
| Add HTTP Request Headers | headers = Accept-Encoding: deflate, gzip, x-gzip, identity, *;q=0 |
|
1 | |
| Add HTTP Request Headers | headers = Content-Type: multipart/form-data; boundary=1BEF0A57BE110FD467A |
|
1 | |
| Add HTTP Request Headers | headers = Content-Length: 25 |
|
1 | |
| Send HTTP Request | headers = WINHTTP_NO_ADDITIONAL_HEADERS, url = ip-api.com/line/ |
|
1 | |
| Query HTTP Info | flags = HTTP_QUERY_REFRESH |
|
1 | |
| Read Response | size = 1000, size_out = 168 |
|
1 | |
| Read Response | size = 1000, size_out = 0 |
|
1 | |
| Query HTTP Info | flags = HTTP_QUERY_CONTENT_ENCODING |
|
1 | |
| Close Session | - |
|
11 |
HTTP Session #9
| Information | Value |
|---|---|
| Server Name | supermen22.beget.tech |
| Server Port | 80 |
| Data Sent | 183 |
| Data Received | 0 |
| Operation | Additional Information | Success | Count | Logfile |
|---|---|---|---|---|
| Open Session | access_type = INTERNET_OPEN_TYPE_PRECONFIG |
|
1 | |
| Open Connection | protocol = HTTP, server_name = supermen22.beget.tech, server_port = 80 |
|
1 | |
| Open HTTP Request | http_verb = POST, http_version = HTTP 1.1, accept_types = 0, flags = INTERNET_FLAG_KEEP_CONNECTION |
|
1 | |
| Add HTTP Request Headers | headers = Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1 |
|
1 | |
| Add HTTP Request Headers | headers = Accept-Language: ru-RU,ru;q=0.9,en;q=0.8 |
|
1 | |
| Add HTTP Request Headers | headers = Accept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1 |
|
1 | |
| Add HTTP Request Headers | headers = Accept-Encoding: deflate, gzip, x-gzip, identity, *;q=0 |
|
1 | |
| Add HTTP Request Headers | headers = Content-Type: multipart/form-data; boundary=1BEF0A57BE110FD467A |
|
1 | |
| Add HTTP Request Headers | headers = Content-Length: 98304 |
|
1 | |
| Send HTTP Request | headers = WINHTTP_NO_ADDITIONAL_HEADERS, url = supermen22.beget.tech/ |
|
1 | |
| Query HTTP Info | flags = HTTP_QUERY_REFRESH |
|
1 | |
| Read Response | size = 1000, size_out = 0 |
|
1 | |
| Query HTTP Info | flags = HTTP_QUERY_CONTENT_ENCODING |
|
1 | |
| Close Session | - |
|
11 |
HTTP Session #10
| Information | Value |
|---|---|
| Server Name | supermen22.beget.tech |
| Server Port | 80 |
| Data Sent | 183 |
| Data Received | 0 |
| Operation | Additional Information | Success | Count | Logfile |
|---|---|---|---|---|
| Open Session | access_type = INTERNET_OPEN_TYPE_PRECONFIG |
|
1 | |
| Open Connection | protocol = HTTP, server_name = supermen22.beget.tech, server_port = 80 |
|
1 | |
| Open HTTP Request | http_verb = POST, http_version = HTTP 1.1, accept_types = 0, flags = INTERNET_FLAG_KEEP_CONNECTION |
|
1 | |
| Add HTTP Request Headers | headers = Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1 |
|
1 | |
| Add HTTP Request Headers | headers = Accept-Language: ru-RU,ru;q=0.9,en;q=0.8 |
|
1 | |
| Add HTTP Request Headers | headers = Accept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1 |
|
1 | |
| Add HTTP Request Headers | headers = Accept-Encoding: deflate, gzip, x-gzip, identity, *;q=0 |
|
1 | |
| Add HTTP Request Headers | headers = Content-Type: multipart/form-data; boundary=1BEF0A57BE110FD467A |
|
1 | |
| Add HTTP Request Headers | headers = Content-Length: 98304 |
|
1 | |
| Send HTTP Request | headers = WINHTTP_NO_ADDITIONAL_HEADERS, url = supermen22.beget.tech/ |
|
1 | |
| Query HTTP Info | flags = HTTP_QUERY_REFRESH |
|
1 | |
| Read Response | size = 1000, size_out = 0 |
|
1 | |
| Query HTTP Info | flags = HTTP_QUERY_CONTENT_ENCODING |
|
1 | |
| Close Session | - |
|
11 |
HTTP Session #11
| Information | Value |
|---|---|
| Server Name | supermen22.beget.tech |
| Server Port | 80 |
| Data Sent | 183 |
| Data Received | 0 |
| Operation | Additional Information | Success | Count | Logfile |
|---|---|---|---|---|
| Open Session | access_type = INTERNET_OPEN_TYPE_PRECONFIG |
|
1 | |
| Open Connection | protocol = HTTP, server_name = supermen22.beget.tech, server_port = 80 |
|
1 | |
| Open HTTP Request | http_verb = POST, http_version = HTTP 1.1, accept_types = 0, flags = INTERNET_FLAG_KEEP_CONNECTION |
|
1 | |
| Add HTTP Request Headers | headers = Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1 |
|
1 | |
| Add HTTP Request Headers | headers = Accept-Language: ru-RU,ru;q=0.9,en;q=0.8 |
|
1 | |
| Add HTTP Request Headers | headers = Accept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1 |
|
1 | |
| Add HTTP Request Headers | headers = Accept-Encoding: deflate, gzip, x-gzip, identity, *;q=0 |
|
1 | |
| Add HTTP Request Headers | headers = Content-Type: multipart/form-data; boundary=1BEF0A57BE110FD467A |
|
1 | |
| Add HTTP Request Headers | headers = Content-Length: 98304 |
|
1 | |
| Send HTTP Request | headers = WINHTTP_NO_ADDITIONAL_HEADERS, url = supermen22.beget.tech/ |
|
1 | |
| Query HTTP Info | flags = HTTP_QUERY_REFRESH |
|
1 | |
| Read Response | size = 1000, size_out = 0 |
|
1 | |
| Query HTTP Info | flags = HTTP_QUERY_CONTENT_ENCODING |
|
1 | |
| Close Session | - |
|
11 |
