CryptoWire Claims to be WanaCry4 | Files
Try VMRay Analyzer
File Information
Sample files count 1
Created files count 193
Modified files count 59
c:\users\5jghkoaofdp\desktop\wanacry6.malware.exe, ...
-
File Properties
Names c:\users\5jghkoaofdp\desktop\wanacry6.malware.exe (Sample File)
c:\progra~1\common~1\wanacry6.malware.exe (Created File)
Size 1.00 MB (1050112 bytes)
Hash Values MD5: d78bfdd6242361aa09a0e730ae9dc49a
SHA1: 5e301e5ee7ce8840bf9003df1f3d5cf3679f5753
SHA256: bc885443e29b027d5f307e2f3d36e70ba650d608604aeeea7e748c6dc948a8a6
Actions
PE Information
+
File Properties
Image Base 0x140000000
Entry Point 0x14002fa1c
Size Of Code 0xa8200
Size Of Initialized Data 0x58000
Size Of Uninitialized Data 0x0
Format x64
Type Executable
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
Machine Type IMAGE_FILE_MACHINE_AMD64
Compile Timestamp 2017-05-27 04:21:27
Compiler/Packer Unknown
Sections (6)
+
Name Virtual Address Virtual Size Raw Data Size Raw Data Offset Flags Entropy
.text 0x140001000 0xa8011 0xa8200 0x400 CNT_CODE, MEM_EXECUTE, MEM_READ 6.51
.rdata 0x1400aa000 0x2fb90 0x2fc00 0xa8600 CNT_INITIALIZED_DATA, MEM_READ 5.27
.data 0x1400da000 0xb230 0x5e00 0xd8200 CNT_INITIALIZED_DATA, MEM_READ, MEM_WRITE 1.16
.pdata 0x1400e6000 0x699c 0x6a00 0xde000 CNT_INITIALIZED_DATA, MEM_READ 5.81
.rsrc 0x1400ed000 0x1aec0 0x1b000 0xe4a00 CNT_INITIALIZED_DATA, MEM_READ 4.83
.reloc 0x140108000 0xa84 0xc00 0xffa00 CNT_INITIALIZED_DATA, MEM_DISCARDABLE, MEM_READ 5.15
Imports (530)
+
WSOCK32.dll (23)
+
API Name Ordinal IAT Address Thunk RVA Thunk Offset
WSACleanup 116 0x1400aafa8 0xd7718 0xd5d18
socket 23 0x1400aafb0 0xd7720 0xd5d20
inet_ntoa 12 0x1400aafb8 0xd7728 0xd5d28
setsockopt 21 0x1400aafc0 0xd7730 0xd5d30
ntohs 15 0x1400aafc8 0xd7738 0xd5d38
recvfrom 17 0x1400aafd0 0xd7740 0xd5d40
ioctlsocket 10 0x1400aafd8 0xd7748 0xd5d48
htons 9 0x1400aafe0 0xd7750 0xd5d50
WSAStartup 115 0x1400aafe8 0xd7758 0xd5d58
__WSAFDIsSet 151 0x1400aaff0 0xd7760 0xd5d60
select 18 0x1400aaff8 0xd7768 0xd5d68
accept 1 0x1400ab000 0xd7770 0xd5d70
listen 13 0x1400ab008 0xd7778 0xd5d78
bind 2 0x1400ab010 0xd7780 0xd5d80
closesocket 3 0x1400ab018 0xd7788 0xd5d88
WSAGetLastError 111 0x1400ab020 0xd7790 0xd5d90
recv 16 0x1400ab028 0xd7798 0xd5d98
sendto 20 0x1400ab030 0xd77a0 0xd5da0
send 19 0x1400ab038 0xd77a8 0xd5da8
inet_addr 11 0x1400ab040 0xd77b0 0xd5db0
gethostbyname 52 0x1400ab048 0xd77b8 0xd5db8
gethostname 57 0x1400ab050 0xd77c0 0xd5dc0
connect 4 0x1400ab058 0xd77c8 0xd5dc8
VERSION.dll (3)
+
API Name Ordinal IAT Address Thunk RVA Thunk Offset
GetFileVersionInfoW 0x0 0x1400aaef0 0xd7660 0xd5c60
GetFileVersionInfoSizeW 0x0 0x1400aaef8 0xd7668 0xd5c68
VerQueryValueW 0x0 0x1400aaf00 0xd7670 0xd5c70
WINMM.dll (3)
+
API Name Ordinal IAT Address Thunk RVA Thunk Offset
timeGetTime 0x0 0x1400aaf88 0xd76f8 0xd5cf8
waveOutSetVolume 0x0 0x1400aaf90 0xd7700 0xd5d00
mciSendStringW 0x0 0x1400aaf98 0xd7708 0xd5d08
COMCTL32.dll (11)
+
API Name Ordinal IAT Address Thunk RVA Thunk Offset
ImageList_ReplaceIcon 0x0 0x1400aa110 0xd6880 0xd4e80
ImageList_Destroy 0x0 0x1400aa118 0xd6888 0xd4e88
ImageList_Remove 0x0 0x1400aa120 0xd6890 0xd4e90
ImageList_SetDragCursorImage 0x0 0x1400aa128 0xd6898 0xd4e98
ImageList_BeginDrag 0x0 0x1400aa130 0xd68a0 0xd4ea0
ImageList_DragEnter 0x0 0x1400aa138 0xd68a8 0xd4ea8
ImageList_DragLeave 0x0 0x1400aa140 0xd68b0 0xd4eb0
ImageList_EndDrag 0x0 0x1400aa148 0xd68b8 0xd4eb8
ImageList_DragMove 0x0 0x1400aa150 0xd68c0 0xd4ec0
InitCommonControlsEx 0x0 0x1400aa158 0xd68c8 0xd4ec8
ImageList_Create 0x0 0x1400aa160 0xd68d0 0xd4ed0
MPR.dll (4)
+
API Name Ordinal IAT Address Thunk RVA Thunk Offset
WNetUseConnectionW 0x0 0x1400aa7f8 0xd6f68 0xd5568
WNetCancelConnection2W 0x0 0x1400aa800 0xd6f70 0xd5570
WNetGetConnectionW 0x0 0x1400aa808 0xd6f78 0xd5578
WNetAddConnection2W 0x0 0x1400aa810 0xd6f80 0xd5580
WININET.dll (14)
+
API Name Ordinal IAT Address Thunk RVA Thunk Offset
InternetQueryDataAvailable 0x0 0x1400aaf10 0xd7680 0xd5c80
InternetCloseHandle 0x0 0x1400aaf18 0xd7688 0xd5c88
InternetOpenW 0x0 0x1400aaf20 0xd7690 0xd5c90
InternetSetOptionW 0x0 0x1400aaf28 0xd7698 0xd5c98
InternetCrackUrlW 0x0 0x1400aaf30 0xd76a0 0xd5ca0
HttpQueryInfoW 0x0 0x1400aaf38 0xd76a8 0xd5ca8
InternetQueryOptionW 0x0 0x1400aaf40 0xd76b0 0xd5cb0
HttpOpenRequestW 0x0 0x1400aaf48 0xd76b8 0xd5cb8
HttpSendRequestW 0x0 0x1400aaf50 0xd76c0 0xd5cc0
FtpOpenFileW 0x0 0x1400aaf58 0xd76c8 0xd5cc8
FtpGetFileSize 0x0 0x1400aaf60 0xd76d0 0xd5cd0
InternetOpenUrlW 0x0 0x1400aaf68 0xd76d8 0xd5cd8
InternetReadFile 0x0 0x1400aaf70 0xd76e0 0xd5ce0
InternetConnectW 0x0 0x1400aaf78 0xd76e8 0xd5ce8
PSAPI.DLL (1)
+
API Name Ordinal IAT Address Thunk RVA Thunk Offset
GetProcessMemoryInfo 0x0 0x1400aa910 0xd7080 0xd5680
IPHLPAPI.DLL (3)
+
API Name Ordinal IAT Address Thunk RVA Thunk Offset
IcmpCreateFile 0x0 0x1400aa2a8 0xd6a18 0xd5018
IcmpCloseHandle 0x0 0x1400aa2b0 0xd6a20 0xd5020
IcmpSendEcho 0x0 0x1400aa2b8 0xd6a28 0xd5028
USERENV.dll (4)
+
API Name Ordinal IAT Address Thunk RVA Thunk Offset
DestroyEnvironmentBlock 0x0 0x1400aaeb8 0xd7628 0xd5c28
UnloadUserProfile 0x0 0x1400aaec0 0xd7630 0xd5c30
CreateEnvironmentBlock 0x0 0x1400aaec8 0xd7638 0xd5c38
LoadUserProfileW 0x0 0x1400aaed0 0xd7640 0xd5c40
UxTheme.dll (1)
+
API Name Ordinal IAT Address Thunk RVA Thunk Offset
IsThemeActive 0x0 0x1400aaee0 0xd7650 0xd5c50
KERNEL32.dll (165)
+
API Name Ordinal IAT Address Thunk RVA Thunk Offset
WaitForSingleObject 0x0 0x1400aa2c8 0xd6a38 0xd5038
HeapAlloc 0x0 0x1400aa2d0 0xd6a40 0xd5040
GetProcessHeap 0x0 0x1400aa2d8 0xd6a48 0xd5048
HeapFree 0x0 0x1400aa2e0 0xd6a50 0xd5050
Sleep 0x0 0x1400aa2e8 0xd6a58 0xd5058
GetCurrentThreadId 0x0 0x1400aa2f0 0xd6a60 0xd5060
MultiByteToWideChar 0x0 0x1400aa2f8 0xd6a68 0xd5068
MulDiv 0x0 0x1400aa300 0xd6a70 0xd5070
GetVersionExW 0x0 0x1400aa308 0xd6a78 0xd5078
IsWow64Process 0x0 0x1400aa310 0xd6a80 0xd5080
GetSystemInfo 0x0 0x1400aa318 0xd6a88 0xd5088
FreeLibrary 0x0 0x1400aa320 0xd6a90 0xd5090
LoadLibraryA 0x0 0x1400aa328 0xd6a98 0xd5098
GetProcAddress 0x0 0x1400aa330 0xd6aa0 0xd50a0
SetErrorMode 0x0 0x1400aa338 0xd6aa8 0xd50a8
GetModuleFileNameW 0x0 0x1400aa340 0xd6ab0 0xd50b0
WideCharToMultiByte 0x0 0x1400aa348 0xd6ab8 0xd50b8
lstrcpyW 0x0 0x1400aa350 0xd6ac0 0xd50c0
lstrlenW 0x0 0x1400aa358 0xd6ac8 0xd50c8
GetModuleHandleW 0x0 0x1400aa360 0xd6ad0 0xd50d0
QueryPerformanceCounter 0x0 0x1400aa368 0xd6ad8 0xd50d8
VirtualFreeEx 0x0 0x1400aa370 0xd6ae0 0xd50e0
OpenProcess 0x0 0x1400aa378 0xd6ae8 0xd50e8
VirtualAllocEx 0x0 0x1400aa380 0xd6af0 0xd50f0
WriteProcessMemory 0x0 0x1400aa388 0xd6af8 0xd50f8
ReadProcessMemory 0x0 0x1400aa390 0xd6b00 0xd5100
CreateFileW 0x0 0x1400aa398 0xd6b08 0xd5108
SetFilePointerEx 0x0 0x1400aa3a0 0xd6b10 0xd5110
SetEndOfFile 0x0 0x1400aa3a8 0xd6b18 0xd5118
ReadFile 0x0 0x1400aa3b0 0xd6b20 0xd5120
WriteFile 0x0 0x1400aa3b8 0xd6b28 0xd5128
FlushFileBuffers 0x0 0x1400aa3c0 0xd6b30 0xd5130
TerminateProcess 0x0 0x1400aa3c8 0xd6b38 0xd5138
CreateToolhelp32Snapshot 0x0 0x1400aa3d0 0xd6b40 0xd5140
Process32FirstW 0x0 0x1400aa3d8 0xd6b48 0xd5148
Process32NextW 0x0 0x1400aa3e0 0xd6b50 0xd5150
SetFileTime 0x0 0x1400aa3e8 0xd6b58 0xd5158
GetFileAttributesW 0x0 0x1400aa3f0 0xd6b60 0xd5160
FindFirstFileW 0x0 0x1400aa3f8 0xd6b68 0xd5168
FindClose 0x0 0x1400aa400 0xd6b70 0xd5170
GetLongPathNameW 0x0 0x1400aa408 0xd6b78 0xd5178
GetShortPathNameW 0x0 0x1400aa410 0xd6b80 0xd5180
CloseHandle 0x0 0x1400aa418 0xd6b88 0xd5188
FindNextFileW 0x0 0x1400aa420 0xd6b90 0xd5190
CopyFileExW 0x0 0x1400aa428 0xd6b98 0xd5198
MoveFileW 0x0 0x1400aa430 0xd6ba0 0xd51a0
CreateDirectoryW 0x0 0x1400aa438 0xd6ba8 0xd51a8
RemoveDirectoryW 0x0 0x1400aa440 0xd6bb0 0xd51b0
SetSystemPowerState 0x0 0x1400aa448 0xd6bb8 0xd51b8
QueryPerformanceFrequency 0x0 0x1400aa450 0xd6bc0 0xd51c0
FindResourceW 0x0 0x1400aa458 0xd6bc8 0xd51c8
LoadResource 0x0 0x1400aa460 0xd6bd0 0xd51d0
LockResource 0x0 0x1400aa468 0xd6bd8 0xd51d8
SizeofResource 0x0 0x1400aa470 0xd6be0 0xd51e0
EnumResourceNamesW 0x0 0x1400aa478 0xd6be8 0xd51e8
OutputDebugStringW 0x0 0x1400aa480 0xd6bf0 0xd51f0
GetTempPathW 0x0 0x1400aa488 0xd6bf8 0xd51f8
GetTempFileNameW 0x0 0x1400aa490 0xd6c00 0xd5200
DeviceIoControl 0x0 0x1400aa498 0xd6c08 0xd5208
GetLocalTime 0x0 0x1400aa4a0 0xd6c10 0xd5210
CompareStringW 0x0 0x1400aa4a8 0xd6c18 0xd5218
CreateThread 0x0 0x1400aa4b0 0xd6c20 0xd5220
LeaveCriticalSection 0x0 0x1400aa4b8 0xd6c28 0xd5228
GetStdHandle 0x0 0x1400aa4c0 0xd6c30 0xd5230
CreatePipe 0x0 0x1400aa4c8 0xd6c38 0xd5238
TerminateThread 0x0 0x1400aa4d0 0xd6c40 0xd5240
LoadLibraryExW 0x0 0x1400aa4d8 0xd6c48 0xd5248
FindResourceExW 0x0 0x1400aa4e0 0xd6c50 0xd5250
CopyFileW 0x0 0x1400aa4e8 0xd6c58 0xd5258
VirtualFree 0x0 0x1400aa4f0 0xd6c60 0xd5260
FormatMessageW 0x0 0x1400aa4f8 0xd6c68 0xd5268
GetExitCodeProcess 0x0 0x1400aa500 0xd6c70 0xd5270
GetPrivateProfileStringW 0x0 0x1400aa508 0xd6c78 0xd5278
WritePrivateProfileStringW 0x0 0x1400aa510 0xd6c80 0xd5280
GetPrivateProfileSectionW 0x0 0x1400aa518 0xd6c88 0xd5288
WritePrivateProfileSectionW 0x0 0x1400aa520 0xd6c90 0xd5290
GetPrivateProfileSectionNamesW 0x0 0x1400aa528 0xd6c98 0xd5298
FileTimeToLocalFileTime 0x0 0x1400aa530 0xd6ca0 0xd52a0
FileTimeToSystemTime 0x0 0x1400aa538 0xd6ca8 0xd52a8
SystemTimeToFileTime 0x0 0x1400aa540 0xd6cb0 0xd52b0
LocalFileTimeToFileTime 0x0 0x1400aa548 0xd6cb8 0xd52b8
GetDriveTypeW 0x0 0x1400aa550 0xd6cc0 0xd52c0
GetDiskFreeSpaceExW 0x0 0x1400aa558 0xd6cc8 0xd52c8
GetDiskFreeSpaceW 0x0 0x1400aa560 0xd6cd0 0xd52d0
GetVolumeInformationW 0x0 0x1400aa568 0xd6cd8 0xd52d8
SetVolumeLabelW 0x0 0x1400aa570 0xd6ce0 0xd52e0
CreateHardLinkW 0x0 0x1400aa578 0xd6ce8 0xd52e8
SetFileAttributesW 0x0 0x1400aa580 0xd6cf0 0xd52f0
CreateEventW 0x0 0x1400aa588 0xd6cf8 0xd52f8
SetEvent 0x0 0x1400aa590 0xd6d00 0xd5300
GetEnvironmentVariableW 0x0 0x1400aa598 0xd6d08 0xd5308
SetEnvironmentVariableW 0x0 0x1400aa5a0 0xd6d10 0xd5310
GlobalLock 0x0 0x1400aa5a8 0xd6d18 0xd5318
GlobalUnlock 0x0 0x1400aa5b0 0xd6d20 0xd5320
GlobalAlloc 0x0 0x1400aa5b8 0xd6d28 0xd5328
GetFileSize 0x0 0x1400aa5c0 0xd6d30 0xd5330
GlobalFree 0x0 0x1400aa5c8 0xd6d38 0xd5338
GlobalMemoryStatusEx 0x0 0x1400aa5d0 0xd6d40 0xd5340
Beep 0x0 0x1400aa5d8 0xd6d48 0xd5348
GetSystemDirectoryW 0x0 0x1400aa5e0 0xd6d50 0xd5350
HeapReAlloc 0x0 0x1400aa5e8 0xd6d58 0xd5358
HeapSize 0x0 0x1400aa5f0 0xd6d60 0xd5360
GetComputerNameW 0x0 0x1400aa5f8 0xd6d68 0xd5368
GetWindowsDirectoryW 0x0 0x1400aa600 0xd6d70 0xd5370
GetCurrentProcessId 0x0 0x1400aa608 0xd6d78 0xd5378
GetProcessIoCounters 0x0 0x1400aa610 0xd6d80 0xd5380
CreateProcessW 0x0 0x1400aa618 0xd6d88 0xd5388
GetProcessId 0x0 0x1400aa620 0xd6d90 0xd5390
SetPriorityClass 0x0 0x1400aa628 0xd6d98 0xd5398
LoadLibraryW 0x0 0x1400aa630 0xd6da0 0xd53a0
VirtualAlloc 0x0 0x1400aa638 0xd6da8 0xd53a8
GetFullPathNameW 0x0 0x1400aa640 0xd6db0 0xd53b0
SetCurrentDirectoryW 0x0 0x1400aa648 0xd6db8 0xd53b8
IsDebuggerPresent 0x0 0x1400aa650 0xd6dc0 0xd53c0
GetCurrentDirectoryW 0x0 0x1400aa658 0xd6dc8 0xd53c8
lstrcmpiW 0x0 0x1400aa660 0xd6dd0 0xd53d0
DecodePointer 0x0 0x1400aa668 0xd6dd8 0xd53d8
GetLastError 0x0 0x1400aa670 0xd6de0 0xd53e0
RaiseException 0x0 0x1400aa678 0xd6de8 0xd53e8
InitializeCriticalSectionAndSpinCount 0x0 0x1400aa680 0xd6df0 0xd53f0
DeleteCriticalSection 0x0 0x1400aa688 0xd6df8 0xd53f8
EncodePointer 0x0 0x1400aa690 0xd6e00 0xd5400
DuplicateHandle 0x0 0x1400aa698 0xd6e08 0xd5408
GetCurrentProcess 0x0 0x1400aa6a0 0xd6e10 0xd5410
EnterCriticalSection 0x0 0x1400aa6a8 0xd6e18 0xd5418
GetCurrentThread 0x0 0x1400aa6b0 0xd6e20 0xd5420
ExitProcess 0x0 0x1400aa6b8 0xd6e28 0xd5428
GetModuleHandleExW 0x0 0x1400aa6c0 0xd6e30 0xd5430
ExitThread 0x0 0x1400aa6c8 0xd6e38 0xd5438
GetSystemTimeAsFileTime 0x0 0x1400aa6d0 0xd6e40 0xd5440
ResumeThread 0x0 0x1400aa6d8 0xd6e48 0xd5448
GetCommandLineW 0x0 0x1400aa6e0 0xd6e50 0xd5450
IsProcessorFeaturePresent 0x0 0x1400aa6e8 0xd6e58 0xd5458
RtlPcToFileHeader 0x0 0x1400aa6f0 0xd6e60 0xd5460
RtlUnwindEx 0x0 0x1400aa6f8 0xd6e68 0xd5468
IsValidCodePage 0x0 0x1400aa700 0xd6e70 0xd5470
GetACP 0x0 0x1400aa708 0xd6e78 0xd5478
GetOEMCP 0x0 0x1400aa710 0xd6e80 0xd5480
GetCPInfo 0x0 0x1400aa718 0xd6e88 0xd5488
SetLastError 0x0 0x1400aa720 0xd6e90 0xd5490
RtlCaptureContext 0x0 0x1400aa728 0xd6e98 0xd5498
RtlLookupFunctionEntry 0x0 0x1400aa730 0xd6ea0 0xd54a0
RtlVirtualUnwind 0x0 0x1400aa738 0xd6ea8 0xd54a8
UnhandledExceptionFilter 0x0 0x1400aa740 0xd6eb0 0xd54b0
SetUnhandledExceptionFilter 0x0 0x1400aa748 0xd6eb8 0xd54b8
TlsAlloc 0x0 0x1400aa750 0xd6ec0 0xd54c0
TlsGetValue 0x0 0x1400aa758 0xd6ec8 0xd54c8
TlsSetValue 0x0 0x1400aa760 0xd6ed0 0xd54d0
TlsFree 0x0 0x1400aa768 0xd6ed8 0xd54d8
GetStartupInfoW 0x0 0x1400aa770 0xd6ee0 0xd54e0
GetStringTypeW 0x0 0x1400aa778 0xd6ee8 0xd54e8
SetStdHandle 0x0 0x1400aa780 0xd6ef0 0xd54f0
GetFileType 0x0 0x1400aa788 0xd6ef8 0xd54f8
GetConsoleCP 0x0 0x1400aa790 0xd6f00 0xd5500
GetConsoleMode 0x0 0x1400aa798 0xd6f08 0xd5508
ReadConsoleW 0x0 0x1400aa7a0 0xd6f10 0xd5510
GetTimeZoneInformation 0x0 0x1400aa7a8 0xd6f18 0xd5518
GetDateFormatW 0x0 0x1400aa7b0 0xd6f20 0xd5520
GetTimeFormatW 0x0 0x1400aa7b8 0xd6f28 0xd5528
LCMapStringW 0x0 0x1400aa7c0 0xd6f30 0xd5530
GetEnvironmentStringsW 0x0 0x1400aa7c8 0xd6f38 0xd5538
FreeEnvironmentStringsW 0x0 0x1400aa7d0 0xd6f40 0xd5540
WriteConsoleW 0x0 0x1400aa7d8 0xd6f48 0xd5548
DeleteFileW 0x0 0x1400aa7e0 0xd6f50 0xd5550
SetEnvironmentVariableA 0x0 0x1400aa7e8 0xd6f58 0xd5558
USER32.dll (162)
+
API Name Ordinal IAT Address Thunk RVA Thunk Offset
RegisterHotKey 0x0 0x1400aa9a0 0xd7110 0xd5710
ClientToScreen 0x0 0x1400aa9a8 0xd7118 0xd5718
GetKeyboardLayoutNameW 0x0 0x1400aa9b0 0xd7120 0xd5720
IsCharAlphaW 0x0 0x1400aa9b8 0xd7128 0xd5728
IsCharAlphaNumericW 0x0 0x1400aa9c0 0xd7130 0xd5730
IsCharLowerW 0x0 0x1400aa9c8 0xd7138 0xd5738
IsCharUpperW 0x0 0x1400aa9d0 0xd7140 0xd5740
GetMenuStringW 0x0 0x1400aa9d8 0xd7148 0xd5748
GetSubMenu 0x0 0x1400aa9e0 0xd7150 0xd5750
GetCaretPos 0x0 0x1400aa9e8 0xd7158 0xd5758
IsZoomed 0x0 0x1400aa9f0 0xd7160 0xd5760
GetWindowLongW 0x0 0x1400aa9f8 0xd7168 0xd5768
MonitorFromPoint 0x0 0x1400aaa00 0xd7170 0xd5770
GetMonitorInfoW 0x0 0x1400aaa08 0xd7178 0xd5778
SetWindowLongW 0x0 0x1400aaa10 0xd7180 0xd5780
SetLayeredWindowAttributes 0x0 0x1400aaa18 0xd7188 0xd5788
FlashWindow 0x0 0x1400aaa20 0xd7190 0xd5790
GetClassLongPtrW 0x0 0x1400aaa28 0xd7198 0xd5798
TranslateAcceleratorW 0x0 0x1400aaa30 0xd71a0 0xd57a0
IsDialogMessageW 0x0 0x1400aaa38 0xd71a8 0xd57a8
GetSysColor 0x0 0x1400aaa40 0xd71b0 0xd57b0
InflateRect 0x0 0x1400aaa48 0xd71b8 0xd57b8
DrawFocusRect 0x0 0x1400aaa50 0xd71c0 0xd57c0
DrawTextW 0x0 0x1400aaa58 0xd71c8 0xd57c8
FrameRect 0x0 0x1400aaa60 0xd71d0 0xd57d0
DrawFrameControl 0x0 0x1400aaa68 0xd71d8 0xd57d8
FillRect 0x0 0x1400aaa70 0xd71e0 0xd57e0
PtInRect 0x0 0x1400aaa78 0xd71e8 0xd57e8
DestroyAcceleratorTable 0x0 0x1400aaa80 0xd71f0 0xd57f0
CreateAcceleratorTableW 0x0 0x1400aaa88 0xd71f8 0xd57f8
SetCursor 0x0 0x1400aaa90 0xd7200 0xd5800
GetWindowDC 0x0 0x1400aaa98 0xd7208 0xd5808
GetSystemMetrics 0x0 0x1400aaaa0 0xd7210 0xd5810
SetWindowLongPtrW 0x0 0x1400aaaa8 0xd7218 0xd5818
GetActiveWindow 0x0 0x1400aaab0 0xd7220 0xd5820
CharNextW 0x0 0x1400aaab8 0xd7228 0xd5828
wsprintfW 0x0 0x1400aaac0 0xd7230 0xd5830
RedrawWindow 0x0 0x1400aaac8 0xd7238 0xd5838
DrawMenuBar 0x0 0x1400aaad0 0xd7240 0xd5840
DestroyMenu 0x0 0x1400aaad8 0xd7248 0xd5848
SetMenu 0x0 0x1400aaae0 0xd7250 0xd5850
GetWindowTextLengthW 0x0 0x1400aaae8 0xd7258 0xd5858
CreateMenu 0x0 0x1400aaaf0 0xd7260 0xd5860
IsDlgButtonChecked 0x0 0x1400aaaf8 0xd7268 0xd5868
DefDlgProcW 0x0 0x1400aab00 0xd7270 0xd5870
CallWindowProcW 0x0 0x1400aab08 0xd7278 0xd5878
ReleaseCapture 0x0 0x1400aab10 0xd7280 0xd5880
SetCapture 0x0 0x1400aab18 0xd7288 0xd5888
UnregisterHotKey 0x0 0x1400aab20 0xd7290 0xd5890
CharLowerBuffW 0x0 0x1400aab28 0xd7298 0xd5898
MonitorFromRect 0x0 0x1400aab30 0xd72a0 0xd58a0
LoadImageW 0x0 0x1400aab38 0xd72a8 0xd58a8
CreateIconFromResourceEx 0x0 0x1400aab40 0xd72b0 0xd58b0
mouse_event 0x0 0x1400aab48 0xd72b8 0xd58b8
ExitWindowsEx 0x0 0x1400aab50 0xd72c0 0xd58c0
SetActiveWindow 0x0 0x1400aab58 0xd72c8 0xd58c8
FindWindowExW 0x0 0x1400aab60 0xd72d0 0xd58d0
EnumThreadWindows 0x0 0x1400aab68 0xd72d8 0xd58d8
SetMenuDefaultItem 0x0 0x1400aab70 0xd72e0 0xd58e0
InsertMenuItemW 0x0 0x1400aab78 0xd72e8 0xd58e8
IsMenu 0x0 0x1400aab80 0xd72f0 0xd58f0
GetCursorInfo 0x0 0x1400aab88 0xd72f8 0xd58f8
GetCursorPos 0x0 0x1400aab90 0xd7300 0xd5900
DeleteMenu 0x0 0x1400aab98 0xd7308 0xd5908
CheckMenuRadioItem 0x0 0x1400aaba0 0xd7310 0xd5910
GetMenuItemID 0x0 0x1400aaba8 0xd7318 0xd5918
GetMenuItemCount 0x0 0x1400aabb0 0xd7320 0xd5920
SetMenuItemInfoW 0x0 0x1400aabb8 0xd7328 0xd5928
GetMenuItemInfoW 0x0 0x1400aabc0 0xd7330 0xd5930
SetForegroundWindow 0x0 0x1400aabc8 0xd7338 0xd5938
IsIconic 0x0 0x1400aabd0 0xd7340 0xd5940
TranslateMessage 0x0 0x1400aabd8 0xd7348 0xd5948
SystemParametersInfoW 0x0 0x1400aabe0 0xd7350 0xd5950
keybd_event 0x0 0x1400aabe8 0xd7358 0xd5958
SendInput 0x0 0x1400aabf0 0xd7360 0xd5960
GetAsyncKeyState 0x0 0x1400aabf8 0xd7368 0xd5968
SetKeyboardState 0x0 0x1400aac00 0xd7370 0xd5970
GetKeyboardState 0x0 0x1400aac08 0xd7378 0xd5978
GetKeyState 0x0 0x1400aac10 0xd7380 0xd5980
VkKeyScanW 0x0 0x1400aac18 0xd7388 0xd5988
LoadStringW 0x0 0x1400aac20 0xd7390 0xd5990
DialogBoxParamW 0x0 0x1400aac28 0xd7398 0xd5998
MessageBeep 0x0 0x1400aac30 0xd73a0 0xd59a0
EndDialog 0x0 0x1400aac38 0xd73a8 0xd59a8
SendDlgItemMessageW 0x0 0x1400aac40 0xd73b0 0xd59b0
GetDlgItem 0x0 0x1400aac48 0xd73b8 0xd59b8
SetWindowTextW 0x0 0x1400aac50 0xd73c0 0xd59c0
CopyRect 0x0 0x1400aac58 0xd73c8 0xd59c8
ReleaseDC 0x0 0x1400aac60 0xd73d0 0xd59d0
GetDC 0x0 0x1400aac68 0xd73d8 0xd59d8
EndPaint 0x0 0x1400aac70 0xd73e0 0xd59e0
BeginPaint 0x0 0x1400aac78 0xd73e8 0xd59e8
GetClientRect 0x0 0x1400aac80 0xd73f0 0xd59f0
GetMenu 0x0 0x1400aac88 0xd73f8 0xd59f8
DestroyWindow 0x0 0x1400aac90 0xd7400 0xd5a00
EnumWindows 0x0 0x1400aac98 0xd7408 0xd5a08
GetDesktopWindow 0x0 0x1400aaca0 0xd7410 0xd5a10
IsWindow 0x0 0x1400aaca8 0xd7418 0xd5a18
IsWindowEnabled 0x0 0x1400aacb0 0xd7420 0xd5a20
IsWindowVisible 0x0 0x1400aacb8 0xd7428 0xd5a28
EnableWindow 0x0 0x1400aacc0 0xd7430 0xd5a30
InvalidateRect 0x0 0x1400aacc8 0xd7438 0xd5a38
GetWindowLongPtrW 0x0 0x1400aacd0 0xd7440 0xd5a40
GetWindowThreadProcessId 0x0 0x1400aacd8 0xd7448 0xd5a48
AttachThreadInput 0x0 0x1400aace0 0xd7450 0xd5a50
GetFocus 0x0 0x1400aace8 0xd7458 0xd5a58
GetWindowTextW 0x0 0x1400aacf0 0xd7460 0xd5a60
SendMessageTimeoutW 0x0 0x1400aacf8 0xd7468 0xd5a68
EnumChildWindows 0x0 0x1400aad00 0xd7470 0xd5a70
CharUpperBuffW 0x0 0x1400aad08 0xd7478 0xd5a78
GetClassNameW 0x0 0x1400aad10 0xd7480 0xd5a80
GetParent 0x0 0x1400aad18 0xd7488 0xd5a88
GetDlgCtrlID 0x0 0x1400aad20 0xd7490 0xd5a90
SendMessageW 0x0 0x1400aad28 0xd7498 0xd5a98
MapVirtualKeyW 0x0 0x1400aad30 0xd74a0 0xd5aa0
PostMessageW 0x0 0x1400aad38 0xd74a8 0xd5aa8
GetWindowRect 0x0 0x1400aad40 0xd74b0 0xd5ab0
SetUserObjectSecurity 0x0 0x1400aad48 0xd74b8 0xd5ab8
CloseDesktop 0x0 0x1400aad50 0xd74c0 0xd5ac0
CloseWindowStation 0x0 0x1400aad58 0xd74c8 0xd5ac8
OpenDesktopW 0x0 0x1400aad60 0xd74d0 0xd5ad0
SetProcessWindowStation 0x0 0x1400aad68 0xd74d8 0xd5ad8
GetProcessWindowStation 0x0 0x1400aad70 0xd74e0 0xd5ae0
SetWindowPos 0x0 0x1400aad78 0xd74e8 0xd5ae8
CopyImage 0x0 0x1400aad80 0xd74f0 0xd5af0
AdjustWindowRectEx 0x0 0x1400aad88 0xd74f8 0xd5af8
SetRect 0x0 0x1400aad90 0xd7500 0xd5b00
SetClipboardData 0x0 0x1400aad98 0xd7508 0xd5b08
EmptyClipboard 0x0 0x1400aada0 0xd7510 0xd5b10
CountClipboardFormats 0x0 0x1400aada8 0xd7518 0xd5b18
CloseClipboard 0x0 0x1400aadb0 0xd7520 0xd5b20
GetClipboardData 0x0 0x1400aadb8 0xd7528 0xd5b28
IsClipboardFormatAvailable 0x0 0x1400aadc0 0xd7530 0xd5b30
OpenClipboard 0x0 0x1400aadc8 0xd7538 0xd5b38
BlockInput 0x0 0x1400aadd0 0xd7540 0xd5b40
GetMessageW 0x0 0x1400aadd8 0xd7548 0xd5b48
LockWindowUpdate 0x0 0x1400aade0 0xd7550 0xd5b50
TrackPopupMenuEx 0x0 0x1400aade8 0xd7558 0xd5b58
DispatchMessageW 0x0 0x1400aadf0 0xd7560 0xd5b60
OpenWindowStationW 0x0 0x1400aadf8 0xd7568 0xd5b68
GetUserObjectSecurity 0x0 0x1400aae00 0xd7570 0xd5b70
MessageBoxW 0x0 0x1400aae08 0xd7578 0xd5b78
DefWindowProcW 0x0 0x1400aae10 0xd7580 0xd5b80
MoveWindow 0x0 0x1400aae18 0xd7588 0xd5b88
SetFocus 0x0 0x1400aae20 0xd7590 0xd5b90
PostQuitMessage 0x0 0x1400aae28 0xd7598 0xd5b98
KillTimer 0x0 0x1400aae30 0xd75a0 0xd5ba0
CreatePopupMenu 0x0 0x1400aae38 0xd75a8 0xd5ba8
RegisterWindowMessageW 0x0 0x1400aae40 0xd75b0 0xd5bb0
SetTimer 0x0 0x1400aae48 0xd75b8 0xd5bb8
ShowWindow 0x0 0x1400aae50 0xd75c0 0xd5bc0
CreateWindowExW 0x0 0x1400aae58 0xd75c8 0xd5bc8
RegisterClassExW 0x0 0x1400aae60 0xd75d0 0xd5bd0
LoadIconW 0x0 0x1400aae68 0xd75d8 0xd5bd8
LoadCursorW 0x0 0x1400aae70 0xd75e0 0xd5be0
GetSysColorBrush 0x0 0x1400aae78 0xd75e8 0xd5be8
GetForegroundWindow 0x0 0x1400aae80 0xd75f0 0xd5bf0
MessageBoxA 0x0 0x1400aae88 0xd75f8 0xd5bf8
DestroyIcon 0x0 0x1400aae90 0xd7600 0xd5c00
FindWindowW 0x0 0x1400aae98 0xd7608 0xd5c08
PeekMessageW 0x0 0x1400aaea0 0xd7610 0xd5c10
ScreenToClient 0x0 0x1400aaea8 0xd7618 0xd5c18
GDI32.dll (35)
+
API Name Ordinal IAT Address Thunk RVA Thunk Offset
StrokePath 0x0 0x1400aa188 0xd68f8 0xd4ef8
DeleteObject 0x0 0x1400aa190 0xd6900 0xd4f00
GetTextExtentPoint32W 0x0 0x1400aa198 0xd6908 0xd4f08
ExtCreatePen 0x0 0x1400aa1a0 0xd6910 0xd4f10
GetDeviceCaps 0x0 0x1400aa1a8 0xd6918 0xd4f18
EndPath 0x0 0x1400aa1b0 0xd6920 0xd4f20
SetPixel 0x0 0x1400aa1b8 0xd6928 0xd4f28
CloseFigure 0x0 0x1400aa1c0 0xd6930 0xd4f30
LineTo 0x0 0x1400aa1c8 0xd6938 0xd4f38
AngleArc 0x0 0x1400aa1d0 0xd6940 0xd4f40
MoveToEx 0x0 0x1400aa1d8 0xd6948 0xd4f48
CreateCompatibleBitmap 0x0 0x1400aa1e0 0xd6950 0xd4f50
CreateCompatibleDC 0x0 0x1400aa1e8 0xd6958 0xd4f58
Ellipse 0x0 0x1400aa1f0 0xd6960 0xd4f60
PolyDraw 0x0 0x1400aa1f8 0xd6968 0xd4f68
BeginPath 0x0 0x1400aa200 0xd6970 0xd4f70
Rectangle 0x0 0x1400aa208 0xd6978 0xd4f78
SetViewportOrgEx 0x0 0x1400aa210 0xd6980 0xd4f80
SelectObject 0x0 0x1400aa218 0xd6988 0xd4f88
StretchBlt 0x0 0x1400aa220 0xd6990 0xd4f90
GetDIBits 0x0 0x1400aa228 0xd6998 0xd4f98
DeleteDC 0x0 0x1400aa230 0xd69a0 0xd4fa0
GetPixel 0x0 0x1400aa238 0xd69a8 0xd4fa8
CreateDCW 0x0 0x1400aa240 0xd69b0 0xd4fb0
GetObjectW 0x0 0x1400aa248 0xd69b8 0xd4fb8
SetBkMode 0x0 0x1400aa250 0xd69c0 0xd4fc0
RoundRect 0x0 0x1400aa258 0xd69c8 0xd4fc8
SetBkColor 0x0 0x1400aa260 0xd69d0 0xd4fd0
CreatePen 0x0 0x1400aa268 0xd69d8 0xd4fd8
CreateSolidBrush 0x0 0x1400aa270 0xd69e0 0xd4fe0
SetTextColor 0x0 0x1400aa278 0xd69e8 0xd4fe8
CreateFontW 0x0 0x1400aa280 0xd69f0 0xd4ff0
GetTextFaceW 0x0 0x1400aa288 0xd69f8 0xd4ff8
GetStockObject 0x0 0x1400aa290 0xd6a00 0xd5000
StrokeAndFillPath 0x0 0x1400aa298 0xd6a08 0xd5008
COMDLG32.dll (2)
+
API Name Ordinal IAT Address Thunk RVA Thunk Offset
GetOpenFileNameW 0x0 0x1400aa170 0xd68e0 0xd4ee0
GetSaveFileNameW 0x0 0x1400aa178 0xd68e8 0xd4ee8
ADVAPI32.dll (33)
+
API Name Ordinal IAT Address Thunk RVA Thunk Offset
GetAce 0x0 0x1400aa000 0xd6770 0xd4d70
RegEnumValueW 0x0 0x1400aa008 0xd6778 0xd4d78
RegDeleteValueW 0x0 0x1400aa010 0xd6780 0xd4d80
RegDeleteKeyW 0x0 0x1400aa018 0xd6788 0xd4d88
RegEnumKeyExW 0x0 0x1400aa020 0xd6790 0xd4d90
RegSetValueExW 0x0 0x1400aa028 0xd6798 0xd4d98
RegOpenKeyExW 0x0 0x1400aa030 0xd67a0 0xd4da0
RegCloseKey 0x0 0x1400aa038 0xd67a8 0xd4da8
RegQueryValueExW 0x0 0x1400aa040 0xd67b0 0xd4db0
RegConnectRegistryW 0x0 0x1400aa048 0xd67b8 0xd4db8
InitializeSecurityDescriptor 0x0 0x1400aa050 0xd67c0 0xd4dc0
InitializeAcl 0x0 0x1400aa058 0xd67c8 0xd4dc8
AdjustTokenPrivileges 0x0 0x1400aa060 0xd67d0 0xd4dd0
OpenThreadToken 0x0 0x1400aa068 0xd67d8 0xd4dd8
OpenProcessToken 0x0 0x1400aa070 0xd67e0 0xd4de0
LookupPrivilegeValueW 0x0 0x1400aa078 0xd67e8 0xd4de8
DuplicateTokenEx 0x0 0x1400aa080 0xd67f0 0xd4df0
CreateProcessAsUserW 0x0 0x1400aa088 0xd67f8 0xd4df8
CreateProcessWithLogonW 0x0 0x1400aa090 0xd6800 0xd4e00
GetLengthSid 0x0 0x1400aa098 0xd6808 0xd4e08
CopySid 0x0 0x1400aa0a0 0xd6810 0xd4e10
LogonUserW 0x0 0x1400aa0a8 0xd6818 0xd4e18
AllocateAndInitializeSid 0x0 0x1400aa0b0 0xd6820 0xd4e20
CheckTokenMembership 0x0 0x1400aa0b8 0xd6828 0xd4e28
RegCreateKeyExW 0x0 0x1400aa0c0 0xd6830 0xd4e30
FreeSid 0x0 0x1400aa0c8 0xd6838 0xd4e38
GetTokenInformation 0x0 0x1400aa0d0 0xd6840 0xd4e40
GetSecurityDescriptorDacl 0x0 0x1400aa0d8 0xd6848 0xd4e48
GetAclInformation 0x0 0x1400aa0e0 0xd6850 0xd4e50
AddAce 0x0 0x1400aa0e8 0xd6858 0xd4e58
SetSecurityDescriptorDacl 0x0 0x1400aa0f0 0xd6860 0xd4e60
GetUserNameW 0x0 0x1400aa0f8 0xd6868 0xd4e68
InitiateSystemShutdownExW 0x0 0x1400aa100 0xd6870 0xd4e70
SHELL32.dll (15)
+
API Name Ordinal IAT Address Thunk RVA Thunk Offset
DragQueryPoint 0x0 0x1400aa920 0xd7090 0xd5690
ShellExecuteExW 0x0 0x1400aa928 0xd7098 0xd5698
DragQueryFileW 0x0 0x1400aa930 0xd70a0 0xd56a0
SHEmptyRecycleBinW 0x0 0x1400aa938 0xd70a8 0xd56a8
SHGetPathFromIDListW 0x0 0x1400aa940 0xd70b0 0xd56b0
SHBrowseForFolderW 0x0 0x1400aa948 0xd70b8 0xd56b8
SHCreateShellItem 0x0 0x1400aa950 0xd70c0 0xd56c0
SHGetDesktopFolder 0x0 0x1400aa958 0xd70c8 0xd56c8
SHGetSpecialFolderLocation 0x0 0x1400aa960 0xd70d0 0xd56d0
SHGetFolderPathW 0x0 0x1400aa968 0xd70d8 0xd56d8
SHFileOperationW 0x0 0x1400aa970 0xd70e0 0xd56e0
ExtractIconExW 0x0 0x1400aa978 0xd70e8 0xd56e8
Shell_NotifyIconW 0x0 0x1400aa980 0xd70f0 0xd56f0
ShellExecuteW 0x0 0x1400aa988 0xd70f8 0xd56f8
DragFinish 0x0 0x1400aa990 0xd7100 0xd5700
ole32.dll (22)
+
API Name Ordinal IAT Address Thunk RVA Thunk Offset
CoTaskMemAlloc 0x0 0x1400ab068 0xd77d8 0xd5dd8
CoTaskMemFree 0x0 0x1400ab070 0xd77e0 0xd5de0
CLSIDFromString 0x0 0x1400ab078 0xd77e8 0xd5de8
ProgIDFromCLSID 0x0 0x1400ab080 0xd77f0 0xd5df0
CLSIDFromProgID 0x0 0x1400ab088 0xd77f8 0xd5df8
OleSetMenuDescriptor 0x0 0x1400ab090 0xd7800 0xd5e00
MkParseDisplayName 0x0 0x1400ab098 0xd7808 0xd5e08
OleSetContainedObject 0x0 0x1400ab0a0 0xd7810 0xd5e10
CoCreateInstance 0x0 0x1400ab0a8 0xd7818 0xd5e18
IIDFromString 0x0 0x1400ab0b0 0xd7820 0xd5e20
StringFromGUID2 0x0 0x1400ab0b8 0xd7828 0xd5e28
CreateStreamOnHGlobal 0x0 0x1400ab0c0 0xd7830 0xd5e30
OleInitialize 0x0 0x1400ab0c8 0xd7838 0xd5e38
OleUninitialize 0x0 0x1400ab0d0 0xd7840 0xd5e40
CoInitialize 0x0 0x1400ab0d8 0xd7848 0xd5e48
CoUninitialize 0x0 0x1400ab0e0 0xd7850 0xd5e50
GetRunningObjectTable 0x0 0x1400ab0e8 0xd7858 0xd5e58
CoGetInstanceFromFile 0x0 0x1400ab0f0 0xd7860 0xd5e60
CoGetObject 0x0 0x1400ab0f8 0xd7868 0xd5e68
CoInitializeSecurity 0x0 0x1400ab100 0xd7870 0xd5e70
CoCreateInstanceEx 0x0 0x1400ab108 0xd7878 0xd5e78
CoSetProxyBlanket 0x0 0x1400ab110 0xd7880 0xd5e80
OLEAUT32.dll (29)
+
API Name Ordinal IAT Address Thunk RVA Thunk Offset
UnRegisterTypeLib 186 0x1400aa820 0xd6f90 0xd5590
UnRegisterTypeLibForUser 443 0x1400aa828 0xd6f98 0xd5598
RegisterTypeLibForUser 442 0x1400aa830 0xd6fa0 0xd55a0
RegisterTypeLib 163 0x1400aa838 0xd6fa8 0xd55a8
LoadTypeLibEx 183 0x1400aa840 0xd6fb0 0xd55b0
VariantCopyInd 11 0x1400aa848 0xd6fb8 0xd55b8
SysReAllocString 3 0x1400aa850 0xd6fc0 0xd55c0
SysFreeString 6 0x1400aa858 0xd6fc8 0xd55c8
SafeArrayDestroyDescriptor 38 0x1400aa860 0xd6fd0 0xd55d0
SafeArrayDestroyData 39 0x1400aa868 0xd6fd8 0xd55d8
SafeArrayUnaccessData 24 0x1400aa870 0xd6fe0 0xd55e0
CreateDispTypeInfo 31 0x1400aa878 0xd6fe8 0xd55e8
SafeArrayAllocData 37 0x1400aa880 0xd6ff0 0xd55f0
SafeArrayAllocDescriptorEx 41 0x1400aa888 0xd6ff8 0xd55f8
SafeArrayCreateVector 411 0x1400aa890 0xd7000 0xd5600
SysAllocString 2 0x1400aa898 0xd7008 0xd5608
VariantTimeToSystemTime 185 0x1400aa8a0 0xd7010 0xd5610
VarR8FromDec 220 0x1400aa8a8 0xd7018 0xd5618
SafeArrayGetVartype 77 0x1400aa8b0 0xd7020 0xd5620
OleLoadPicture 418 0x1400aa8b8 0xd7028 0xd5628
QueryPathOfRegTypeLib 164 0x1400aa8c0 0xd7030 0xd5630
VariantCopy 10 0x1400aa8c8 0xd7038 0xd5638
VariantClear 9 0x1400aa8d0 0xd7040 0xd5640
CreateStdDispatch 32 0x1400aa8d8 0xd7048 0xd5648
DispCallFunc 146 0x1400aa8e0 0xd7050 0xd5650
VariantChangeType 12 0x1400aa8e8 0xd7058 0xd5658
SysStringLen 7 0x1400aa8f0 0xd7060 0xd5660
SafeArrayAccessData 23 0x1400aa8f8 0xd7068 0xd5668
VariantInit 8 0x1400aa900 0xd7070 0xd5670
Icons (4)
+
Icon Icon Icon Icon
c:\progra~1\common~1\wanacry6.malware.exe, ...
-
File Properties
Names c:\progra~1\common~1\wanacry6.malware.exe (Created File)
c:\users\5jghkoaofdp\appdata\local\microsoft\windows\inetcookies\mq6x6yzs.txt (Created File)
c:\windows\system32\wbem\repository\writable.tst (Created File)
c:\users\5jghkoaofdp\appdata\local\microsoft\windows\notifications\3ef54ae93acb11e78251b4475e61765c\aaph4da[2].jpg (Created File)
c:\users\5jghkoaofdp\appdata\local\microsoft\windows\notifications\3ef54ae93acb11e78251b4475e61765c\aaph4da[3].jpg (Created File)
c:\users\5jghkoaofdp\appdata\local\microsoft\windows\notifications\3ef54ae93acb11e78251b4475e61765c\aaphss5[1].jpg (Created File)
c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{cb4dd493-4d29-43d0-9097-3e1fdad4e75f}\snapshot.etl (Created File)
c:\windows\system32\wdi\logfiles\startupinfo\s-1-5-21-3643094112-4209292109-138530109-1001_startupinfo1.xml (Created File)
Size 0.00 KB (0 bytes)
Hash Values MD5: d41d8cd98f00b204e9800998ecf8427e
SHA1: da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
c:\users\5jghkoaofdp\desktop\-kar\g_kf.encrypted.mp3
-
File Properties
Names c:\users\5jghkoaofdp\desktop\-kar\g_kf.encrypted.mp3 (Created File)
Size 65.02 KB (66576 bytes)
Hash Values MD5: b79e63555e23b2edc0e00c32a4fa0884
SHA1: f95d612fba79eae8bfc1d1fdee957cd12534acee
SHA256: 57d1b0bdf7f65da952686fdfa495272005fc07c3c1580ee2e6d2b90b640c0639
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 0.05 KB (54 bytes)
Hash Values MD5: 2605c07ccc62b24d2b318ca3a5718e24
SHA1: 2125d239b98eb975eb7d8f7fe6684d7051b9d704
SHA256: 23c0459b4ce51d5a150c875212bdbfbfcf7f77fb7aa8946272751b5450c1dbce
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 0.12 KB (118 bytes)
Hash Values MD5: dcd8231c5708b77a71552516c086bacd
SHA1: 050df9bde375c6bed2e22de6dd304d5734296028
SHA256: 7d4fae95023e8ad8e5f6b1690d25e4505abda815c798f34bc0aae13f1b5b270b
Actions
c:\users\5jghkoaofdp\desktop\-kar\mbc0rw8uo_of3f5.encrypted.wav
-
File Properties
Names c:\users\5jghkoaofdp\desktop\-kar\mbc0rw8uo_of3f5.encrypted.wav (Created File)
Size 78.33 KB (80208 bytes)
Hash Values MD5: 2e958962673a31fd916c7cca5ba74d68
SHA1: 0c0cd7f94849a45609df2950f31065fbf73645fa
SHA256: 709c7d125d92a8dcfcffb0def0aa88ba170418d6c00cce93575c7d388bbb4a46
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 0.23 KB (238 bytes)
Hash Values MD5: 3c69abc1c1d32b44f0a05e221065de32
SHA1: 17224d3bd08f7c6162cab8b907c9cb090d164b23
SHA256: aa725385f407bf66734067e03fb3c4b62b6a6b9965db743ff3439627a4cb8596
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 0.30 KB (304 bytes)
Hash Values MD5: ec9cdc85265a813d40091057a9e151ac
SHA1: 60c88ed3cb18c4030987f3da11a65cf5c719b6b9
SHA256: 0e5826ed57a3212d0532558facebf9274cc60ce3e775eda765cb3f3915454d09
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 0.36 KB (366 bytes)
Hash Values MD5: 9e88600f4909ba28158a9657d7c50fb3
SHA1: 11433d1d80cd3e4ac30338327b2468ce439905cb
SHA256: 25848ce0fab2d16de19d92908e826840abc100ae530261d6dec65f577aadc8ee
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 0.42 KB (426 bytes)
Hash Values MD5: 4e936c112af90042cc1ac64c462279f2
SHA1: b7467bd7ae3c4e32afc1a2e6323bddc3b12b5597
SHA256: b40887b6c1d0df7ed24f0a43f3cd6da49427e4ce22ba313c127015ccf661cc61
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 0.46 KB (476 bytes)
Hash Values MD5: 1dc9409637f3ad57590d6c2ee4b1e322
SHA1: 29ebdd8403694f539a5d7f40994835bb8fa07ad0
SHA256: a28a4260cee9dd75c9402c4942ffe27f904464f7841520b2691ce638e612f7f6
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 0.57 KB (584 bytes)
Hash Values MD5: 31e807e0cfdd0c81addb0f7f604b828b
SHA1: cf6d6b32a78e0df14154cd7e0d1d8d30794f6701
SHA256: 97a4ce59ad4b4f9d115c428cb723e897275a6b75a09b03e99c9c5a47ad47caa3
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 0.63 KB (644 bytes)
Hash Values MD5: 024c0ea4b1cbe06a4b652510ca8f4b7b
SHA1: d70029ff311627ac4f36e7685529cdc921cdde85
SHA256: d918748e6ad804260d549073b473e028d2a5a7dfe089ca305b5fb36f076bdf13
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 0.68 KB (701 bytes)
Hash Values MD5: de4394c49070917a7e3cc501e6c79447
SHA1: 6c99c2609bffafafc3d33b800d2fd834eab06f00
SHA256: 5f13a0cf63e3c6a183748c4a23edaf50401680fa05c6ae36c2548df5c8f7de0f
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 0.74 KB (755 bytes)
Hash Values MD5: 5daefda60930406262eb476c99982732
SHA1: b76bcf7d18d7531188b219eb53a81b856c8db18b
SHA256: 6be8fff890b4eabf022b54a3fe03879a77ad8476dd25e053edaf8d10b658f0be
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 0.81 KB (828 bytes)
Hash Values MD5: f8b39ab63e6bfe8065811387fff8a7f7
SHA1: 12b6a521e19da9f76ae4c4788484b53072774dea
SHA256: f4528a6f53ee4f7c58c7e5c19f307bcadc9b42f63eb5691196185bd8cdfd6cfb
Actions
c:\users\5jghkoaofdp\desktop\fmgvztmzkdkwm\a7bot.encrypted.m4a
-
File Properties
Names c:\users\5jghkoaofdp\desktop\fmgvztmzkdkwm\a7bot.encrypted.m4a (Created File)
Size 23.92 KB (24496 bytes)
Hash Values MD5: 2101bf89a5552dcb03eb124768d0e442
SHA1: 7cd777faf79bcb117df6f22d7222f5d3e9865d65
SHA256: 4c42cfd7677e7031389302fc0ea5de3eb28c35ec6fb056ede2a516200113f851
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 0.94 KB (965 bytes)
Hash Values MD5: 2ae680597d6f96bf157ed16d90b65ceb
SHA1: a86be68244b2c83a4b196ec64456845a2c725779
SHA256: 323dbcdb1c3ed2c1ed5a6a96117d76952168797f2559be85b0e54c6f4ea73e82
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 1.00 KB (1028 bytes)
Hash Values MD5: 49cdcdfb60f2fb1320196a8427fd7e4d
SHA1: 96843f05c89fb7d219d4fa872972586ff45e84db
SHA256: 3d2326f54ee7f713944aeddeab6b2788c26d4123ba199ff158ead824d648a511
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 1.08 KB (1102 bytes)
Hash Values MD5: 95f23e73ea3985bea024f3869ca28c1c
SHA1: 97da0099f25b9e44ad99f79305cc82c14f59b3e1
SHA256: 62e71b0a44ff501aa76d85fd748a037d4d34de7bfa4beff2371b85049d81d39f
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 1.14 KB (1169 bytes)
Hash Values MD5: bbc8f183ae7fa98185ad381b19133e5d
SHA1: 022ba1ce640b49d658093ca25fd78ddf16a030f2
SHA256: cce9b9846a8709ac71cb2e9114a0b7c0b20e6c753b1c17b20b7bcc467cac2171
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 1.21 KB (1243 bytes)
Hash Values MD5: 124953d40d7d62f76364083eb022f5b9
SHA1: 4860cc10c69ba8e7c4e6414d12a019ca3e0bfa20
SHA256: fcce2b2208e0090fb7e511d8f9e83fbcc04eaa2c060c28b73939afd39ca8c986
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 1.28 KB (1307 bytes)
Hash Values MD5: 17e0f915c2b53cac18d2271dd343f3fe
SHA1: fa5be909291b3eda76790991b1deaf082e898e25
SHA256: 898fce9f2ff65e9fe488318655a8465cfb9937251d6ba56a6198a1a44ffe4d0b
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 1.34 KB (1368 bytes)
Hash Values MD5: e95aecd8700cf5c7685f7aa3ccdbc5c8
SHA1: 4a9a7d8dafdd993924ecaf94e738efda75ddba68
SHA256: 30d6623b6d05b8f30be75714d2ed3da0712eda178ed1f08e293046734c9a90f9
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 1.39 KB (1425 bytes)
Hash Values MD5: c5ee8a849041227305b2a531102e841d
SHA1: 544d5b76afb6df0c5c0d49e4ba0e03446abca91a
SHA256: e77cf3f5658958bbcd6e6384888e9c26b2b1b2189bd9c8c12adc7792abe141e7
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 1.45 KB (1487 bytes)
Hash Values MD5: 8d233bd45f5a2c67dc9e17ab1512ab43
SHA1: e13e688cd06c50c33f9f127789f0f441a6749b85
SHA256: 47f82639110ff5c772ba4cf0ca0c9efcc0d442c6483fd83e985f7190bc271b04
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 1.50 KB (1539 bytes)
Hash Values MD5: 23fc87dc2318158ec4f6252134214af1
SHA1: 3ca3b63282cbaceb0177887856b64c3af5e7b28a
SHA256: 341d76246e87b0a1a42090b195c331825a2c260827a15a8dc9434e4308152f0b
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 1.56 KB (1594 bytes)
Hash Values MD5: 2c0954a9b82019640f94f0ccff4d8074
SHA1: 6b6a225585fe305641723e210e382e3cad772c70
SHA256: 0efa3e2b045d2028b0540203d9390a812d3566f3cb12589b7f15ced2ac2fdf61
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 1.62 KB (1658 bytes)
Hash Values MD5: ef6bf9d25aa4b9adbd5a8d5add95ba9e
SHA1: a4f5581cf4777a804d069bd2ef3de36313ee4393
SHA256: cab588d39661f49485401b77e9ab34331c792ff5c26ebda0d5a60dd859f6c9bc
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 1.68 KB (1720 bytes)
Hash Values MD5: 77b73620de44959ffc6d55423e6250c8
SHA1: bb79b241fb4c922efdacea9bbdc1c4ffcd9ccbd9
SHA256: b3e957ef418b439a5a117a5c06901dee468a8d524ac9245e9804f240ceff032d
Actions
c:\users\5jghkoaofdp\desktop\m2gzlacpzqejs2kmo8d.encrypted.pps
-
File Properties
Names c:\users\5jghkoaofdp\desktop\m2gzlacpzqejs2kmo8d.encrypted.pps (Created File)
Size 71.98 KB (73712 bytes)
Hash Values MD5: ef0c63672acbc5cae3ffc517fef1c569
SHA1: c126369f546d50277d7435ffe7ac41597a62bcd7
SHA256: 0928a4f497025c3cea9b653ef30b21c661e533b913a9d7601be8802733a632fb
Actions
c:\users\5jghkoaofdp\desktop\n0ie6v_g.encrypted.avi
-
File Properties
Names c:\users\5jghkoaofdp\desktop\n0ie6v_g.encrypted.avi (Created File)
Size 12.38 KB (12672 bytes)
Hash Values MD5: d54ab970520126076248ec39cae01a6c
SHA1: 5fa715bc50a9c3b3ae121b47b007860592fe3ed9
SHA256: 39c67a2966d099967c245ca997ba0ddd70ef68c0a7b397754822d61ca30e5859
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 1.85 KB (1897 bytes)
Hash Values MD5: 39689aefd0dfe98110c96897f96a392f
SHA1: 6f633b23f5a7ee99c27e77282b442b917c75bffd
SHA256: 07795dd2af69189b6b676f53ff851736888593c69d3259777c8000e777495c19
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 1.90 KB (1949 bytes)
Hash Values MD5: dc49d728db8314f85416e38ab819f6fc
SHA1: f4174b597f5465c38f1c6028eeb3512fb963badc
SHA256: aee03b48a4d0635374626a05ae2726624c391c2e7cd70c001d640b27d52d5f96
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 1.95 KB (1999 bytes)
Hash Values MD5: 8c8060f05618889dd3e44c212bfe8dfc
SHA1: 8854c4f20b0309f81f6350d9ff2ebfda24fb0f50
SHA256: 29a669f9bd80531ec99005a65f48cd5bfd6157a7173156a217bd419564519e47
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 2.06 KB (2114 bytes)
Hash Values MD5: 81018519266ab48dab0fb03762365e58
SHA1: 2a6bae0cee5982a9561513a19efb55a30b478631
SHA256: 739be898a888a3d1966cb6b55c45494da1c4d90445db375d752a3c69819aab5c
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 2.11 KB (2163 bytes)
Hash Values MD5: ede7e02b395d3962e1fd1f158ec9dee9
SHA1: 7bed096bb9ecaab40dd060a52542b7a85e891207
SHA256: 775627e4ad422cd447068b1d85bdacb2f12529649fd6300639fc8add726d503c
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 2.16 KB (2213 bytes)
Hash Values MD5: 06ffea0cab3bdb2ce80e6bea74f3436f
SHA1: ffbe790b5e8aebc3e477ab85ebc37f66687bae75
SHA256: b57064c4c9835b199466e83d8123908a1df31302585b014ec07cf89354968633
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 2.21 KB (2267 bytes)
Hash Values MD5: ba392b3bb85e6b43c75dcdcb7b2457e2
SHA1: 6655e9b49051d8fa3121300597e4ede3a738f1be
SHA256: 223ab7ea0774185f0ee9028365bc2207677e63e216d27dfe328424b863ae5322
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 2.26 KB (2317 bytes)
Hash Values MD5: 6990e676ae0eeb2a80061300a2f39dd4
SHA1: b494d6c28109b3fd08ef5a46f5bff36976833f52
SHA256: 6f534913826f3d237a6c1620ff3cfa31a4c157cbd1ddfab5b7cb8852246f61a2
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 2.32 KB (2377 bytes)
Hash Values MD5: 64cf708e30cea784a1c8999d45a9a2c0
SHA1: 2b872906b91a204e858ac63bd760437050dd6dda
SHA256: 588da65eece7c2795fa3c0aff62e9e5cf2f23c405d8bc13c4453d8732f4b1f94
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 2.38 KB (2441 bytes)
Hash Values MD5: 052df55ccdeeb3e6232055d18085816d
SHA1: fbcb2c607cac6bd9e2b2883413e98883bb5c6998
SHA256: 93121b9914f4d1cf78b2483dae3f5effabac78d8de18770a2d285f98128473b6
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 2.44 KB (2494 bytes)
Hash Values MD5: ac5778ab1c530df7a656a1fa1e1f43fb
SHA1: 55aacf108f992aa9b6d41f789111e523e63ccf9e
SHA256: 831b9cc04aa94eab46723a8508ddfd389d1cd7c01ddc06b55450021e8c09ff33
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 2.50 KB (2558 bytes)
Hash Values MD5: e7562dbe3a0a7164a94dadd090d5d7f0
SHA1: 0cb4edda0487a85fa9325736bcd81d804cf12c39
SHA256: 264fd78c07cef6a2840363c825e56ddf6ebc4a0801334076686dd6e09b1478c7
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 2.55 KB (2612 bytes)
Hash Values MD5: dda813ce3faa872347b1c3bda54c9e4b
SHA1: d667f3d11e17dbf752e48d46def0b153c99b4745
SHA256: ec8548ca43c34d48be3ab8b2e18efcc37d01411cda6fda678f33f26dbe38463a
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 2.61 KB (2674 bytes)
Hash Values MD5: d2d8da7608a20fe5b799e02967dfda38
SHA1: 69154581c36bffeb31320e1f748ea0571aa882c5
SHA256: 3438d0124d4b02671f591962b33f496004d708cd9071ad6a52c5ee4501e6587a
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 2.72 KB (2784 bytes)
Hash Values MD5: 15e42808039cc39fe3f9516a66031f5b
SHA1: 8d083844d2a7ea5c3a6ea7edb48d6f242ce1695e
SHA256: 1de3256477e0950daeacd14bec8800dbbb65cb580b81de3887104d5ca6f0bcf2
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 2.79 KB (2852 bytes)
Hash Values MD5: 95d4c0440af2c5ba6c69e5073bd1c06c
SHA1: 8dcc4b991101ef4a83285af9077b8af04d4eca97
SHA256: 37ce028ddb5b7e0f1af1126abb1917fe4b4099793ac79698f33b4c7e1453f23e
Actions
c:\users\5jghkoaofdp\documents\fw u\6esq8lzbvb5xjb1xlyrd.encrypted.odt
-
File Properties
Names c:\users\5jghkoaofdp\documents\fw u\6esq8lzbvb5xjb1xlyrd.encrypted.odt (Created File)
Size 99.83 KB (102224 bytes)
Hash Values MD5: d69ed40b6ef264201dd313d96d6951c1
SHA1: ee645d66a78ad34f30b9d90af86f50f213bcfa27
SHA256: 446c89e1a7c24649e12ec32e2c3da633bb94342f2d1e751be378bc9435ea87b6
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 2.91 KB (2984 bytes)
Hash Values MD5: a14867b6386d4c5ace4d1d3612758aa2
SHA1: 3a11db4873afdab5c1bf9c1d86260787012b4a15
SHA256: 4c799c12466454a1e84eabb182146ad7348c7592bffe35b5144f921c5a2a9faa
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 2.99 KB (3065 bytes)
Hash Values MD5: 0262f91220efdb1b4e5f42e8afc0b3fa
SHA1: 8127a068ce78519d95eb20a790a849d2f7b457ea
SHA256: fa5f45e7a149d4b247950addb7213e343216ea880aa04e5c3a99e38607da542b
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 3.08 KB (3156 bytes)
Hash Values MD5: a61445a348b21ddc7929f9feb00f6ca4
SHA1: e060689e413c1db289f3794aaec9ea8cc8de3338
SHA256: a23d946bdbc25640129d0454391c54f268476b272e152480493d1decadfe330c
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 3.17 KB (3241 bytes)
Hash Values MD5: 3483f91ec6733873056dc2bbaae2bdba
SHA1: 7ec439b4bfb42107ecc282ad08c7a47f0f4c28a0
SHA256: 702901313bc29d82fd1b03e6cfeb4efb58d41261633290bbbb4bd05a49c4b9d4
Actions
c:\users\5jghkoaofdp\documents\fw u\dqohpg0nf9r1mosxu\wkbfm0bgic5.encrypted.pps
-
File Properties
Names c:\users\5jghkoaofdp\documents\fw u\dqohpg0nf9r1mosxu\wkbfm0bgic5.encrypted.pps (Created File)
Size 45.80 KB (46896 bytes)
Hash Values MD5: 016becc51450c820dde6162f0ac08715
SHA1: 3c89849ac87f40f76cac4658dadba6f778632906
SHA256: c9351874bc42f12d279b4559b9a3ae1c996c20baa21473a8714151a4c9ac6b89
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 3.33 KB (3414 bytes)
Hash Values MD5: 028475f04cb4b0015ed159c5a3c52344
SHA1: 79e9c34300da936202274f039e8a89551bd439db
SHA256: d52f565d184c3e6b5f68496a46401d61d8e5a44168c1a34c6665fdbe4a6944ac
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 3.42 KB (3506 bytes)
Hash Values MD5: f04c979a6ca96f275c1983e189e49a71
SHA1: 2fff3c5e3de45e1fa93f0b45d7d2c689e79afcdd
SHA256: 3c7ed75d5fd52590a72d8b37772d8b38ed0f4e045efac4553243e788511897a5
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 3.51 KB (3593 bytes)
Hash Values MD5: c1deda669411954e7c0796cda7c44858
SHA1: e1480bc45f92d4f491c5e43905d728288d26b3a8
SHA256: 43f0cbc263712e206094ef6a330c12a109096e5bff04e2541cd13966ad0acec3
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 3.58 KB (3671 bytes)
Hash Values MD5: bbb45300aad036b1c2e4b8f87bb1cf50
SHA1: 4663146013d877beb2a1ef06323e6e08ebcfb3fc
SHA256: 6f17e9a2e04801aea643cba69b335ba7fa25e5ba1d3d3f9afdfcf57515dd344f
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 3.65 KB (3737 bytes)
Hash Values MD5: 812c642e17fe3dafda09bc3024e88e85
SHA1: 5ec7d7a043009514c243339f0b812d54a75112f2
SHA256: 097188412e2f545dbfaa42d9ae3a89ac8187959bb59fa70702994303216b7a7c
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 3.71 KB (3802 bytes)
Hash Values MD5: 585e5a5cf38212222c56cb579b2c677f
SHA1: 97f5c81c5a4300421ee85ae5fe7a43b9306f1e03
SHA256: b1bf8f93d22152954aaadcdb985db13661e3cc5e156e9929e2d22cd35f441083
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 3.78 KB (3868 bytes)
Hash Values MD5: cc518181b54ca9c4593c8af23b337110
SHA1: 65fb9775a9c9c838031e3098b2a6b1fa7e229261
SHA256: ca26427b16d46fb8b3acaa7e35b77057d4f4935cfa7c62b7ac0b899c73daee11
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 3.85 KB (3942 bytes)
Hash Values MD5: b7e61e0ce67b2afbbad514aeeb2f16f5
SHA1: d8dc24a281b9892e8a266ed5d6836674bc7c8e7b
SHA256: e54d75426b10cd14d6ba4eb8b2dca6b63c3bb8b217a63a57de561de9485dcb00
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 3.91 KB (4007 bytes)
Hash Values MD5: c5505f146ae475fc8da0d80dc1979cc9
SHA1: e39d16553a0dc82da4c8b7bdcbf10714695beea7
SHA256: 80ecb21d65879b0d5176ec3c856031954f24d74c32345f73a74d4438ca78cfac
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 4.04 KB (4140 bytes)
Hash Values MD5: 04c652c8f73bd225b9a2f18c0053e496
SHA1: 41f6f78c05f7536e6d3626b9a5cad60802128004
SHA256: 0a81e80c28ed23d7dd99cfa514d91ad0549134c662577049c2c413adc6dc4b92
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 4.18 KB (4282 bytes)
Hash Values MD5: 7d4c8e3c527ea8613ff16f8c80626e0c
SHA1: 8d7d1d7171e13fb5d08baf6baf4f5b097f3e9fd8
SHA256: 391c8e38e18d9de18dc5883326314ae33333db3659916d087e4606b04a254446
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 4.25 KB (4356 bytes)
Hash Values MD5: 0e773de37700ef66797fe352cc0cb3c5
SHA1: a240abf258e7ef22fbdc0157974e93b1eb15d9ef
SHA256: 3fbe9030a164bd070bb9f1a50a18d66ca8f39d147dae1b3a8a2ef6f6197a05b7
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 4.31 KB (4409 bytes)
Hash Values MD5: 94fcb798c6a5c39d87e14944f04d80bd
SHA1: df1b5c7b996e4c50837d120c326d008adac1572e
SHA256: 891ac0f45d77c76f7215e5ad11c6e65e1e89210e24c9b6b4c6f361e77c5fffb6
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 4.36 KB (4464 bytes)
Hash Values MD5: 4f60ff316054779deae30d8632f9864c
SHA1: 37c21bfecc4b9986c196d27975311172ec5d165b
SHA256: 832db58bd37a301ee9fca3c7469cc8489e3726398b8c109f883b8f0dd813660c
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 4.42 KB (4523 bytes)
Hash Values MD5: 9265fe43dbfbb104f310a12618573cab
SHA1: 5c1a0918fa9ffce177896ada56a9c51551c794de
SHA256: e84d6dfaed2aaa3bd9c8520abc5ba9f72fe708caa3699094c6431cafb937ba0b
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 4.49 KB (4595 bytes)
Hash Values MD5: e94a0783b90f068ef239fd198eab3bf5
SHA1: be4e8fa60da8e3c6ac6005ec21af2a737b37909c
SHA256: 6461bccde6ff08d84cf5038a03897c12c2c8deaa1872b642c29d9713182173fe
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 4.55 KB (4664 bytes)
Hash Values MD5: d263bb266796ca748022755394bfa214
SHA1: f156383d6296daf35d01a734db8f29f84a70d94b
SHA256: 9f777850ba1457382d4da233443ffee7a30aaf4bd993837c715a383edf92c5e9
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 4.62 KB (4735 bytes)
Hash Values MD5: 215f21c7c5acf9f76c985e86c0e7dcbc
SHA1: 80a40f36952e35124dfa1d4508bc6ccb6f8bb8cb
SHA256: 677c49fa7fbe267313d163c84c94dcc19a4a3d418762ed5434de4222dfc4422b
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 4.70 KB (4812 bytes)
Hash Values MD5: 5c7257d85e76a786241ccaf4d6310638
SHA1: b5468be4d7286d297fdc85d511fc83aab1d704b3
SHA256: eea3eeb4250f20218704b73020ee16703e0718285e7b680da6aec24f011aac37
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 4.77 KB (4887 bytes)
Hash Values MD5: d9a672f6d8fe6553a256f5603bdd5bd1
SHA1: 770754397c4ea146feec332286eac09a6fe4c9f0
SHA256: 9046d45c51779957c70af827eca61a13f9b7414c62d22cac0dc79f92070e48cf
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 4.84 KB (4955 bytes)
Hash Values MD5: e93019f7be37412418d7e40fbfd308c7
SHA1: 20d81f76ef640a55942de696583ebfbba49c5c31
SHA256: 6f36808e492b059cf1f26786bd338d27911be2467c7852c10475d0c2ea94bc74
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 4.92 KB (5036 bytes)
Hash Values MD5: fc3fe5af8ac92ffe760fa33bffe9aae7
SHA1: 1e91a00aba0debe60a8231738185dba6e573c578
SHA256: a408a884e036408b73528052e049ae08bc43f5bc907aadaa6910e9175e014df9
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 5.00 KB (5116 bytes)
Hash Values MD5: 0f10ad8499833cfeacb11efcd21c98a3
SHA1: 0b00cce55439f2c3ab70cb8aebd6ad6aa13adad0
SHA256: 06d65e283e7e8572b50c21e05264e76dfb41a11c5f5ca97904aa5dc8d5cbbcd1
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 5.07 KB (5190 bytes)
Hash Values MD5: 7c1eaea8a453bac459114155c7a5b8e4
SHA1: 35f264e38a0e80de6c10e5741771e7eeb408389c
SHA256: 98ca45db883db0745b111ae423ad2b9beedaf87341244308cb71775b17c0db78
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 5.15 KB (5271 bytes)
Hash Values MD5: dec70630f7a97fb171d6f42ddd6f247c
SHA1: 8efde3d289d2100240b5424e2fc6ceb439af0f08
SHA256: 3c20e61684cb287dd62de88694eecb0d5dd67c0bc9915643893adec507fb2e54
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 5.22 KB (5348 bytes)
Hash Values MD5: 61eae17fc109442a1406448079bc049e
SHA1: a1351c4cc011331920307eac2f9c41147f87ce3d
SHA256: 57d0b25351529d92b1ed7547c24fe7878809406475a9e38aee109a56501b48ab
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 5.31 KB (5442 bytes)
Hash Values MD5: c5a36b47b9081e94530285a1de8e6c1a
SHA1: 553b1b6f1efcf0e5d5f21f98aa812d275ad59346
SHA256: 021498e596de897546a3f287262eb15e2a9c77880fddbf4729f4f31ed85e11b0
Actions
c:\users\5jghkoaofdp\documents\onenote notebooks\my notebook\quick notes.encrypted.one
-
File Properties
Names c:\users\5jghkoaofdp\documents\onenote notebooks\my notebook\quick notes.encrypted.one (Created File)
Size 353.55 KB (362032 bytes)
Hash Values MD5: 75c6ce6d9424b73aa80240b86b17a7cf
SHA1: 93cd2fc955c0c334cbde020746710f3f56991f30
SHA256: 85181b0f7419ffc6c68e72c1f4d045bd59373416ff48838a0ac19087abaa9c9c
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 5.48 KB (5610 bytes)
Hash Values MD5: accda2952af8bc8b3a8c5e89169107a8
SHA1: f4ec3fcf00df5854a68f891d6a49bd40ad1ab966
SHA256: 585b346c2b84e1479764640cd68ef1827e7e11851682b21a48ce7f52dc5ed384
Actions
c:\users\5jghkoaofdp\documents\pldu.encrypted.docx
-
File Properties
Names c:\users\5jghkoaofdp\documents\pldu.encrypted.docx (Created File)
Size 19.27 KB (19728 bytes)
Hash Values MD5: ccdd9bf84db49be6ddecf43581b52990
SHA1: 7e49228b19486952f30c7e135d7464f05247f819
SHA256: 0b43a83baa0bb26b8f60a8d73f1d067e377ef81a19cd46dbce54a1fce8cb9c4b
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 5.59 KB (5728 bytes)
Hash Values MD5: 3dc4ac216ba25f02ceda1bc88ffda217
SHA1: c557735e0c8e1f684e57c7880b4f09942ce1d66d
SHA256: 5f32fa5b04c3923ae261550e2c30da8b16db3e54104e48c11cb9013e48ac7b6a
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 5.65 KB (5787 bytes)
Hash Values MD5: c0bb5d61b9eec918801e422f8ffb8513
SHA1: 14fed7dc68ddd6066a57473ab5511ca52d537bdc
SHA256: a03423ff05f929a761e09dcd31f59e948cdafa73cb89d24c28434c91ab16fd64
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 5.71 KB (5850 bytes)
Hash Values MD5: 14d260a6115598e241faac81034e1087
SHA1: 82cd81466fd4893066017663b57002e49909108e
SHA256: 6b304f32947b230860ef5179a780945b6ccc4aac270dc4e72712a8c7908a047a
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 5.77 KB (5912 bytes)
Hash Values MD5: 065f621f348133743ad1249d337c972b
SHA1: 86e2d3df6d2c90cdda9e0998176ffeb0cf012615
SHA256: 30a4cf6ca0c447f5740d4afe14a1c46003ced874d823675b5f1387a0db7650c7
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 5.82 KB (5964 bytes)
Hash Values MD5: 04a685fedd3ac655480393cb505f324f
SHA1: 7269f8b17ad4145196309456304e8b982b80cadb
SHA256: 8d10a9450a68b45697ec1903b8d8758743e1cea75219cb67fa89adf22a0b511a
Actions
c:\users\5jghkoaofdp\documents\zd9_fkulwlewhm.encrypted.xlsx
-
File Properties
Names c:\users\5jghkoaofdp\documents\zd9_fkulwlewhm.encrypted.xlsx (Created File)
Size 86.44 KB (88512 bytes)
Hash Values MD5: 5103ba382b3ff4928f0be25060ae01be
SHA1: c7f3d4c7670d35d579671ccfd78d4801fe5e0ae5
SHA256: 7f3b86e47b1d930a6ce211d85cb1f99e1e74dd8591f273948de04be20209b791
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 5.95 KB (6093 bytes)
Hash Values MD5: 8124b358fb97558d912d56e3f781a3d5
SHA1: ed8564253b825e85240c4b163320960a4d089d0f
SHA256: 710f8023176ba02e6cf50de936e1c8421df8389af85918f487145d2a6888bed7
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 6.01 KB (6158 bytes)
Hash Values MD5: 0dde0bebbefba6f054ed2aaf86acd5da
SHA1: ff6e9226092a22f09d24639f943037c091af861a
SHA256: 26b02649e4c83ebe74097cc5ebc536a891c0c4eab7ab47ecec8c730f74f156be
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 6.07 KB (6216 bytes)
Hash Values MD5: 7c6f98304663c237935a6d8c918c6834
SHA1: e33ea4844b41eca9d91ca99f09c96da63169412d
SHA256: a1d8347c65f80208e6e33fc143ed68687e4e92de13e7e925597519dedb474bd9
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 6.12 KB (6266 bytes)
Hash Values MD5: bf6f677076f31be57c2bcbb25de51a4a
SHA1: 48984ea3f30f4fefffff3a40336055d5b1675249
SHA256: 690b5abc55f49e99dc479cce0489d79190ef5827ac912103a8d6d997dece1f44
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 6.17 KB (6322 bytes)
Hash Values MD5: 0f116efaa3322016bc41a511202e6738
SHA1: f5f8591d7aedbbf9dd854f71db05e7aafd472537
SHA256: a3bea9b51d75c83d7cb8b08f065e267d2e36ef8fd139bf54cf541fb683c36275
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 6.22 KB (6371 bytes)
Hash Values MD5: 69ab972dfa43be74c887a4d31ae42aa2
SHA1: 4eb54aed3dcb5cc9fbe0347e5e086c02659b3702
SHA256: 1deb08c806b9b46d8bb35c31455c3e83a2abcab30aede8ac039128de6b2a0676
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 6.27 KB (6420 bytes)
Hash Values MD5: 00cf613cbc4cfa51070a3a07f3472c7f
SHA1: 8b4993d3e518ca3d35a65cd18226320a10bfc1b4
SHA256: d43548d63fb98d2f961a48e484165e4ce5f5589e5fe7af30cb37c61841a83051
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 6.33 KB (6479 bytes)
Hash Values MD5: a765a9aad60f2e425b85797ec300bd0e
SHA1: 9d9ced668736a9dd5433be40bdd2c32b1d49ddd8
SHA256: 48e761919d6aadbb4f117ba3332b7d9d225f917d96b56e5da150b8abac89773f
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 6.38 KB (6532 bytes)
Hash Values MD5: aed6a6d2060741552f73b2a2c4a37c73
SHA1: 13b1b0d2b1a092cf8bec3f9b697b696cbe00b1da
SHA256: 70e8ff58284d32ca674ad31c9d0a30cafcb123751b134355ebbd9cb9bf243ad0
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 6.43 KB (6589 bytes)
Hash Values MD5: 5babe46533fc7df489ed04ffb5e9b2e6
SHA1: be03a86db5dbb9902c2d2da5abc0c4b2e5724daf
SHA256: 45dd1eed4a29a10fa020512a97b2ceb3f849e0294485f835b152ddb05dfa0f21
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 6.48 KB (6639 bytes)
Hash Values MD5: 6aec49444211fc7ae8f72befd5ab6ff5
SHA1: 395ec3dbb38c30ed22f05f6bfb80a3e1940d8b54
SHA256: 48131131aec0cf51e3f457aa39432239c460f4159f150d209ce9995437ca472f
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 6.54 KB (6701 bytes)
Hash Values MD5: 3d04b6b44539feb4e460d221a122fcc4
SHA1: febc01b0a6a9839136a189dd5c14c8f1624290cc
SHA256: caa1070e985eafb07053f9ad92eebc7c59cd95a86fb7c61204d1ca6db66ca600
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 6.59 KB (6752 bytes)
Hash Values MD5: e883732eececa6c9c29ac2de92e49d87
SHA1: 3badb883af7c8ca8f4fc5734df5ee623f7f56817
SHA256: 8fa612ce686862b73796e16609062d2ff4d923f056c02428126846ede98eee20
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 6.65 KB (6808 bytes)
Hash Values MD5: 6e266192cf4572df669f2d82224c0226
SHA1: c4314ced5b4dab7ff7be892ae99b06fd676d484b
SHA256: 0d5383b0d9c47113f366239d4c588ffa39f71efc7d1b74aecb99c25552366b93
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 6.72 KB (6878 bytes)
Hash Values MD5: e162c339ad1c7df6c47a05207b857310
SHA1: b556e7b8a52f070ad168b9dbe8ba164ee6c728b6
SHA256: 38797c57543b4ede62c2280a2c7414b783c2fdb4d2449647a657b1aaa00f53aa
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 6.85 KB (7018 bytes)
Hash Values MD5: c32de3d6eb9c9c30bbbedd123727cf66
SHA1: e6b50f8d68f37871fa27b3f53b2dab2252a35c5c
SHA256: 3f7b5fafc3753bcf4f95814c70a3a268b1e6db05696c53bc90e6f606b6a85597
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 6.93 KB (7092 bytes)
Hash Values MD5: 2dff1676264576eaaec72f40b1a2bd8e
SHA1: e98af0158e1b286537a9e2a8aa3250c3fa43bfae
SHA256: 7cb84bdd48ea594e31ce93c142ffc44b87be438ecbaf8e1d8a6ea3c74e81289e
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 6.99 KB (7161 bytes)
Hash Values MD5: e5499496950290732082924cc3e89e0b
SHA1: 14d2668ba81eb02e649a44142dbb2e57d77e8049
SHA256: 48157f9c3adf09ba84fe2d608ad7cf57f53d90e885d499c0db77ef0b5e27434e
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 7.07 KB (7237 bytes)
Hash Values MD5: b714bd5118f1657db2f5c5f746f9e94a
SHA1: 2a7b4d02fc526752a084b7c59839661048c8d188
SHA256: 97ba3238b20c310c32cff472ea174273a25cc69c0b8e79e52f678e09afc7ba8a
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 7.13 KB (7302 bytes)
Hash Values MD5: 528d58e64f661cc7583f0ba76f139405
SHA1: 6c9c3c2a896a55388f42b5dc8d169ae7c005cfca
SHA256: 74ec6eefd60fee0b2769eda54735cdad265f45f29f110cb932363f02aaa53825
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 7.20 KB (7373 bytes)
Hash Values MD5: f439b21434f582414e2cb47e10a59bd0
SHA1: 4594b95571c82e8bcbf9a59489041c30262cffb4
SHA256: b8c293be36a6cfe96e60b4f530a5f47a94639bba1f9667a1847abf02896a56e3
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 7.27 KB (7449 bytes)
Hash Values MD5: ac7ecacc3fd29525463dfc45f3591e48
SHA1: a37bd7e561d38695390af422adc77cb737a8f4c6
SHA256: 778b1a52eeb517f43329e92b8cdd71f8aeccbad2a8afbf73d83ba3a3976a3615
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 7.35 KB (7522 bytes)
Hash Values MD5: ee65ad49aab0df6658d04f20dcdd6bbd
SHA1: 350b8715f05d1f20ac90c8a6c24600e8248348fe
SHA256: 02242c932ac0bf3b01afd14bd2c123141afe766a4225fda6be69e49c8737c027
Actions
c:\users\5jghkoaofdp\music\ygqpk-ymjwgakf7q\v5iko1.encrypted.mp3
-
File Properties
Names c:\users\5jghkoaofdp\music\ygqpk-ymjwgakf7q\v5iko1.encrypted.mp3 (Created File)
Size 41.95 KB (42960 bytes)
Hash Values MD5: 6b0977b640f54f2148b33ea9c686360e
SHA1: 04a0d9eb686a127bf5b91c02b0ff84b9f76f2345
SHA256: 1c361912ae72195495356177a335be9ac6cb93bd68206c05460a5d588f49c494
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 7.41 KB (7588 bytes)
Hash Values MD5: 821abe92ed994861173c7d68c20270cf
SHA1: 93adea30d9c7d12adf5495a7484b6cbb07af9a22
SHA256: 66b592120a010a711cbc0a5877d54118d276baab9a04d92b5d49e8ba2bd61384
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 7.48 KB (7662 bytes)
Hash Values MD5: 529215af9722162ea5ce3973fe73d23d
SHA1: 0369b110754089ffd03b05b16f55486197133492
SHA256: 0d88137711f9fb9a7c0a8b21fc5c8eeeac49ff9ba2f48057aca928153ce70615
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 7.55 KB (7728 bytes)
Hash Values MD5: 5b50ddf0f6523f46db23cc63de32dcec
SHA1: 30dd40d6b0d5074e4d0accf9e7ea6546b3405246
SHA256: 3d16b02869fbedbad98378b642f97a85f21f5d532e923af61c30cb2de478d324
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 7.62 KB (7803 bytes)
Hash Values MD5: 17b4e87a704607f2d3764533b3972c02
SHA1: 9dc9098e1f5cef88cab0f2e349bf3b575b9d546d
SHA256: fd354a89468a76659ba3ee06b6200af27adfaa5401f115fa3c427d97c74ab537
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 7.69 KB (7879 bytes)
Hash Values MD5: 35085a450f532dfaeb3592eaffb6cda4
SHA1: 6386a589de4dca0ab1d5f5e7dce1c6f4e8959beb
SHA256: f0c93e00cad050a0d6069c569234d40ff03ec36e06fdbd469e81f400049bf843
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 7.75 KB (7931 bytes)
Hash Values MD5: 66c5449b52b544dca1a81456b5599a55
SHA1: 372d4d1da857cce6d821904633227afae8f8c5e4
SHA256: 3355ad8cc7da1435034397c27745197d9aebd15bbac266d577db6e1a75136b6a
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 7.81 KB (7993 bytes)
Hash Values MD5: b3e49183c20a7f007241d416b4370532
SHA1: f4fcebc77d43c34f3fc34878ed034242828c2cf3
SHA256: 5e3959d976451a81f71411584f148a3b9715cb045e04f27a9d539bd15da5bf6d
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 7.88 KB (8064 bytes)
Hash Values MD5: 05fb072022576bb2cf4b5d23c9c042a9
SHA1: 97a4500d80657f0e8f3b18fe457f55d21ebb7bf0
SHA256: 262e9a7cc9dd0a5f054551df21fa023ca6025fcd1aeae44b91acbe67611c3ba7
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 7.93 KB (8121 bytes)
Hash Values MD5: a1a6203f94a7d08f88ef4f9c64b64751
SHA1: fb5b03564b9b49750b5efd8f4bda8866cd23b4b9
SHA256: fa8b006d3a28e44052d60db1ed4b78a27b44205b2fe4e690bd50c75db6d79d28
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 7.99 KB (8186 bytes)
Hash Values MD5: 23389d14ab710399982a7a816f5d7003
SHA1: 8d017865ba586ea326c0d582123af51c9ef04fb9
SHA256: 665e8cc70ac1cb5102e4cbfb0f6288b3fe803a9bef9261f41aa721b3e30e9c74
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 8.08 KB (8273 bytes)
Hash Values MD5: ae98c05b979dc0635700d8a5fd977572
SHA1: ebba90636f7aaab78c133d2af78530097e962ee3
SHA256: e0f1cbac9123edd167b675f14095dbae31761998721d78e1e467455c8db90562
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 8.16 KB (8357 bytes)
Hash Values MD5: 0fab42a4069156e095d89868a12c69fe
SHA1: 3fced465e2b1c1cad49cafe893d8b7c3233b5f53
SHA256: f1ab2a2b5a49c0597d8644a155344fae9c6a3b5a96220d3cfd0aa072b134c224
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 8.24 KB (8433 bytes)
Hash Values MD5: e036ca270459d7094798efd0c2e09f86
SHA1: c4600150007bedaf52f68681b86916e87d8ccdaf
SHA256: 0accb682708c62d9b2f78d23a15b977856ff2422595684348cbedff41c80ac39
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 8.33 KB (8525 bytes)
Hash Values MD5: 5ffd64e3c51bc8fa7978d04e98008963
SHA1: 717abca3e6e0d81d65550f606311a89a3b22f338
SHA256: 098053b24aa7f2bd2007632a689b1a63eacd3091733a829fa842be45d3c72a65
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 8.38 KB (8585 bytes)
Hash Values MD5: 6e305b868b3f2ad3e592b225db55655e
SHA1: 941dd518a563b00494ad8b7b0b7fa5839eb2f437
SHA256: b9d2903da59d11531831543f7f02bfa220e56a18736244a03602d37bd41195c0
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 8.45 KB (8656 bytes)
Hash Values MD5: fbabe33557484f00b6899782092a5337
SHA1: 772ce3d83b8946c480d643ead1b857da52cfa14e
SHA256: 39c98aefb97148ead47fdd2f275422b9db80efd0fedbad5ea8ae9e17dc52d6d9
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 8.53 KB (8730 bytes)
Hash Values MD5: 1d0f4c3cf7b5596e854459cd58928142
SHA1: 117e119e643af6b5f46b560f393b097b33c83779
SHA256: 013ce062e5a77af00da5490669f424e7d5d6d64a0576f73e1379781a5417862a
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 8.60 KB (8806 bytes)
Hash Values MD5: 2663518d1848a516cf6dcb97a66cd87d
SHA1: 70a87311b97f5ab6fd3c6f2399044c0643377294
SHA256: 594454295a639854fd096d203469dd03a51e7edad07ade8e772e3a93ebdd1c97
Actions
c:\users\5jghkoaofdp\pictures\hz2w\ra1rifpb2\l6fx8sicimwq0qgomdx1.encrypted.png
-
File Properties
Names c:\users\5jghkoaofdp\pictures\hz2w\ra1rifpb2\l6fx8sicimwq0qgomdx1.encrypted.png (Created File)
Size 29.86 KB (30576 bytes)
Hash Values MD5: e851eb21c3987b1f349ddb9b857815d3
SHA1: 0183755599ab86295e6b2467968acc087fe25cb0
SHA256: 7915469719d6373559f2f7efe127f46950ccac1147ab91f2cd6711ed2fed14d0
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 8.68 KB (8887 bytes)
Hash Values MD5: cd31ec0082f8091222ef2c030a1dd669
SHA1: 05bf5c15f1ab075c0f80a489bbd3bb66f1016efe
SHA256: 4568e21200c8049960de9d8037a882ab45fabd61881fc778fd82bd4b684b88f5
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 8.74 KB (8953 bytes)
Hash Values MD5: 06972603e1aa72a1f67f38765134193c
SHA1: ae4a35610f1a018559138ed85f32acf647adc992
SHA256: 14afaf4417f69786f3ba0a0b7435282880ef828d93123e8bef9fbb2fdd8b3e38
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 8.83 KB (9040 bytes)
Hash Values MD5: 062db4741927111f06eb282e0594bee8
SHA1: f4606367d92afe73c00faee19aa6cd6db5e45634
SHA256: 25e97d570f19f996bde584ff2240596e9c13f93b30fe96fb400d4e8692287e6d
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 8.91 KB (9120 bytes)
Hash Values MD5: 313318bc7f428f5c50490d2718271b01
SHA1: abb5e4d47142a8413a5f597882d5ff288072f8ff
SHA256: f55af1f4c1ccda6c0a1172c82caa24083a5dc20fa928245e05435b292f9d811b
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 8.98 KB (9200 bytes)
Hash Values MD5: 13db1f7ab084a1cbedeef20780e5eb26
SHA1: 4252d4d682fc6f137b0728927ce2a43c9005e34d
SHA256: 1c4516e1467f30557a892fd4e881787fc5e660ff37acbb6b59478527782295da
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 9.07 KB (9284 bytes)
Hash Values MD5: 9a058089af8fbb955a16523f2c73b3a7
SHA1: c3b358d9c041e839a7cdfbeb0911a250d599550f
SHA256: 8c2cdaa60e59ea68e3e9f3f8df61b540b0f3f46dc2d4756adc2e6fb0c80cea50
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 9.15 KB (9373 bytes)
Hash Values MD5: a85b2f6027ba2286ef20cfa5f18e5b3b
SHA1: bc307cdf7fb0d755332086ba8b2c28cf15d675ad
SHA256: a1ca68e8b77fa3e378309e50b7d0581fbe5f0a79fe8dae37a03ebdab75f21642
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 9.34 KB (9564 bytes)
Hash Values MD5: 66e2fcd7ae20fd8170a02d2ea947759e
SHA1: c3828ae94e7c18dcbfbc7dbbf0aff7fac6005b70
SHA256: 5931325c0b0055a441e8f19dc9f70ba562491eedfea7e01944ca9fc0d92e60fe
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 9.51 KB (9737 bytes)
Hash Values MD5: 62f20d3a790f34ae967b4efc86da75b4
SHA1: b7b77fb68686b7ece7d6ebe548cbfd927f111871
SHA256: 5a5d01bbaa6d5bc6bf11585832a33f033dc19010e2d2dd3978845d4d21287cbe
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 9.57 KB (9798 bytes)
Hash Values MD5: bbdb6bf5a04c6499133201eb51d01d15
SHA1: 28eea8e94852397036f8feb02268bc1c5bf8313a
SHA256: 77d86caaadf8e955810eb1c41de575e2cc854326a4ad2777caff3c720c31cb45
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 9.63 KB (9857 bytes)
Hash Values MD5: 7bd8cbfecabe16f788351292a8b498d3
SHA1: 9aa6c6ee11bbf77e858a6521e5d94c0c2105b4de
SHA256: 51dc8ebff41e86ff82b8380a46e2615a64e7bd3e1f4b6593908c094cf80ac078
Actions
c:\users\5jghkoaofdp\pictures\hz2w\uvzp9c0xe2unmuaj6.encrypted.gif
-
File Properties
Names c:\users\5jghkoaofdp\pictures\hz2w\uvzp9c0xe2unmuaj6.encrypted.gif (Created File)
Size 62.77 KB (64272 bytes)
Hash Values MD5: 50ecceade9fad61b570f2b31410cad9f
SHA1: f73a2f7fd2befe16461d400ae1f9cfeeb40d1ab9
SHA256: 04a4b6fb5a0a3be5267c923254c16e87c6342c0e4ae7cae92ff983f19cb29ccf
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 9.76 KB (9992 bytes)
Hash Values MD5: 86561143d24c769f5da6bac487de96f5
SHA1: 869cbd81a15a7718db63393fbc2ce7707752789a
SHA256: 5b085773c45ecf0476a4e2ba346ae988f4bb9b0ac901887bf1f0a926c5b37500
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 9.81 KB (10050 bytes)
Hash Values MD5: 125e7e370faea2d82256567d87ad83ca
SHA1: b2e8d54ba0ed9a229b07317def820a1fad102fbd
SHA256: 160741fa3ba7fd47609d525f152d6e18e8822713b2d994ea7811e4201f8d32f5
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 9.88 KB (10115 bytes)
Hash Values MD5: d6376b849a5dd31402bc61da53ff70d4
SHA1: 8e6db923aa75166f8bab98c8c4d0417ddb046d44
SHA256: ca24146bdc15868ac8c845d75ba74c8c39d2310f45f56ba249443c26ec375830
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 9.94 KB (10178 bytes)
Hash Values MD5: 383abb78bcce7916d51ba5bc9746b635
SHA1: d990903793b76870fff1c5456a34b611c490643c
SHA256: c999c4564b9af73b4ca71f49b251e910d1e3a78faf265ac06ca670586dc0cd6e
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 9.99 KB (10232 bytes)
Hash Values MD5: 605b83c7f9544dca8a16427f4d68a4f3
SHA1: f207d9d8ee21f4c17d4f65b012a3ecd5d2627a5d
SHA256: 2c1eb6c74f8dcd2e8cdd117bd32906a1a0ddb6c8043dc70516ec44e1b33ce794
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 10.06 KB (10297 bytes)
Hash Values MD5: 08fe23442e7b9dbddbd04d28a03ad514
SHA1: cc41053534d44c0824ea20cf98409b94af9d1c45
SHA256: 8a56a3d04eb76ebaa8df213bed2038e658b43f99016c0f7cf71d8d2068e36393
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 10.12 KB (10365 bytes)
Hash Values MD5: 247baaa79fd5a0e687bccecd197c5045
SHA1: 2e6ade7efd7f39d8104a96d928f4cbcd7bf08439
SHA256: 703a4a2ea26cb42fcf3a816838e6d94974de3ffd60ad5810e98542b8518d0b21
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 10.18 KB (10420 bytes)
Hash Values MD5: 35cc2d53ec9d5ed8d5fab7c26d956a2a
SHA1: 01b101ab4ec74c74d9d567837ad0d4ed77ef19d5
SHA256: 1510c32944889fe7e049d9d3b9bc28d39e5ba5b26e67de67d67088e4ff6417d6
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 10.24 KB (10481 bytes)
Hash Values MD5: eef304cda1e97b7519e8013f41389e28
SHA1: 2b31237696990a1ccd72865997616badadd0cf76
SHA256: e7d70e8746e80567900bce548f24364be6117e1101d33a069416e3624f0f4315
Actions
c:\users\5jghkoaofdp\videos\mmzl\pegwegazbvwtu3n0gz1z\4_fiu1ihmr5kifysz.encrypted.mkv
-
File Properties
Names c:\users\5jghkoaofdp\videos\mmzl\pegwegazbvwtu3n0gz1z\4_fiu1ihmr5kifysz.encrypted.mkv (Created File)
Size 13.70 KB (14032 bytes)
Hash Values MD5: 3b64c710563c0112cea1fc58433aed8c
SHA1: 28d90fbbbf35ba141352091a9eb4e3a1e7931980
SHA256: f82ab9e17352b9118db0aa37ee63c3e46f8ff28d08bbafa51b96121f882877b2
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 10.42 KB (10670 bytes)
Hash Values MD5: 743ec6e8ca03e0f65fa6c9b36a2a3fa9
SHA1: 1c8a9674e39e5218ea538d5f42d4f7b4f553f937
SHA256: ef0af7c4736a029cbe1b6413e5d813b4e8ea0bedc6141b7f4bdd08e37af3607b
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 10.52 KB (10775 bytes)
Hash Values MD5: 4b99fab8428b8837effca97514e64fd5
SHA1: fcf4a931b1af4e25df1117bccc32e1043ca61729
SHA256: 1530fa9ad498da053ccdfa86355d43dcbf6d0cb221d922215c8c7504baccaf35
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 10.62 KB (10879 bytes)
Hash Values MD5: 3d98ad64cbe4da1444b459c4ec605cb7
SHA1: 15f1210a505ac74f0eaa5a827c6708bb72d365f2
SHA256: 06a33380dc9b7433b0cfb1492ab6c40cf3ef2759d09ec2ec84e46850add4b5c7
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 10.72 KB (10977 bytes)
Hash Values MD5: 11149743e690c20d38515883a803b728
SHA1: 5e46c3c40862cbbabdd935c4590a3f3a4b0ee0bf
SHA256: 582ed28cb5e530572940a43f29940db8b98f35d3c5db9f932e757638ee9fe45a
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 10.81 KB (11069 bytes)
Hash Values MD5: e1af75e25dc5a0546b08272e826396c9
SHA1: 63a02effd93a059ed740f72f7e917b38fc7d5f74
SHA256: 550624776f27a6ad3e4f0126f12f8ff3b0072aa978349dd2a6b2db2015b3cf7c
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 11.00 KB (11266 bytes)
Hash Values MD5: 0aba604b2c92a7a6e639cc36453f3bae
SHA1: 09ba74f0646405ac29679e0bfb3dcf1089d3eeea
SHA256: eb25f636f7c32d17ce3945ec7bf79bb50b7ff71567a429bb05791fdca0674b59
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 11.12 KB (11391 bytes)
Hash Values MD5: 355471f0b3d53b177c40c3c4dc043b97
SHA1: 28c25132fa508e8073aa34f3638ff2d4c57b53c7
SHA256: a29cc1e547ccb87e7df6d55d8b4dc1804951766dedc9da617a661583c1b0c3ef
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 11.24 KB (11514 bytes)
Hash Values MD5: 964a64698fb9058d4c4cc7e15bf4eebd
SHA1: 35e70175ad3cc625df4b09d1bd1ebbbb8c9e43f3
SHA256: 2c5a5de0543ce418e9261f8e1d40669bf9c711ec901973d91ad58a02199a600a
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 11.37 KB (11638 bytes)
Hash Values MD5: cb9f6ab7b30eaf63713b9f144fba5f92
SHA1: b9f6464b3261d41b8fad5a39f422899b7b5bc841
SHA256: 42854f6d2f498057c5900d219a5c5747edf0480224f3e5d3253908abcce85872
Actions
c:\progra~1\common~1\log.txt
-
File Properties
Names c:\progra~1\common~1\log.txt (Created File)
Size 11.49 KB (11762 bytes)
Hash Values MD5: 1774ac1c3f40ff5b7c80df6acfc4dada
SHA1: 3774e9e0eb5b659bd51813945c61d612d2d951c7
SHA256: 4bc3c90794d551de434a5a9478837679b446a95caeecd133a47e42e2e9411f6e
Actions
c:\$recycle.bin\s-1-5-21-3643094112-4209292109-138530109-1001\desktop.ini
-
File Properties
Names c:\$recycle.bin\s-1-5-21-3643094112-4209292109-138530109-1001\desktop.ini (Created File)
Size 0.06 KB (65 bytes)
Hash Values MD5: ad0b0b4416f06af436328a3c12dc491b
SHA1: 743c7ad130780de78ccbf75aa6f84298720ad3fa
SHA256: 23521de51ca1db2bc7b18e41de7693542235284667bf85f6c31902547a947416
Actions
c:\$recycle.bin\s-1-5-21-3643094112-4209292109-138530109-1001\desktop.ini
-
File Properties
Names c:\$recycle.bin\s-1-5-21-3643094112-4209292109-138530109-1001\desktop.ini (Created File)
Size 0.13 KB (129 bytes)
Hash Values MD5: a526b9e7c716b3489d8cc062fbce4005
SHA1: 2df502a944ff721241be20a9e449d2acd07e0312
SHA256: e1b9ce9b57957b1a0607a72a057d6b7a9b34ea60f3f8aa8f38a3af979bd23066
Actions
c:\users\5jghkoaofdp\appdata\local\microsoft\windows\inetcookies\mq6x6yzs.txt
-
File Properties
Names c:\users\5jghkoaofdp\appdata\local\microsoft\windows\inetcookies\mq6x6yzs.txt (Created File)
Size 0.11 KB (117 bytes)
Hash Values MD5: b66f6b08de0f150cb8941aeb2b84f9d9
SHA1: 4b44ad08470119cf62889821b9e95c612fe68aa2
SHA256: 07d71e09bbe4073839f882848e76ac431df4741ad318ef5c71846ee985bea63b
Actions
c:\users\5jghkoaofdp\appdata\local\microsoft\windows\inetcache\ie\cay9e00x\tobtc[1].txt
-
File Properties
Names c:\users\5jghkoaofdp\appdata\local\microsoft\windows\inetcache\ie\cay9e00x\tobtc[1].txt (Created File)
Size 0.01 KB (10 bytes)
Hash Values MD5: e407af805476c1cc12fcbcb42a217a5f
SHA1: 36c2f577a120f1785fd74ef556c4851b029c63a7
SHA256: f959f76db4de29b9eb002f367e97a576481e1bc77274564bee0ce198849f73f3
Actions
c:\progra~1\common~1\1365363213
-
File Properties
Names c:\progra~1\common~1\1365363213 (Created File)
Size 0.03 KB (27 bytes)
Hash Values MD5: ed31cbe057cdf23178c1f2ba56935bb2
SHA1: d59dafa8efb71f884ba2d45e81b578840146ddca
SHA256: ca7c6bc32e528080123c9f9b5f789ea602e26191d9665e8c671498cc18e902dd
Actions
c:\windows\bootstat.dat
-
File Properties
Names c:\windows\bootstat.dat (Modified File)
Size 66.00 KB (67584 bytes)
Hash Values MD5: b8959e29064273570bb69efde038cf10
SHA1: eb782f7b3f987ac960519aec8e61f1aff7e463aa
SHA256: f245f44f692fdf45a438e8f3469750d9c8616eaa3edda057eab11b7a3c077901
Actions
c:\windows\serviceprofiles\localservice\appdata\local\lastalive0.dat
-
File Properties
Names c:\windows\serviceprofiles\localservice\appdata\local\lastalive0.dat (Created File)
Size 2.00 KB (2048 bytes)
Hash Values MD5: e852394bf8e2b2b108a04ae0241333a3
SHA1: 85099b82839588ff6a90f5c855e5b283fba9ccb5
SHA256: 2e920a9d192ae4cbbe06d18399ec21c35622cdd03299b2bf846980887a294294
Actions
c:\windows\serviceprofiles\localservice\appdata\local\lastalive1.dat
-
File Properties
Names c:\windows\serviceprofiles\localservice\appdata\local\lastalive1.dat (Created File)
Size 2.00 KB (2048 bytes)
Hash Values MD5: f4dc61e6413f82a64ef546863d643946
SHA1: 98700bb958c1c5d23bf1447befca073c8fa091c3
SHA256: a23f90323730ff71623b6e6d64edd1c7a922829cdabc1d5e89392b28fd1d5b85
Actions
c:\windows\tasks\sa.dat
-
File Properties
Names c:\windows\tasks\sa.dat (Modified File)
Size 0.01 KB (6 bytes)
Hash Values MD5: f1a6cd5adaab953a6764ea364e17bfb8
SHA1: c99a1eb2d8974a667d2e0bc2dc1efcbe0ef23387
SHA256: 12dc5ccd7fecafe070976a1916e9672e3d53085633c86957aee305ccc584184c
Actions
c:\windows\system32\logfiles\scm\c4ae3c3e-c327-4689-b6fd-c11fb31ae88b
-
File Properties
Names c:\windows\system32\logfiles\scm\c4ae3c3e-c327-4689-b6fd-c11fb31ae88b (Modified File)
Size 0.03 KB (28 bytes)
Hash Values MD5: 5e4734c0c9960c28ae1242de2c0a7fc3
SHA1: 36e561596e58b08fb562c42c1cb4db81c845f98e
SHA256: d5c96f544c2c23b048ad236a5f1051d736d4ac0c296344e195da07f6214be760
Actions
c:\windows\system32\logfiles\scm\1effb9c8-b178-41d3-906d-d567219d1b46
-
File Properties
Names c:\windows\system32\logfiles\scm\1effb9c8-b178-41d3-906d-d567219d1b46 (Modified File)
Size 0.03 KB (28 bytes)
Hash Values MD5: f71bbb3536837574097b93e69749ef24
SHA1: 19467f02f1a08b42b37252de33a97d2a4fab14bc
SHA256: 70e2079bce3541b77dce69bb84a6245ec8ef1e88f180ec6d803591eac93832a6
Actions
c:\windows\system32\logfiles\scm\cf26df67-c0c5-41d9-961f-2d6fa0abd4f4
-
File Properties
Names c:\windows\system32\logfiles\scm\cf26df67-c0c5-41d9-961f-2d6fa0abd4f4 (Modified File)
Size 0.03 KB (28 bytes)
Hash Values MD5: 64aef66c21fd5aaa6810f2930e19c439
SHA1: c204d94c8fe611a1b52b28d96744ab319afccf45
SHA256: 2422f6245b9ae60faaf64fc77b9b2246a887481d25922fc4cd55f9d61f37587e
Actions
c:\windows\system32\logfiles\scm\d00e7cb4-f82a-4a72-ab0f-7bb86dca6f2f
-
File Properties
Names c:\windows\system32\logfiles\scm\d00e7cb4-f82a-4a72-ab0f-7bb86dca6f2f (Modified File)
Size 0.03 KB (28 bytes)
Hash Values MD5: ca6ae34b2cbe7c975ab7d43f53740b7e
SHA1: e7de0c6fcebc7f86283e6b16080da41299b4d963
SHA256: 9d8777ea26006ce7018bcadd8598d8b33f4e173d01fdb0fc28f66f65d7fc3117
Actions
c:\windows\system32\logfiles\scm\e367590c-10f8-4401-b924-5839261dc94e
-
File Properties
Names c:\windows\system32\logfiles\scm\e367590c-10f8-4401-b924-5839261dc94e (Modified File)
Size 0.03 KB (28 bytes)
Hash Values MD5: ffc7ea22fe349acd66716f906c0e612f
SHA1: f81bb6a5c24494e0473f43af8ea321d4c5adf6c3
SHA256: cc379af534b336ae26ad1cde9484dd9bb5f58c22122919af2b0a227658f392c6
Actions
c:\windows\system32\logfiles\scm\6d60faa7-fe9e-4e2e-bdcd-a98bfb435a6c
-
File Properties
Names c:\windows\system32\logfiles\scm\6d60faa7-fe9e-4e2e-bdcd-a98bfb435a6c (Modified File)
Size 0.03 KB (28 bytes)
Hash Values MD5: 52bf4afa450ae3590dbedfc198970387
SHA1: f1ab8d5aecb6c7f7c790514a44a1bdf98167656d
SHA256: 9630d522c9c24fd18b87c5296de87d335096d9bffc06520b72a651a313251c7d
Actions
c:\windows\system32\logfiles\scm\e68ae95e-036a-421e-8d50-853a8b2bd168
-
File Properties
Names c:\windows\system32\logfiles\scm\e68ae95e-036a-421e-8d50-853a8b2bd168 (Modified File)
Size 0.03 KB (28 bytes)
Hash Values MD5: cf8490c2e0ad87163ebfe652e577c452
SHA1: 3b7a7cee2884cc3a78b6f968573b4eabfc418b39
SHA256: 29866a26460fd6fd901131afab18a1d1be87e6b5377bfe063f7cd48af4f9f83b
Actions
c:\windows\system32\logfiles\scm\e8cc75dc-a5f5-4267-bd93-8a3479d0a822
-
File Properties
Names c:\windows\system32\logfiles\scm\e8cc75dc-a5f5-4267-bd93-8a3479d0a822 (Modified File)
Size 0.03 KB (28 bytes)
Hash Values MD5: f7c03fa50366a3b619235e6dcfe3b893
SHA1: 2becd5cd5ae0ed9df2623bbc5c53a8399955a5c5
SHA256: 28d1331a4d95ad914a331ee53679dd92aa853a6bca544e9a1d50891d7aad0620
Actions
c:\windows\system32\logfiles\scm\57e1ab59-8b1f-47d2-ad45-7f2a4f5cdf39
-
File Properties
Names c:\windows\system32\logfiles\scm\57e1ab59-8b1f-47d2-ad45-7f2a4f5cdf39 (Modified File)
Size 0.03 KB (28 bytes)
Hash Values MD5: 9af947b1e8bed99c7810f7af04de9e98
SHA1: ada50ab9228b43f5a55d461af32cdf827798adb4
SHA256: bf1a5c3f46be8656099fc96b4826e330bf7b6434b2d595eb87e0989293348e5c
Actions
c:\windows\serviceprofiles\networkservice\debug\netsetup.log
-
File Properties
Names c:\windows\serviceprofiles\networkservice\debug\netsetup.log (Modified File)
Size 6.52 KB (6679 bytes)
Hash Values MD5: b56494b65ff74403c70b0232209a339a
SHA1: e49b2411cf70fdd302386408c01388fa2b4a7776
SHA256: dd887387e4f1d338c77d470a7298e25a50cf61b7bfaa568ff127177fa7d2bd48
Actions
c:\users\5jghkoaofdp\appdata\local\microsoft\windows\webcache\v01.chk
-
File Properties
Names c:\users\5jghkoaofdp\appdata\local\microsoft\windows\webcache\v01.chk (Modified File)
Size 8.00 KB (8192 bytes)
Hash Values MD5: c0a329af1d60bbca9c6ffb8f9988b69d
SHA1: b4fe1874e25e65d2b8d2215dd914b6aaa91be8bd
SHA256: f0e6252a5236af00a7582b5d493b4cd4f66a5a958272c102153c96cf3d63b88f
Actions
c:\users\5jghkoaofdp\appdata\local\microsoft\windows\webcache\webcachev01.dat
-
File Properties
Names c:\users\5jghkoaofdp\appdata\local\microsoft\windows\webcache\webcachev01.dat (Modified File)
Size 10.00 MB (10485760 bytes)
Hash Values MD5: d2049c3b7537a50715fa7e75405d1bfa
SHA1: 79edf5448a26c0d9b9d76c023b7148b8d9e0c78f
SHA256: 541cd61bb0b01fd9433d50a118dd599f51bef6f97560a91d10783354bbdb444d
Actions
c:\users\5jghkoaofdp\appdata\local\microsoft\windows\webcache\webcachev01.dat
-
File Properties
Names c:\users\5jghkoaofdp\appdata\local\microsoft\windows\webcache\webcachev01.dat (Modified File)
Size 10.00 MB (10485760 bytes)
Hash Values MD5: 1709294fe850f9afc93b7b6c53c7b816
SHA1: f709d16279dda27c52342d3f21cfe55cd099db2a
SHA256: 8b65dd0ea29f9f5b676cc1181345a77748ea8fb00dd5e266fbae289db77d087d
Actions
c:\users\5jghkoaofdp\appdata\local\microsoft\windows\webcache\v01.chk
-
File Properties
Names c:\users\5jghkoaofdp\appdata\local\microsoft\windows\webcache\v01.chk (Modified File)
Size 8.00 KB (8192 bytes)
Hash Values MD5: a63b85fd24057ff78815e55e07e6b698
SHA1: 97df05fef3e4c1a42a25080cadc620b87787b4be
SHA256: ef5bbf814a6a488af7ba09635cf2bbe2928708d919fc0a23868f18f1e6f79ae3
Actions
c:\users\5jghkoaofdp\appdata\local\microsoft\windows\webcache\v01.log
-
File Properties
Names c:\users\5jghkoaofdp\appdata\local\microsoft\windows\webcache\v01.log (Modified File)
Size 512.00 KB (524288 bytes)
Hash Values MD5: 7ec4d37de71cb33f097a1c7c2e233e2a
SHA1: aa400712f1c4e8d0b9238470280d0b9a9b78bf3b
SHA256: c41908de43677c9fbde7a28d0b5c77ef3312be5d377839057f556fa1b8f2d0b1
Actions
c:\users\5jghkoaofdp\appdata\local\microsoft\windows\webcache\webcachev01.dat
-
File Properties
Names c:\users\5jghkoaofdp\appdata\local\microsoft\windows\webcache\webcachev01.dat (Modified File)
Size 10.00 MB (10485760 bytes)
Hash Values MD5: c9d0d91d9e1a787076767a807593c791
SHA1: 011d7e469695f05d5dcdd05fac0dcfb0b7be4782
SHA256: edc39e96383825894017c77ee1f635dccd949739da9c161f8fdb8c6dc0ed2ec5
Actions
c:\users\5jghkoaofdp\appdata\local\microsoft\windows\explorer\iconcache_idx.db
-
File Properties
Names c:\users\5jghkoaofdp\appdata\local\microsoft\windows\explorer\iconcache_idx.db (Modified File)
Size 101.12 KB (103544 bytes)
Hash Values MD5: 54d79fffc6b3a9509aa5024f2ffbf77f
SHA1: 8f9b2e2eaf99fb65feb908054787014b350d840f
SHA256: 994f3b877c5151e1a013f616350f2335c6b8fb6f2f9d4c7407753bfb7cb43349
Actions
c:\users\5jghkoaofdp\appdata\local\microsoft\windows\explorer\iconcache_48.db
-
File Properties
Names c:\users\5jghkoaofdp\appdata\local\microsoft\windows\explorer\iconcache_48.db (Modified File)
Size 2.00 MB (2097152 bytes)
Hash Values MD5: 3d81cf78b2a26c893e013f3417b5ebeb
SHA1: d0ccf0338523c6a4b095f7f8b4bbb044b34b9e3f
SHA256: 44e71a6e699d76d5c844736e82f6ef94933167e257532a69cdd83aa559da552f
Actions
c:\windows\system32\logfiles\scm\e64595d9-e1af-4e09-8d36-1721fc82aee3
-
File Properties
Names c:\windows\system32\logfiles\scm\e64595d9-e1af-4e09-8d36-1721fc82aee3 (Modified File)
Size 0.03 KB (28 bytes)
Hash Values MD5: c0358051c5933b652d33576af828060c
SHA1: 0af8ebed5ff2484ec27390677176da47b92d6e04
SHA256: 42a902e6ec7233fabc5632ff7d41be34e6283ee34150dfa8e51e80b9031c0e3e
Actions
c:\users\5jghkoaofdp\appdata\local\microsoft\windows\explorer\thumbcache_idx.db
-
File Properties
Names c:\users\5jghkoaofdp\appdata\local\microsoft\windows\explorer\thumbcache_idx.db (Modified File)
Size 12.74 KB (13048 bytes)
Hash Values MD5: 45a156cdff525ee025a1f7c5d52e37f2
SHA1: f322a120d4a843a85a3f874bbb95dc4f77b0c8a3
SHA256: e90690e694e9c84cf67570b9da5c8f064c87937b0a7c1a6950da314ddf700899
Actions
c:\users\5jghkoaofdp\appdata\local\microsoft\windows\explorer\thumbcache_48.db
-
File Properties
Names c:\users\5jghkoaofdp\appdata\local\microsoft\windows\explorer\thumbcache_48.db (Modified File)
Size 1.00 MB (1048576 bytes)
Hash Values MD5: 9cc553aef7714001c85bfe76b481048b
SHA1: d4541d5eeac27f618e26ed3c4918b07ae54c53df
SHA256: a092422e84aff032e86379ddf67706199069ecbfc12e836d0820495341ce0770
Actions
c:\users\5jghkoaofdp\desktop\k9uoo8fw7r.encrypted.jpg
-
File Properties
Names c:\users\5jghkoaofdp\desktop\k9uoo8fw7r.encrypted.jpg (Created File)
Size 91.89 KB (94096 bytes)
Hash Values MD5: a68bf9f8d438a33cbe510005f6e874dc
SHA1: a3c741303af0316b3571ba09551b156b195df33d
SHA256: 61269a23824a019c70e6d2bc511b3ca58b1b19e0901d9877b3b5cc23842b71db
Actions
c:\users\5jghkoaofdp\desktop\kqg5xtni4dupero o1m.encrypted.jpg
-
File Properties
Names c:\users\5jghkoaofdp\desktop\kqg5xtni4dupero o1m.encrypted.jpg (Created File)
Size 85.17 KB (87216 bytes)
Hash Values MD5: 760f09c85f27d0bc3898cea6ec12bfb2
SHA1: c1ba11bb7749491ae94893ec62ae5b2f9845cbac
SHA256: fce006e9807cd3825630e132f3e5c14c578b026c5ac7f2d3f4cca58f38b793b2
Actions
c:\users\5jghkoaofdp\desktop\ostre2ekexrlom6.encrypted.jpg
-
File Properties
Names c:\users\5jghkoaofdp\desktop\ostre2ekexrlom6.encrypted.jpg (Created File)
Size 12.44 KB (12736 bytes)
Hash Values MD5: 8712a2ba179c03a3d086989b13741f44
SHA1: d445747f84d42efd5b5e52a74bd8d64bfb4813f4
SHA256: ba434835eebcfdd209a6c28e47f29d11654df328d75fee34a5b8bb9a2e0dbfa5
Actions
c:\users\5jghkoaofdp\appdata\local\microsoft\windows\caches\{3da71d5a-20cc-432f-a115-dfe92379e91f}.1.ver0x0000000000000030.db
-
File Properties
Names c:\users\5jghkoaofdp\appdata\local\microsoft\windows\caches\{3da71d5a-20cc-432f-a115-dfe92379e91f}.1.ver0x0000000000000030.db (Created File)
Size 130.03 KB (133152 bytes)
Hash Values MD5: ce6768e1270d3db4917683b342f2b5c4
SHA1: 4ae48fa0713dd79ec3e8243426b0693a6d3ec112
SHA256: 685478655604a329b90bf405f175b4eab8aca82670274b0187c80be41a5c427d
Actions
c:\users\5jghkoaofdp\desktop\4ghbrlq-jktwuq.encrypted.bmp
-
File Properties
Names c:\users\5jghkoaofdp\desktop\4ghbrlq-jktwuq.encrypted.bmp (Created File)
Size 53.39 KB (54672 bytes)
Hash Values MD5: 980fdc20d3574dcec166792ad5df9c37
SHA1: 382f94c8be36973f1b3b1ea0fa6dd9afb52e4fc2
SHA256: e49c2af279005228f4e6296948c9f19b1cca25b0bc09f6807170c87663d8eb9d
Actions
c:\users\5jghkoaofdp\desktop\b1drbf6bjih2t5r.encrypted.bmp
-
File Properties
Names c:\users\5jghkoaofdp\desktop\b1drbf6bjih2t5r.encrypted.bmp (Created File)
Size 36.88 KB (37760 bytes)
Hash Values MD5: 83fb70c75a3824acc0433299350e560d
SHA1: 355a97c3fdb3ea08794d93b0971f2cada20ec94c
SHA256: be1b6eb108483866a017b48a922e2e39cae4330d1ca002b2d188f466cb1f1508
Actions
c:\users\5jghkoaofdp\desktop\djg5lkzha.encrypted.bmp
-
File Properties
Names c:\users\5jghkoaofdp\desktop\djg5lkzha.encrypted.bmp (Created File)
Size 94.53 KB (96800 bytes)
Hash Values MD5: e6731e0cbaae9ee9555d8a0720bea8a8
SHA1: 4cb7fea782fe5a1e90e10857cb4a6ea62d0c3c51
SHA256: 2e71b395f3142cc8ac2277a8343b5103c00b2219eba017c147797353bf97b1c8
Actions
c:\users\5jghkoaofdp\desktop\frzbojgkva5c6myj.encrypted.mp4
-
File Properties
Names c:\users\5jghkoaofdp\desktop\frzbojgkva5c6myj.encrypted.mp4 (Created File)
Size 90.30 KB (92464 bytes)
Hash Values MD5: 10c1a84a32519315c52d7c62eb634392
SHA1: fd89dc77f465db303f24e0c6ebbcb51f9966be41
SHA256: d10a7d942c17af5f2d67abc15d0bdfbe74262dc63dd64a8939a03edbb827e9bf
Actions
c:\users\5jghkoaofdp\desktop\uk 6ek_ge.encrypted.png
-
File Properties
Names c:\users\5jghkoaofdp\desktop\uk 6ek_ge.encrypted.png (Created File)
Size 25.23 KB (25840 bytes)
Hash Values MD5: 39c24282dcc2cfdf1a16e0a9dcd353ed
SHA1: 7740212a7a6d04981889c3eaf3ea9d033cb32024
SHA256: 3793173ad68dd2c7672ddedefdd82972f8108f53696d3a9b72e57fbbcb04e6bb
Actions
c:\users\5jghkoaofdp\desktop\ur9w.encrypted.mp3
-
File Properties
Names c:\users\5jghkoaofdp\desktop\ur9w.encrypted.mp3 (Created File)
Size 60.31 KB (61760 bytes)
Hash Values MD5: 85059cccd2f0472cd50f45dfd1a7ea73
SHA1: 1c4328fb34d4c3777daea38904d0185df3e2d60a
SHA256: 48d2d6d30fa8534a5c172cd867fffb6646c1fa9731ab84cead010826ab1af132
Actions
c:\users\5jghkoaofdp\desktop\xe_1j.encrypted.avi
-
File Properties
Names c:\users\5jghkoaofdp\desktop\xe_1j.encrypted.avi (Created File)
Size 30.41 KB (31136 bytes)
Hash Values MD5: 0820b196964244383636e3e10ac13f73
SHA1: 3de767680bc25c995536ab7e3f86e77f99172f1e
SHA256: eb90f565bb5a91eef0f0ae385e55504966c29b28f5e022365cf740d22057a2af
Actions
c:\users\5jghkoaofdp\desktop\ypmyrw0yu.encrypted.mp3
-
File Properties
Names c:\users\5jghkoaofdp\desktop\ypmyrw0yu.encrypted.mp3 (Created File)
Size 79.75 KB (81664 bytes)
Hash Values MD5: 40ae53155c9e7aa00db5d28fc6195ad3
SHA1: 00709944738ba3518b1de353ed414cd2b5733c0d
SHA256: 26fc40822c979da7e22395d77c5874944ffa64c62c5285b025971dc5bcd235c5
Actions
c:\users\5jghkoaofdp\appdata\local\microsoft\windows\webcache\v01.chk
-
File Properties
Names c:\users\5jghkoaofdp\appdata\local\microsoft\windows\webcache\v01.chk (Modified File)
Size 8.00 KB (8192 bytes)
Hash Values MD5: e02b40d4bd8e3c633a252441a18b2e7e
SHA1: 246fbc5482780f94e0bed0e97beb7d33fcaa0652
SHA256: f4069b141e8ca6330b9d5aabf5343dbc439daa72de942bcf09efe8d4c4908cfd
Actions
c:\users\5jghkoaofdp\appdata\local\microsoft\windows\explorer\thumbcache_idx.db
-
File Properties
Names c:\users\5jghkoaofdp\appdata\local\microsoft\windows\explorer\thumbcache_idx.db (Modified File)
Size 12.74 KB (13048 bytes)
Hash Values MD5: c8ee59a8ee59dc0c3d31da2f99f60583
SHA1: e196ea94b697b57a4fa2adcd4a2f84dc2a734941
SHA256: 64d1e5aa8ea78771f3fa1068daad15908e42f5b3f1fa5e20c4e63530e5b70912
Actions
c:\windows\system32\logfiles\scm\d00e7cb4-f82a-4a72-ab0f-7bb86dca6f2f
-
File Properties
Names c:\windows\system32\logfiles\scm\d00e7cb4-f82a-4a72-ab0f-7bb86dca6f2f (Modified File)
Size 0.03 KB (28 bytes)
Hash Values MD5: 8f1e6ad6d0a94df3d72bb909ce62549b
SHA1: 0184ec3f2e7138cfc357f6d679fac92593bf1625
SHA256: 181dd19806e5066a683aae3ba8c4bdb5635fa808061c3cf04028fa9e00c6e95b
Actions
c:\windows\system32\logfiles\scm\05293577-d647-4185-b859-c94839a0b2e3
-
File Properties
Names c:\windows\system32\logfiles\scm\05293577-d647-4185-b859-c94839a0b2e3 (Modified File)
Size 0.03 KB (28 bytes)
Hash Values MD5: 94a2a919380a8c77e922342d3a67fe3e
SHA1: 851548d2135cdf13f45d70866ffea47938f146ad
SHA256: 3d1e5923e6b0ca73d0b19f21410fa69e07f8f28443364261bb267abeaa7ee29c
Actions
c:\windows\system32\logfiles\scm\05293577-d647-4185-b859-c94839a0b2e3
-
File Properties
Names c:\windows\system32\logfiles\scm\05293577-d647-4185-b859-c94839a0b2e3 (Modified File)
Size 0.03 KB (28 bytes)
Hash Values MD5: 1458b179cf4dd998f5a4da726a7a7d37
SHA1: 33345fdff0c903ed85410a1f3ab390a3670c951a
SHA256: 8aba2b1d68ec14f61f8353bebae4422df521330b43bfd94e80c053f3e82f3dd3
Actions
c:\windows\system32\logfiles\scm\05293577-d647-4185-b859-c94839a0b2e3
-
File Properties
Names c:\windows\system32\logfiles\scm\05293577-d647-4185-b859-c94839a0b2e3 (Modified File)
Size 0.03 KB (28 bytes)
Hash Values MD5: 1d528ee9fdf7535ee0dbb74f12f4d0a2
SHA1: caaf3d2a972d66509dc2e0fc42602ba2bdafe14b
SHA256: 5445028623f9ee8952fec0c033ab175710f3e381d3b23134b339e1784d7283cf
Actions
c:\windows\system32\logfiles\scm\05293577-d647-4185-b859-c94839a0b2e3
-
File Properties
Names c:\windows\system32\logfiles\scm\05293577-d647-4185-b859-c94839a0b2e3 (Modified File)
Size 0.03 KB (28 bytes)
Hash Values MD5: ce7682704c05f4fcbc4a43eb44d2cc09
SHA1: 55ec04e852d72929427c0657b7abe43f0decddf5
SHA256: 73790bba0fe9e629765ebc7b8e805941470e65c136fcebe7c6d4ea8110f793b9
Actions
c:\windows\system32\logfiles\scm\05293577-d647-4185-b859-c94839a0b2e3
-
File Properties
Names c:\windows\system32\logfiles\scm\05293577-d647-4185-b859-c94839a0b2e3 (Modified File)
Size 0.03 KB (28 bytes)
Hash Values MD5: fc608f5bd33ad025a2cb9133ba7980a5
SHA1: 52384c3d2be69cb41eb3935e5d66d09d695d52d3
SHA256: 770f0e81e0c0180ba303a37ad8aa3535ca2369e0fbd662dc29f8e23fb7670ba6
Actions
c:\users\5jghkoaofdp\appdata\local\microsoft\windows\explorer\iconcache_32.db
-
File Properties
Names c:\users\5jghkoaofdp\appdata\local\microsoft\windows\explorer\iconcache_32.db (Modified File)
Size 2.00 MB (2097152 bytes)
Hash Values MD5: b972932791098649eb4427f1b4e4237f
SHA1: 11d95a6eb4c26d5ffd9ca95a7e8c2c4c20c69988
SHA256: 871ddb4035d0faf0dcecc02787a66373db10a728247f25bccbe165d1699a4afd
Actions
c:\windows\system32\logfiles\scm\c4ae3c3e-c327-4689-b6fd-c11fb31ae88b
-
File Properties
Names c:\windows\system32\logfiles\scm\c4ae3c3e-c327-4689-b6fd-c11fb31ae88b (Modified File)
Size 0.03 KB (28 bytes)
Hash Values MD5: 215fa39705ac907c9f4088f48ebc16b9
SHA1: c713a2f13d258d35598c1edf62c960dc1e61502d
SHA256: 6462eadff61a9c6474f6cd2e93725fa6e0ffaba0cc3a65d2c2f28daf43889480
Actions
c:\windows\system32\logfiles\scm\6d60faa7-fe9e-4e2e-bdcd-a98bfb435a6c
-
File Properties
Names c:\windows\system32\logfiles\scm\6d60faa7-fe9e-4e2e-bdcd-a98bfb435a6c (Modified File)
Size 0.03 KB (28 bytes)
Hash Values MD5: 9e95391b51861a6ce889952fd4dc8012
SHA1: f218d2e30764b0018b2fa8ead20f4aab132dda95
SHA256: 561de5faa42303a081c7405d3618173c7f9707f66ffa21b27521f594a4b24f42
Actions
c:\windows\system32\logfiles\scm\57e1ab59-8b1f-47d2-ad45-7f2a4f5cdf39
-
File Properties
Names c:\windows\system32\logfiles\scm\57e1ab59-8b1f-47d2-ad45-7f2a4f5cdf39 (Modified File)
Size 0.03 KB (28 bytes)
Hash Values MD5: 68fc9d959c856d3c3a05db0b1b64519f
SHA1: 7c6497978bd53c2f6cdedd22b091c426bcea450b
SHA256: 5a9cf2cba8570ea4bb519463e77c2e1463e16631e1f29a28efc32a1243ec37e1
Actions
c:\users\5jghkoaofdp\appdata\local\microsoft\windows\explorer\thumbcache_idx.db
-
File Properties
Names c:\users\5jghkoaofdp\appdata\local\microsoft\windows\explorer\thumbcache_idx.db (Modified File)
Size 12.74 KB (13048 bytes)
Hash Values MD5: 351ae137b43526340747bd188e7a5441
SHA1: 2117a217ec4320e1d5ff42f17d8c564f45d5d6b7
SHA256: a358ba63923f77b862710cfdfba5516517be582209e946f1bd9abe8297a6b2ac
Actions
c:\users\5jghkoaofdp\appdata\local\microsoft\windows\explorer\thumbcache_256.db
-
File Properties
Names c:\users\5jghkoaofdp\appdata\local\microsoft\windows\explorer\thumbcache_256.db (Modified File)
Size 1.00 MB (1048576 bytes)
Hash Values MD5: 5d674eca10e83c08b1ec52c3ddc4b0aa
SHA1: 9c74ca6eab9ed7c3a5d65fe846638bb6d42e9220
SHA256: 5b4fb9353a82a5627fe66db1483d3656acf85f52bb3b1863413d79ec89232485
Actions
c:\users\5jghkoaofdp\appdata\local\microsoft\windows\explorer\thumbcache_256.db
-
File Properties
Names c:\users\5jghkoaofdp\appdata\local\microsoft\windows\explorer\thumbcache_256.db (Modified File)
Size 1.00 MB (1048576 bytes)
Hash Values MD5: f5c03b9e9744b10ebc66c808c7f25be0
SHA1: efad873653b9ef23dda6ada58c5e845c43023dd9
SHA256: ec7b36f3621bf8035d5e5333faaa293b21cc6438e0646813fe46202f9abf4a14
Actions
c:\users\5jghkoaofdp\desktop\0-0nsqtjx3oqok.encrypted.docx
-
File Properties
Names c:\users\5jghkoaofdp\desktop\0-0nsqtjx3oqok.encrypted.docx (Created File)
Size 67.91 KB (69536 bytes)
Hash Values MD5: c73c9e08a23aab918b0022c37f3bbd03
SHA1: d98475693e54efa2a80879e01c9f572495d0a2b8
SHA256: fca4a8eae9c17d525c6d3a006f7e1d332ad2975a307c5487b2d42b55a259eaef
Actions
c:\users\5jghkoaofdp\appdata\local\microsoft\windows\explorer\iconcache_32.db
-
File Properties
Names c:\users\5jghkoaofdp\appdata\local\microsoft\windows\explorer\iconcache_32.db (Modified File)
Size 2.00 MB (2097152 bytes)
Hash Values MD5: 2b47d9507d24a0917aac281eabfc53a1
SHA1: d16abf42d18524082cb44958754d828f7c77203c
SHA256: 8fc2f37c92322317eabc6303c24ae9241594d73420c5df4c237338adb3e650d2
Actions
c:\users\5jghkoaofdp\desktop\cchnli nseui.encrypted.mp3
-
File Properties
Names c:\users\5jghkoaofdp\desktop\cchnli nseui.encrypted.mp3 (Created File)
Size 5.83 KB (5968 bytes)
Hash Values MD5: 640b1339f17aede2881af1ab059658d9
SHA1: 2de17d959a3827be3338bebeb537e38ad7ebe028
SHA256: 49ddba6f04e525494e892afae7beac4d467c046bd90b9214e1150234d00e1d9c
Actions
c:\users\5jghkoaofdp\desktop\k3ebs8.encrypted.docx
-
File Properties
Names c:\users\5jghkoaofdp\desktop\k3ebs8.encrypted.docx (Created File)
Size 19.75 KB (20224 bytes)
Hash Values MD5: 8646a831d8aa6b5cdb95285c310de920
SHA1: 25f3599cd5f77eb5da49b54d910539b485441d75
SHA256: 9b6abb86be95d8762d6459910e4d3e029008f71848102b0961f0d1993e410fb1
Actions
c:\windows\system32\logfiles\scm\e64595d9-e1af-4e09-8d36-1721fc82aee3
-
File Properties
Names c:\windows\system32\logfiles\scm\e64595d9-e1af-4e09-8d36-1721fc82aee3 (Modified File)
Size 0.03 KB (28 bytes)
Hash Values MD5: 0aa88ca5fd61b38499d62ea24c1b5979
SHA1: 0db37a7b1d0b3804ee7c22831127a292873f12d8
SHA256: 9f9554cae1295c7d4a30932c953f73bb92fb9a3e43ccd935fc22be3f3a67c461
Actions
c:\progra~1\common~1\3123635631
-
File Properties
Names c:\progra~1\common~1\3123635631 (Created File)
Size 0.00 KB (4 bytes)
Hash Values MD5: a54f0041a9e15b050f25c463f1db7449
SHA1: d9be6524a5f5047db5866813acf3277892a7a30a
SHA256: ad95131bc0b799c0b1af477fb14fcf26a6a9f76079e48bf090acb7e8367bfd0e
Actions
c:\windows\system32\logfiles\scm\e68ae95e-036a-421e-8d50-853a8b2bd168
-
File Properties
Names c:\windows\system32\logfiles\scm\e68ae95e-036a-421e-8d50-853a8b2bd168 (Modified File)
Size 0.03 KB (28 bytes)
Hash Values MD5: 93b5caeb2789daf0744e959277b3dc8a
SHA1: dd300ee487b8c12d4f4d14089932189da8f067d7
SHA256: 3a7e92d202f57deb08162ebd813f754f3a584d5ebbbbc801d7f3521e7cad2f20
Actions
c:\users\5jghkoaofdp\appdata\local\microsoft\windows\explorer\iconcache_32.db
-
File Properties
Names c:\users\5jghkoaofdp\appdata\local\microsoft\windows\explorer\iconcache_32.db (Modified File)
Size 2.00 MB (2097152 bytes)
Hash Values MD5: 923e57e26f18c8029600d434236873b0
SHA1: 853ff150acd5d43464926252a202e3d80c80c982
SHA256: 269d94c9b3e7f18c144ef9a64362a45fdf26cbb9f3396318b5f2bef98573a7a6
Actions
c:\users\5jghkoaofdp\appdata\local\microsoft\windows\notifications\3ef54ae93acb11e78251b4475e61765c\aaph4da[3].jpg
-
File Properties
Names c:\users\5jghkoaofdp\appdata\local\microsoft\windows\notifications\3ef54ae93acb11e78251b4475e61765c\aaph4da[3].jpg (Created File)
Size 56.41 KB (57767 bytes)
Hash Values MD5: 2efe4509bfa413143a3ea9d92b3f814d
SHA1: 0910f4778a1170098a4898f965f7d9407482c395
SHA256: 7b92ee513ca6154bfbda5c7ab445197c21dab6e7f12e04649bb009e7803b1165
Actions
c:\windows\prefetch\dllhost.exe-74cfcb84.pf
-
File Properties
Names c:\windows\prefetch\dllhost.exe-74cfcb84.pf (Modified File)
Size 54.31 KB (55614 bytes)
Hash Values MD5: d90316213a64a3da50bf111b361f9fb0
SHA1: c2ada64c247d8527ef84e1fa4353d207d3b3960b
SHA256: c2362d72a655835233a463e2965f0c65bae695d0999cda281b7999a850ca768b
Actions
c:\windows\prefetch\armsvc.exe-28c8c2ba.pf
-
File Properties
Names c:\windows\prefetch\armsvc.exe-28c8c2ba.pf (Modified File)
Size 15.96 KB (16340 bytes)
Hash Values MD5: ea67fb16c9b4544fd1daad988d6c2694
SHA1: a98e3d5ad48c459ac0e03ff165319f712f61439b
SHA256: 104dd3c5f47e3477f8fbe0651cbe06b19f07c2f0599e623232815950f71f7905
Actions
c:\windows\prefetch\taskhost.exe-9d9f554c.pf
-
File Properties
Names c:\windows\prefetch\taskhost.exe-9d9f554c.pf (Modified File)
Size 54.36 KB (55662 bytes)
Hash Values MD5: abab1244f0938fe2208d1007b1c909e0
SHA1: a1a6ba10da0980207d7eb2fc027aa24c04176a23
SHA256: 0d123d7dcbdc15146f4ad902b709a53f5a2542cbc28a16dc019dafd754b04f7e
Actions
c:\windows\prefetch\svchost.exe-135a30d8.pf
-
File Properties
Names c:\windows\prefetch\svchost.exe-135a30d8.pf (Modified File)
Size 17.83 KB (18258 bytes)
Hash Values MD5: 874d3440ab0f60c4f7015f15424a753c
SHA1: 929975884a2469e566303e6ed51cd0c42341078c
SHA256: 17dc862c8bbc69e5e1a7fd0a6b1201cdeeb854cefa952563eb406d47a5e67d39
Actions
c:\windows\prefetch\mobsync.exe-d8bc6ed2.pf
-
File Properties
Names c:\windows\prefetch\mobsync.exe-d8bc6ed2.pf (Modified File)
Size 27.24 KB (27896 bytes)
Hash Values MD5: 83a1b0045608c2fa712882b60659d0a6
SHA1: 18d88e87a453f36e1b7333900e4ce64fc0d8e10e
SHA256: 08d167753f96f6aff9e0d9412229fc5945f46a0af4674b66320431665e69f819
Actions
c:\windows\prefetch\audiodg.exe-d0d776ac.pf
-
File Properties
Names c:\windows\prefetch\audiodg.exe-d0d776ac.pf (Modified File)
Size 23.21 KB (23766 bytes)
Hash Values MD5: 82a5eb68412fd70c96c8666fd4443af0
SHA1: 4ba36856a84009095ccc546ef34c31e21f56bc5c
SHA256: 0a563ed339d911b2454c1b4912e0210f750935c2641e7de21a06361b09ae9e4f
Actions
c:\users\5jghkoaofdp\appdata\local\microsoft\windows\notifications\3ef54ae93acb11e78251b4475e61765c\aaphss5[1].jpg
-
File Properties
Names c:\users\5jghkoaofdp\appdata\local\microsoft\windows\notifications\3ef54ae93acb11e78251b4475e61765c\aaphss5[1].jpg (Created File)
Size 6.66 KB (6817 bytes)
Hash Values MD5: 7d44e6f65c3e2e657697136b8009c80e
SHA1: 84ab095f362939907deb2a955b29b77f6d8b1cb4
SHA256: dc310b4c8a65b1777aee8be67ef3cde8b984bf7d080b4516889a92d434f3258a
Actions
c:\windows\prefetch\thumbnailextractionhost.exe-64f19b6a.pf
-
File Properties
Names c:\windows\prefetch\thumbnailextractionhost.exe-64f19b6a.pf (Modified File)
Size 15.17 KB (15536 bytes)
Hash Values MD5: 00c23bca01024283dcbc755037a6403c
SHA1: d4277a6697a86009c05cf7b6301346029a40e2d6
SHA256: 8f1519391909568589313b38c64011166b22060529d1c9bae314dc3090b0e5ba
Actions
c:\users\5jghkoaofdp\appdata\local\microsoft\windows\explorer\iconcache_48.db
-
File Properties
Names c:\users\5jghkoaofdp\appdata\local\microsoft\windows\explorer\iconcache_48.db (Modified File)
Size 2.00 MB (2097152 bytes)
Hash Values MD5: 9a490f77a6e3187645f2cc5e7b384cc3
SHA1: 9d424210c9e2edd89b37a76335e30c1cdea6ed49
SHA256: 41116ac92b85fd3600548520121e0ffac7dffddd12adc9a193d6dd3b675d1ca2
Actions
c:\windows\system32\catroot2\{127d0a1d-4ef2-11d1-8608-00c04fc295ee}\catdb
-
File Properties
Names c:\windows\system32\catroot2\{127d0a1d-4ef2-11d1-8608-00c04fc295ee}\catdb (Modified File)
Size 1.01 MB (1056768 bytes)
Hash Values MD5: d59f39f484420cbc27a8bc3aa6bd6471
SHA1: ebf69264f49ae84edc546969a4768a853aed7efd
SHA256: 2771585a4c94725ee59e233dcb7246c5368e2e811c8456349a2963b4300e86c7
Actions
c:\windows\system32\catroot2\{f750e6c3-38ee-11d1-85e5-00c04fc295ee}\catdb
-
File Properties
Names c:\windows\system32\catroot2\{f750e6c3-38ee-11d1-85e5-00c04fc295ee}\catdb (Modified File)
Size 10.00 MB (10485760 bytes)
Hash Values MD5: d0051cc0ae6cf2e2cb9793228bb99106
SHA1: 2415cc2bf98ea08f3b6a293cb256f25d6d17e572
SHA256: 82ac24ac82e7e2d73fe0a137091e3d8f63af88633b2e06311243ff72528dfa35
Actions
c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{cb4dd493-4d29-43d0-9097-3e1fdad4e75f}\snapshot.etl
-
File Properties
Names c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{cb4dd493-4d29-43d0-9097-3e1fdad4e75f}\snapshot.etl (Created File)
Size 160.00 KB (163840 bytes)
Hash Values MD5: fe543691f58c12331d822133069d8b5e
SHA1: f2d1bb972e21ae6341e1f0a8b03cc24965ce5609
SHA256: f88ede51a418e2e47264d6508453cb1993ebd117997494192fa74581c2d957e6
Actions
c:\windows\system32\wdi\shutdownperformancediagnostics_systemdata.bin
-
File Properties
Names c:\windows\system32\wdi\shutdownperformancediagnostics_systemdata.bin (Modified File)
Size 6.93 KB (7092 bytes)
Hash Values MD5: bf075a961d070dddae149b8a63b56ad0
SHA1: 5258dd739f93491a17cb71c03b14c9fd3904732b
SHA256: fce829cf38484f8ce20db60f9ebbd4428ad6004442bae02a2aa7a09b9a83821b
Actions
c:\windows\system32\wdi\bootperformancediagnostics_systemdata.bin
-
File Properties
Names c:\windows\system32\wdi\bootperformancediagnostics_systemdata.bin (Modified File)
Size 23.94 KB (24518 bytes)
Hash Values MD5: 7ee625a706a233e3965c408efbe73be9
SHA1: bd0894bef3cfc9bb8d22aede6e7e23bc840456cb
SHA256: 0db0a17192c8d72b51eb57400dda067c615511bb3708c1bbb060106459c69cab
Actions
c:\windows\system32\wdi\logfiles\startupinfo\s-1-5-21-3643094112-4209292109-138530109-1001_startupinfo1.xml
-
File Properties
Names c:\windows\system32\wdi\logfiles\startupinfo\s-1-5-21-3643094112-4209292109-138530109-1001_startupinfo1.xml (Created File)
Size 0.46 KB (474 bytes)
Hash Values MD5: dc52c77ba46b44655f97ba4ccf518971
SHA1: 12a505709171b0d96100a68d4175f143476bb857
SHA256: 838c76c30914d58626125ddd5d55d5daee8074abf3db3de2edd0f6f69dda659c
Actions
c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\s-1-5-21-3643094112-4209292109-138530109-1001_userdata.bin
-
File Properties
Names c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\s-1-5-21-3643094112-4209292109-138530109-1001_userdata.bin (Modified File)
Size 2.63 KB (2696 bytes)
Hash Values MD5: b99c38d695ad8ccc814a15950562b498
SHA1: aec5bafa6214371e770d8b6f0674309bb9dba426
SHA256: 92ebadfcd5f83fa16909986ed6e31348d7c3be0d05aa4c3d0570c8b7aa064119
Actions
c:\windows\bootstat.dat
-
File Properties
Names c:\windows\bootstat.dat (Modified File)
Size 66.00 KB (67584 bytes)
Hash Values MD5: 7decec08da5969ceed3bbe8b7ffe30cf
SHA1: 084e1f428df69d957963a63ed6df7d7970941d76
SHA256: c2503e26e6f2a4a195c61634e71c8c90a37a7fd55a12a72263e647e96724097d
Actions
c:\windows\system32\spp\store\2.0\data.dat.tmp, ...
-
File Properties
Names c:\windows\system32\spp\store\2.0\data.dat.tmp (Created File)
c:\windows\system32\spp\store\2.0\data.dat.bak (Created File)
c:\windows\system32\spp\store\2.0\data.dat (Created File)
Size 36.64 KB (37520 bytes)
Hash Values MD5: ec1abca3d8d1cf4cb5fe6cff5b19930c
SHA1: 88ae788f97ffe0a67b4665d931a459491a875297
SHA256: 047b76c8fc87787b5328077ccf0c68c3682be1d481376b46af55d7790c61c8cf
Actions
c:\windows\prefetch\sppsvc.exe-cbe91656.pf
-
File Properties
Names c:\windows\prefetch\sppsvc.exe-cbe91656.pf (Modified File)
Size 85.53 KB (87586 bytes)
Hash Values MD5: 2210eeab12728dec91b8c04384f08e3b
SHA1: ebce2cfdb9579ccc0c4b1a91c46525820c6e61c6
SHA256: 26bfda619988489f36efb65f07583b2d80ee5e3d19b8733c045498fe8fb395e8
Actions
c:\windows\system32\tasks\microsoft\windows\softwareprotectionplatform\svcrestarttask
-
File Properties
Names c:\windows\system32\tasks\microsoft\windows\softwareprotectionplatform\svcrestarttask (Modified File)
Size 4.57 KB (4680 bytes)
Hash Values MD5: f815f92ee7ab01bd044b9fedb76da871
SHA1: 5534e21e767988e75ab4ff7f6431682f53560253
SHA256: 7175f4a8ee223c9a92e155a5856ffedbfc3e8fa9b6901d242c566d660161fd2a
Actions
c:\windows\system32\spp\store\2.0\cache\cache.dat
-
File Properties
Names c:\windows\system32\spp\store\2.0\cache\cache.dat (Modified File)
Size 799.92 KB (819120 bytes)
Hash Values MD5: 0916790b7daa7c8607c2f69cdf9b4d3d
SHA1: b35a21d9340e1ea9f82815253f79ee8f0352e2da
SHA256: 3d7adb9d7884010b48ad04b51e31902faf5b5602b7216186031369b918fcd192
Actions
Function Logfile
Download-Icon
Exit-Icon

This feature requires an online-connection to the VMRay backend.

An offline version with limited functionality is also provided.
The offline version is supported only in Mozilla Firefox with deactivated setting "security.fileuri.strict_origin_policy". 


    

   

   

    

     
      

       
       
       
       
      

     
     
     
    

   

  

  

   

    
    

     Screenshot
    

    

     Expand-Icon
    

    

     Exit-Icon
    

   

   

    

     icon_left
    

    

     icon_left
    

   

   

   

   

    image