d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874 (SHA256)
d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar
Java Archive
Created at 2018-02-24 20:28:00
Monitored Processes
Behavior Information - Sequential View
Process #1: java.exe
9761
9
| Information | Value |
|---|---|
| ID | #1 |
| File Name | c:\program files\java\jre7\bin\java.exe |
| Command Line | "C:\Program Files\Java\jre7\bin\java.exe" -jar "C:\Users\EEBsYm5\Desktop\D01AA4~1.JAR" |
| Initial Working Directory | C:\Users\EEBsYm5\Desktop\ |
| Monitor | Start Time: 00:00:32, Reason: Analysis Target |
| Unmonitor | End Time: 00:02:41, Reason: Terminated by Timeout |
| Monitor Duration | 00:02:09 |
OS Process Information
| Information | Value |
|---|---|
| PID | 0xa14 |
| Parent PID | 0x60c (c:\windows\explorer.exe) |
| Is Created or Modified Executable |
|
| Integrity Level | High (Elevated) |
| Username | CRH2YWU7\EEBsYm5 |
| Enabled Privileges | SeChangeNotifyPrivilege, SeImpersonatePrivilege, SeCreateGlobalPrivilege |
| Thread IDs |
0x
A18
0x
A2C
0x
A30
0x
A34
0x
A38
0x
A44
0x
A3C
0x
A40
0x
A4C
0x
A48
0x
A58
0x
AC4
0x
AC8
0x
ACC
0x
AD0
0x
B18
0x
B1C
0x
D0C
0x
D28
|
Region
| Name | Start VA | End VA | Type | Permissions | Monitored | Dumped | YARA | Actions |
|---|---|---|---|---|---|---|---|---|
| private_0x0000000000010000 | 0x00010000 | 0x0002ffff | Private Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x0000000000010000 | 0x00010000 | 0x0001ffff | Pagefile Backed Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x0000000000020000 | 0x00020000 | 0x0002ffff | Pagefile Backed Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x0000000000030000 | 0x00030000 | 0x00033fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| pagefile_0x0000000000040000 | 0x00040000 | 0x00042fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| locale.nls | 0x00050000 | 0x000b6fff | Memory Mapped File | Readable |
|
|
|
- |
| pagefile_0x00000000000c0000 | 0x000c0000 | 0x00187fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| private_0x0000000000190000 | 0x00190000 | 0x00190fff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x00000000001a0000 | 0x001a0000 | 0x001a0fff | Private Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x00000000001b0000 | 0x001b0000 | 0x001b0fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| pagefile_0x00000000001c0000 | 0x001c0000 | 0x001c1fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| private_0x00000000001d0000 | 0x001d0000 | 0x0021ffff | Private Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x0000000000220000 | 0x00220000 | 0x00320fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| pagefile_0x0000000000330000 | 0x00330000 | 0x00336fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| pagefile_0x0000000000340000 | 0x00340000 | 0x00341fff | Pagefile Backed Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000000350000 | 0x00350000 | 0x00350fff | Private Memory | Readable |
|
|
|
- |
| private_0x0000000000360000 | 0x00360000 | 0x00360fff | Private Memory | Readable, Writable |
|
|
|
- |
| 2580 | 0x00370000 | 0x0037ffff | Memory Mapped File | Readable, Writable |
|
|
|
- |
| private_0x0000000000380000 | 0x00380000 | 0x0038ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000000390000 | 0x00390000 | 0x0039ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x00000000003a0000 | 0x003a0000 | 0x003affff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x00000000003c0000 | 0x003c0000 | 0x004bffff | Private Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x00000000004c0000 | 0x004c0000 | 0x010bffff | Pagefile Backed Memory | Readable |
|
|
|
- |
| private_0x00000000010c0000 | 0x010c0000 | 0x011bffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x00000000011c0000 | 0x011c0000 | 0x011effff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000001210000 | 0x01210000 | 0x0121ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000001230000 | 0x01230000 | 0x0123ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000001240000 | 0x01240000 | 0x0129ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x00000000012a0000 | 0x012a0000 | 0x012effff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x00000000012f0000 | 0x012f0000 | 0x0136ffff | Private Memory | Readable, Writable |
|
|
|
- |
| rsaenh.dll | 0x01370000 | 0x013abfff | Memory Mapped File | Readable |
|
|
|
- |
| java.exe | 0x013b0000 | 0x013defff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| pagefile_0x00000000013e0000 | 0x013e0000 | 0x017d2fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| private_0x00000000017e0000 | 0x017e0000 | 0x018dffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x00000000018e0000 | 0x018e0000 | 0x038dffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x00000000038e0000 | 0x038e0000 | 0x0398ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x00000000039d0000 | 0x039d0000 | 0x03a1ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000003a50000 | 0x03a50000 | 0x03a9ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000003ad0000 | 0x03ad0000 | 0x03b1ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000003b50000 | 0x03b50000 | 0x03b9ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000003ba0000 | 0x03ba0000 | 0x03beffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000003c00000 | 0x03c00000 | 0x03c4ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000003c50000 | 0x03c50000 | 0x03e02fff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000003c70000 | 0x03c70000 | 0x03cbffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000003cd0000 | 0x03cd0000 | 0x03d1ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000003d50000 | 0x03d50000 | 0x03d9ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000003da0000 | 0x03da0000 | 0x03f9ffff | Private Memory | Readable, Writable |
|
|
|
- |
| sortdefault.nls | 0x03fa0000 | 0x0426efff | Memory Mapped File | Readable |
|
|
|
- |
| private_0x0000000004270000 | 0x04270000 | 0x0442ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000004270000 | 0x04270000 | 0x0435ffff | Private Memory | Readable, Writable |
|
|
|
- |
| kernelbase.dll.mui | 0x04270000 | 0x0432ffff | Memory Mapped File | Readable, Writable |
|
|
|
- |
| private_0x0000000004350000 | 0x04350000 | 0x0435ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x00000000043a0000 | 0x043a0000 | 0x043effff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x00000000043f0000 | 0x043f0000 | 0x0442ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000004430000 | 0x04430000 | 0x0482ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000004830000 | 0x04830000 | 0x0495ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000004880000 | 0x04880000 | 0x048cffff | Private Memory | Readable, Writable |
|
|
|
- |
| rpcss.dll | 0x048d0000 | 0x0492bfff | Memory Mapped File | Readable |
|
|
|
- |
| private_0x0000000004950000 | 0x04950000 | 0x0495ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000004960000 | 0x04960000 | 0x04abffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000004960000 | 0x04960000 | 0x04a5ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000004a80000 | 0x04a80000 | 0x04abffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000004ac0000 | 0x04ac0000 | 0x052bffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x00000000052d0000 | 0x052d0000 | 0x0531ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000005320000 | 0x05320000 | 0x053dffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x00000000053f0000 | 0x053f0000 | 0x0543ffff | Private Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x0000000005440000 | 0x05440000 | 0x0551efff | Pagefile Backed Memory | Readable |
|
|
|
- |
| private_0x0000000023860000 | 0x23860000 | 0x28daffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000028db0000 | 0x28db0000 | 0x3385ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000033860000 | 0x33860000 | 0x3785ffff | Private Memory | Readable, Writable |
|
|
|
- |
| classes.jsa | 0x37860000 | 0x37c9ffff | Memory Mapped File | Readable |
|
|
|
- |
| private_0x0000000037ca0000 | 0x37ca0000 | 0x3825ffff | Private Memory | Readable, Writable |
|
|
|
- |
| classes.jsa | 0x38260000 | 0x388affff | Memory Mapped File | Readable, Writable |
|
|
|
- |
| private_0x00000000388b0000 | 0x388b0000 | 0x38e5ffff | Private Memory | Readable, Writable |
|
|
|
- |
| classes.jsa | 0x38e60000 | 0x390cffff | Memory Mapped File | Readable, Writable |
|
|
|
- |
| private_0x00000000390d0000 | 0x390d0000 | 0x3925ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000039260000 | 0x39260000 | 0x3926ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000039270000 | 0x39270000 | 0x3965ffff | Private Memory | Readable, Writable |
|
|
|
- |
| awt.dll | 0x6cc60000 | 0x6cda2fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| jvm.dll | 0x6cf60000 | 0x6d2dffff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| winmm.dll | 0x6eae0000 | 0x6eb11fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| rasadhlp.dll | 0x6eb20000 | 0x6eb25fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| sunmscapi.dll | 0x6f470000 | 0x6f478fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| sunec.dll | 0x6f480000 | 0x6f49ffff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| net.dll | 0x6f4a0000 | 0x6f4b3fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| zip.dll | 0x6f4c0000 | 0x6f4d2fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| nio.dll | 0x6f570000 | 0x6f57efff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| java.dll | 0x6f580000 | 0x6f59ffff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| msvcr100.dll | 0x6f5a0000 | 0x6f65efff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| verify.dll | 0x71c10000 | 0x71c1bfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| wsock32.dll | 0x71ce0000 | 0x71ce6fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| fwpuclnt.dll | 0x73380000 | 0x733b7fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| winnsi.dll | 0x734c0000 | 0x734c6fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| iphlpapi.dll | 0x734d0000 | 0x734ebfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| nlaapi.dll | 0x735e0000 | 0x735effff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| winrnr.dll | 0x73c20000 | 0x73c27fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| pnrpnsp.dll | 0x73c30000 | 0x73c41fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| napinsp.dll | 0x73c60000 | 0x73c6ffff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| dwmapi.dll | 0x73da0000 | 0x73db2fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| uxtheme.dll | 0x740d0000 | 0x7410ffff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| comctl32.dll | 0x74250000 | 0x743edfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| wshtcpip.dll | 0x74850000 | 0x74854fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| userenv.dll | 0x74920000 | 0x74936fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| rsaenh.dll | 0x74ae0000 | 0x74b1afff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| dnsapi.dll | 0x74bc0000 | 0x74c03fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| wship6.dll | 0x74cf0000 | 0x74cf5fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| mswsock.dll | 0x74d00000 | 0x74d3bfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| cryptsp.dll | 0x74d40000 | 0x74d55fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| cryptbase.dll | 0x751c0000 | 0x751cbfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| profapi.dll | 0x75270000 | 0x7527afff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| msasn1.dll | 0x752e0000 | 0x752ebfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| crypt32.dll | 0x75320000 | 0x7543cfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| kernelbase.dll | 0x75490000 | 0x754d9fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| shell32.dll | 0x75570000 | 0x761b9fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| rpcrt4.dll | 0x761c0000 | 0x76260fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| sechost.dll | 0x76470000 | 0x76488fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| ws2_32.dll | 0x76630000 | 0x76664fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| imm32.dll | 0x76920000 | 0x7693efff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| gdi32.dll | 0x76970000 | 0x769bdfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| user32.dll | 0x769c0000 | 0x76a88fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| shlwapi.dll | 0x76a90000 | 0x76ae6fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| oleaut32.dll | 0x76b40000 | 0x76bcefff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| usp10.dll | 0x76bd0000 | 0x76c6cfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| ole32.dll | 0x76d70000 | 0x76ecbfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| kernel32.dll | 0x76ed0000 | 0x76fa3fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| advapi32.dll | 0x76fb0000 | 0x7704ffff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| msctf.dll | 0x77050000 | 0x7711bfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| ntdll.dll | 0x77120000 | 0x7725bfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| psapi.dll | 0x77260000 | 0x77264fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| nsi.dll | 0x77270000 | 0x77275fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| lpk.dll | 0x77290000 | 0x77299fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| msvcrt.dll | 0x772a0000 | 0x7734bfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| apisetschema.dll | 0x77360000 | 0x77360fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| pagefile_0x000000007f6f0000 | 0x7f6f0000 | 0x7f7effff | Pagefile Backed Memory | Readable |
|
|
|
- |
| private_0x000000007ffae000 | 0x7ffae000 | 0x7ffaefff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x000000007ffaf000 | 0x7ffaf000 | 0x7ffaffff | Private Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x000000007ffb0000 | 0x7ffb0000 | 0x7ffd2fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| private_0x000000007ffd3000 | 0x7ffd3000 | 0x7ffd3fff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x000000007ffd4000 | 0x7ffd4000 | 0x7ffd4fff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x000000007ffd5000 | 0x7ffd5000 | 0x7ffd5fff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x000000007ffd6000 | 0x7ffd6000 | 0x7ffd6fff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x000000007ffd7000 | 0x7ffd7000 | 0x7ffd7fff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x000000007ffd8000 | 0x7ffd8000 | 0x7ffd8fff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x000000007ffd9000 | 0x7ffd9000 | 0x7ffd9fff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x000000007ffda000 | 0x7ffda000 | 0x7ffdafff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x000000007ffdb000 | 0x7ffdb000 | 0x7ffdbfff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x000000007ffdc000 | 0x7ffdc000 | 0x7ffdcfff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x000000007ffdd000 | 0x7ffdd000 | 0x7ffddfff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x000000007ffde000 | 0x7ffde000 | 0x7ffdefff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x000000007ffdf000 | 0x7ffdf000 | 0x7ffdffff | Private Memory | Readable, Writable |
|
|
|
- |
|
For performance reasons, the remaining 14 entries are omitted.
The remaining entries can be found in flog.txt. |
||||||||
Created Files
| Filename | File Size | Hash Values | YARA Match | Actions |
|---|---|---|---|---|
| c:\users\eebsym5\appdata\local\temp\_0.86996859035608224741331762670039370.class | 0.00 KB |
MD5:
d41d8cd98f00b204e9800998ecf8427e
SHA1: da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
|
|
| c:\users\eebsym5\appdata\local\temp\retrive6349682593628295348.vbs | 0.00 KB |
MD5:
d41d8cd98f00b204e9800998ecf8427e
SHA1: da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
|
|
| c:\users\eebsym5\appdata\local\temp\retrive5365638019239783154.vbs | 0.00 KB |
MD5:
d41d8cd98f00b204e9800998ecf8427e
SHA1: da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
|
|
| c:\users\eebsym5\appdata\local\temp\_0.86996859035608224741331762670039370.class | 241.30 KB |
MD5:
781fb531354d6f291f1ccab48da6d39f
SHA1: 9ce4518ebcb5be6d1f0b5477fa00c26860fe9a68 SHA256: 97d585b6aff62fb4e43e7e6a5f816dcd7a14be11a88b109a9ba9e8cd4c456eb9 |
|
|
| c:\users\eebsym5\appdata\local\temp\retrive6349682593628295348.vbs | 0.27 KB |
MD5:
3bdfd33017806b85949b6faa7d4b98e4
SHA1: f92844fee69ef98db6e68931adfaa9a0a0f8ce66 SHA256: 9da575dd2d5b7c1e9bab8b51a16cde457b3371c6dcdb0537356cf1497fa868f6 |
|
|
| c:\users\eebsym5\appdata\local\temp\retrive5365638019239783154.vbs | 0.27 KB |
MD5:
a32c109297ed1ca155598cd295c26611
SHA1: dc4a1fdbaad15ddd6fe22d3907c6b03727b71510 SHA256: 45bfe34aa3ef932f75101246eb53d032f5e7cf6d1f5b4e495334955a255f32e7 |
|
|
| c:\users\eebsym5\pkcvbksqerl\id.txt | 0.05 KB |
MD5:
df2c86399cc6351ba9d77881c87f201f
SHA1: bd38681542cb4f76b94507343159cca6e5c89497 SHA256: 08af25f22935ea54454d956d921ac38725db45a49a8e615b59ea17eeac5a89d1 |
|
|
| c:\users\eebsym5\pkcvbksqerl\zpebztplufw.bnnkgj | 542.74 KB |
MD5:
e891e59a10a74f7544fbeffe20d46d49
SHA1: e9ba832a241996225f6a30f9f60b52ba91ca342c SHA256: d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874 |
|
|
Threads
Thread 0xa2c
5930
9
| Category | Operation | Information | Success | Count | Logfile |
|---|---|---|---|---|---|
| Module | Get Handle | module_name = c:\program files\java\jre7\bin\client\jvm.dll, base_address = 0x6cf60000 |
|
1 | |
| Module | Get Address | module_name = c:\program files\java\jre7\bin\client\jvm.dll, function = JVM_GetVersionInfo, address_out = 0x6d04d980 |
|
1 | |
| System | Get Info | type = Operating System |
|
1 | |
| Module | Get Handle | module_name = c:\windows\system32\kernel32.dll, base_address = 0x76ed0000 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\kernel32.dll, function = GetNativeSystemInfo, address_out = 0x76f0be77 |
|
1 | |
| System | Get Info | type = Hardware Information |
|
2 | |
| Registry | Open Key | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders |
|
1 | |
| Registry | Read Value | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders, value_name = Desktop, data = C:\Users\EEBsYm5\Desktop, type = REG_SZ |
|
1 | |
| Module | Get Handle | module_name = c:\program files\java\jre7\bin\client\jvm.dll, base_address = 0x6cf60000 |
|
1 | |
| Module | Get Filename | module_name = c:\program files\java\jre7\bin\client\jvm.dll, process_name = c:\program files\java\jre7\bin\java.exe, file_name_orig = C:\Program Files\Java\jre7\bin\client\jvm.dll, size = 260 |
|
1 | |
| File | Create | filename = C:\Program Files\Java\jre7\lib\rt.jar, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 4, size_out = 4 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 128, size_out = 128 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 7, size_out = 7 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1781193, size_out = 1781193 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 709, size_out = 709 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 277, size_out = 277 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Open | filename = STD_OUTPUT_HANDLE |
|
1 | |
| File | Open | filename = STD_ERROR_HANDLE |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2305, size_out = 2305 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1022, size_out = 1022 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2882, size_out = 2882 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 104, size_out = 104 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 728, size_out = 728 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 345, size_out = 345 |
|
1 | |
| System | Get Info | type = Operating System |
|
1 | |
| Module | Get Handle | module_name = c:\windows\system32\kernel32.dll, base_address = 0x76ed0000, flags = GET_MODULE_HANDLE_EX_FLAG_UNCHANGED_REFCOUNT, GET_MODULE_HANDLE_EX_FLAG_FROM_ADDRESS |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\kernel32.dll, function = GetFinalPathNameByHandleW, address_out = 0x76f04e2a |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 815, size_out = 815 |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\bin\zip.dll, type = file_attributes |
|
3 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1105, size_out = 1105 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1761, size_out = 1761 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 514, size_out = 514 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 970, size_out = 970 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2589, size_out = 2589 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1008, size_out = 1008 |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\ext\meta-index, type = file_attributes |
|
1 | |
| File | Create | filename = C:\Program Files\Java\jre7\lib\ext\meta-index, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2004, size_out = 2004 |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\ext, type = file_attributes |
|
2 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 669, size_out = 669 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\meta-index, size = 8192, size_out = 829 |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\ext\meta-index, type = file_type |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\ext\meta-index, type = size, size_out = 829 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 962, size_out = 962 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 934, size_out = 934 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1720, size_out = 1720 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1012, size_out = 1012 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3028, size_out = 3028 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1111, size_out = 1111 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2976, size_out = 2976 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 672, size_out = 672 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1189, size_out = 1189 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2646, size_out = 2646 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\meta-index, size = 8192, size_out = 0 |
|
1 | |
| File | Get Info | filename = C:\Windows\Sun\Java\lib\ext\meta-index, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\ext, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\ext\access-bridge.jar, type = file_attributes |
|
3 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 966, size_out = 966 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 800, size_out = 800 |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\ext\dnsns.jar, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\ext\jaccess.jar, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\ext\localedata.jar, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\ext\sunmscapi.jar, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\ext\sunpkcs11.jar, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\ext\zipfs.jar, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Windows\Sun\Java\lib\ext, type = file_attributes |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1280, size_out = 1280 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 609, size_out = 609 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 628, size_out = 628 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 328, size_out = 328 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 327, size_out = 327 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, type = file_attributes |
|
3 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\management\usagetracker.properties, type = file_attributes |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 12212, size_out = 12212 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 748, size_out = 748 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 6630, size_out = 6630 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3392, size_out = 3392 |
|
1 | |
| File | Create | filename = C:\Users\EEBsYm5\Desktop\D01AA4~1.JAR, file_attributes = FILE_FLAG_BACKUP_SEMANTICS, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE, FILE_SHARE_DELETE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\Desktop\D01AA4~1.JAR, type = time |
|
1 | |
| File | Create | filename = C:\Users\EEBsYm5\Desktop\D01AA4~1.JAR, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\D01AA4~1.JAR, size = 4, size_out = 4 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\D01AA4~1.JAR, size = 128, size_out = 128 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\D01AA4~1.JAR, size = 13079, size_out = 13079 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2563, size_out = 2563 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 476, size_out = 476 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2703, size_out = 2703 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 753, size_out = 753 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3690, size_out = 3690 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3361, size_out = 3361 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3599, size_out = 3599 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\D01AA4~1.JAR, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 260, size_out = 260 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1899, size_out = 1899 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 678, size_out = 678 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\D01AA4~1.JAR, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\D01AA4~1.JAR, size = 173, size_out = 173 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1909, size_out = 1909 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 670, size_out = 670 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 762, size_out = 762 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1016, size_out = 1016 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1133, size_out = 1133 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 921, size_out = 921 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1133, size_out = 1133 |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\ext\access-bridge.jar, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\ext\dnsns.jar, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\ext\jaccess.jar, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\ext\localedata.jar, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\ext\sunmscapi.jar, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\ext\sunpkcs11.jar, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\ext\zipfs.jar, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, type = file_attributes |
|
1 | |
| File | Create | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, file_attributes = FILE_FLAG_BACKUP_SEMANTICS, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE, FILE_SHARE_DELETE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, type = time |
|
1 | |
| File | Create | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 4, size_out = 4 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 128, size_out = 128 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 13079, size_out = 13079 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 173, size_out = 173 |
|
2 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 160, size_out = 160 |
|
2 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 173, size_out = 173 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 269, size_out = 269 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 480, size_out = 480 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 645, size_out = 645 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 573, size_out = 573 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 535, size_out = 535 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 546, size_out = 546 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 5358, size_out = 5358 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2540, size_out = 2540 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 486, size_out = 486 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 703, size_out = 703 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 740, size_out = 740 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 802, size_out = 802 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1127, size_out = 1127 |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\resources.jar, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\meta-index, type = file_attributes |
|
1 | |
| File | Create | filename = C:\Program Files\Java\jre7\lib\meta-index, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib, type = file_attributes |
|
2 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\meta-index, size = 8192, size_out = 2190 |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\meta-index, type = file_type |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\meta-index, type = size, size_out = 2190 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\meta-index, size = 8192, size_out = 0 |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\rt.jar, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\sunrsasign.jar, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\jsse.jar, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\jce.jar, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\charsets.jar, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\jfr.jar, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\classes, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\meta-index, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\resources.jar, type = file_attributes |
|
3 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\rt.jar, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\sunrsasign.jar, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\jsse.jar, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\jce.jar, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\charsets.jar, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\jfr.jar, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\classes, type = file_attributes |
|
2 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\resources.jar, type = file_attributes |
|
2 | |
| File | Create | filename = C:\Program Files\Java\jre7\lib\resources.jar, file_attributes = FILE_FLAG_BACKUP_SEMANTICS, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE, FILE_SHARE_DELETE |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\resources.jar, type = time |
|
1 | |
| File | Create | filename = C:\Program Files\Java\jre7\lib\resources.jar, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\resources.jar, size = 4, size_out = 4 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\resources.jar, size = 128, size_out = 128 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\resources.jar, size = 33985, size_out = 33985 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\resources.jar, size = 160, size_out = 160 |
|
1 | |
| File | Create | filename = C:\Program Files\Java\jre7\lib\resources.jar, file_attributes = FILE_FLAG_BACKUP_SEMANTICS, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE, FILE_SHARE_DELETE |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\resources.jar, type = time |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\resources.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\resources.jar, size = 92, size_out = 92 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1663, size_out = 1663 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1453, size_out = 1453 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3061, size_out = 3061 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 716, size_out = 716 |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\rt.jar, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\sunrsasign.jar, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\jsse.jar, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\jce.jar, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\charsets.jar, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\jfr.jar, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\classes, type = file_attributes |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 214, size_out = 214 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 545, size_out = 545 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 718, size_out = 718 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 10050, size_out = 10050 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 647, size_out = 647 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 270, size_out = 270 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2524, size_out = 2524 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1399, size_out = 1399 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2750, size_out = 2750 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 6082, size_out = 6082 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 34919, size_out = 34919 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 959, size_out = 959 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 737, size_out = 737 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 62696, size_out = 62696 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 4963, size_out = 4963 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 585, size_out = 585 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1385, size_out = 1385 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 294, size_out = 294 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 33801, size_out = 33801 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 154, size_out = 154 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 348, size_out = 348 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1695, size_out = 1695 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1902, size_out = 1902 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 302, size_out = 302 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 45824, size_out = 45824 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1188, size_out = 1188 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3195, size_out = 3195 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3099, size_out = 3099 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 851, size_out = 851 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2563, size_out = 2563 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1462, size_out = 1462 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3589, size_out = 3589 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 402, size_out = 402 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1366, size_out = 1366 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 151, size_out = 151 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2327, size_out = 2327 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2682, size_out = 2682 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3211, size_out = 3211 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 6372, size_out = 6372 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 8606, size_out = 8606 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 360, size_out = 360 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 4102, size_out = 4102 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2132, size_out = 2132 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 12227, size_out = 12227 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1230, size_out = 1230 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 4933, size_out = 4933 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 4365, size_out = 4365 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 890, size_out = 890 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 12321, size_out = 12321 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 5865, size_out = 5865 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 11499, size_out = 11499 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 330, size_out = 330 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 27736, size_out = 27736 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 12797, size_out = 12797 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2945, size_out = 2945 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 4616, size_out = 4616 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 21515, size_out = 21515 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1396, size_out = 1396 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 582, size_out = 582 |
|
1 | |
| System | Get Info | type = Operating System |
|
1 | |
| Registry | Open Key | reg_name = HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\TimeZoneInformation |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\TimeZoneInformation, value_name = DisableAutoDaylightTimeSet, data = 52, type = REG_NONE |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\TimeZoneInformation, value_name = DynamicDaylightTimeDisabled, data = 0, type = REG_DWORD_LITTLE_ENDIAN |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\TimeZoneInformation, value_name = TimeZoneKeyName, data = Greenland Standard Time, type = REG_SZ |
|
1 | |
| File | Create | filename = C:\Program Files\Java\jre7\lib\tzmappings, file_attributes = _O_RDONLY |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2709, size_out = 2709 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2124, size_out = 2124 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 718, size_out = 718 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 284, size_out = 284 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 14716, size_out = 14716 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2111, size_out = 2111 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 8292, size_out = 8292 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 6007, size_out = 6007 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1012, size_out = 1012 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2905, size_out = 2905 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 937, size_out = 937 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 585, size_out = 585 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1544, size_out = 1544 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 12572, size_out = 12572 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1904, size_out = 1904 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2008, size_out = 2008 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 783, size_out = 783 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 832, size_out = 832 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 76, size_out = 76 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 76, size_out = 76 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 6363, size_out = 6363 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 9943, size_out = 9943 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 596, size_out = 596 |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\bin\net.dll, type = file_attributes |
|
1 | |
| Socket | Create | protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM |
|
1 | |
| Socket | Close | type = SOCK_STREAM |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\bin\nio.dll, type = file_attributes |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 612, size_out = 612 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 544, size_out = 544 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 697, size_out = 697 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 604, size_out = 604 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 591, size_out = 591 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 452, size_out = 452 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 586, size_out = 586 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 525, size_out = 525 |
|
1 | |
| Module | Get Handle | module_name = c:\windows\system32\kernel32.dll, base_address = 0x76ed0000, flags = GET_MODULE_HANDLE_EX_FLAG_UNCHANGED_REFCOUNT, GET_MODULE_HANDLE_EX_FLAG_FROM_ADDRESS |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\kernel32.dll, function = FindFirstStreamW, address_out = 0x76f2c8fa |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\kernel32.dll, function = FindNextStreamW, address_out = 0x76f2c838 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\kernel32.dll, function = CreateSymbolicLinkW, address_out = 0x76f59aa9 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\kernel32.dll, function = GetFinalPathNameByHandleW, address_out = 0x76f04e2a |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1974, size_out = 1974 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1159, size_out = 1159 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 426, size_out = 426 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 7100, size_out = 7100 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 229, size_out = 229 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 366, size_out = 366 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1120, size_out = 1120 |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\zi\America\Godthab, type = file_attributes |
|
1 | |
| File | Create | filename = C:\Program Files\Java\jre7\lib\zi\America\Godthab, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\zi\America\Godthab, size = 1036, size_out = 1036 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3241, size_out = 3241 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 784, size_out = 784 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1886, size_out = 1886 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2962, size_out = 2962 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 632, size_out = 632 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 5472, size_out = 5472 |
|
1 | |
| File | Create | filename = C:\Program Files\Java\jre7\lib\currency.data, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\currency.data, size = 8192, size_out = 4200 |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\currency.properties, type = file_attributes |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 10775, size_out = 10775 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 6736, size_out = 6736 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 11754, size_out = 11754 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 4772, size_out = 4772 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3581, size_out = 3581 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 5154, size_out = 5154 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 6596, size_out = 6596 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 6452, size_out = 6452 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 483, size_out = 483 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 375, size_out = 375 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 549, size_out = 549 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 598, size_out = 598 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3389, size_out = 3389 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2486, size_out = 2486 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 8998, size_out = 8998 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 4936, size_out = 4936 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2439, size_out = 2439 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2652, size_out = 2652 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 213, size_out = 213 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 550, size_out = 550 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 164, size_out = 164 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 186, size_out = 186 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 551, size_out = 551 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 613, size_out = 613 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 7508, size_out = 7508 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 135, size_out = 135 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 4419, size_out = 4419 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1640, size_out = 1640 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 337, size_out = 337 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 54044, size_out = 54044 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 243, size_out = 243 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 15023, size_out = 15023 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3685, size_out = 3685 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2898, size_out = 2898 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 6136, size_out = 6136 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 5326, size_out = 5326 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2173, size_out = 2173 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 6819, size_out = 6819 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 11034, size_out = 11034 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2040, size_out = 2040 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1920, size_out = 1920 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 6611, size_out = 6611 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1102, size_out = 1102 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2218, size_out = 2218 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1308, size_out = 1308 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 544, size_out = 544 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2347, size_out = 2347 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1558, size_out = 1558 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 7623, size_out = 7623 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2853, size_out = 2853 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1485, size_out = 1485 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 755, size_out = 755 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 177, size_out = 177 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1737, size_out = 1737 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1663, size_out = 1663 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2251, size_out = 2251 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2801, size_out = 2801 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1075, size_out = 1075 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2301, size_out = 2301 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2770, size_out = 2770 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1827, size_out = 1827 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1966, size_out = 1966 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 37681, size_out = 37681 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 7436, size_out = 7436 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1360, size_out = 1360 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2073, size_out = 2073 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 556, size_out = 556 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 935, size_out = 935 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1023, size_out = 1023 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2191, size_out = 2191 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 15959, size_out = 15959 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 8600, size_out = 8600 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2894, size_out = 2894 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 603, size_out = 603 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1434, size_out = 1434 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 5734, size_out = 5734 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 225, size_out = 225 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2331, size_out = 2331 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2678, size_out = 2678 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1894, size_out = 1894 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 747, size_out = 747 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 4614, size_out = 4614 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 4458, size_out = 4458 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1618, size_out = 1618 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 8409, size_out = 8409 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 13671, size_out = 13671 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 17304, size_out = 17304 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1740, size_out = 1740 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1045, size_out = 1045 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 7937, size_out = 7937 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 521, size_out = 521 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3081, size_out = 3081 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1020, size_out = 1020 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 690, size_out = 690 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 426, size_out = 426 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 427, size_out = 427 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 463, size_out = 463 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 394, size_out = 394 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 615, size_out = 615 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 262, size_out = 262 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 648, size_out = 648 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 160, size_out = 160 |
|
1 | |
| File | Create | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, file_attributes = FILE_FLAG_BACKUP_SEMANTICS, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE, FILE_SHARE_DELETE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, type = time |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 212, size_out = 212 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 214, size_out = 214 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 238, size_out = 238 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 6643, size_out = 6643 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 700, size_out = 700 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1882, size_out = 1882 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 4857, size_out = 4857 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2084, size_out = 2084 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3002, size_out = 3002 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 886, size_out = 886 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 30, size_out = 30 |
|
1 | |
|
For performance reasons, the remaining 4127 entries are omitted.
The remaining entries can be found in glog.xml. |
|||||
Thread 0xacc
35
0
| Category | Operation | Information | Success | Count | Logfile |
|---|---|---|---|---|---|
| Module | Load | module_name = COMCTL32.dll, base_address = 0x74250000 |
|
1 | |
| Module | Get Address | module_name = c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll, function = InitCommonControlsEx, address_out = 0x742709ce |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\user32.dll, function = LoadIconW, address_out = 0x769cf142 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\user32.dll, function = RegisterClassW, address_out = 0x769ced4a |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\user32.dll, function = GetDC, address_out = 0x769d544c |
|
1 | |
| Module | Load | module_name = GDI32.dll, base_address = 0x76970000 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\gdi32.dll, function = GetDeviceCaps, address_out = 0x76976f7f |
|
2 | |
| Module | Get Address | module_name = c:\windows\system32\user32.dll, function = ReleaseDC, address_out = 0x769d5421 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\user32.dll, function = CreateWindowExW, address_out = 0x769cec7c |
|
1 | |
| Window | Create | window_name = theAwtToolkitWindow, class_name = SunAwtToolkit, wndproc_parameter = 0 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\user32.dll, function = DefWindowProcW, address_out = 0x769d507d |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\user32.dll, function = SetWindowsHookExW, address_out = 0x769ce30c |
|
1 | |
| System | Register Hook | type = WH_GETMESSAGE, hookproc_address = 0x6ccf1da0 |
|
1 | |
| Module | Load | module_name = ole32.dll, base_address = 0x76d70000 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\ole32.dll, function = OleInitialize, address_out = 0x76d8efd7 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 569, size_out = 569 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 333, size_out = 333 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\user32.dll, function = WaitMessage, address_out = 0x769d66bd |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\user32.dll, function = PeekMessageW, address_out = 0x769d634a |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\user32.dll, function = EnumThreadWindows, address_out = 0x769cb712 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\user32.dll, function = PostMessageW, address_out = 0x769d447b |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\user32.dll, function = CallNextHookEx, address_out = 0x769cabe1 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\user32.dll, function = PostQuitMessage, address_out = 0x769cb308 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\ole32.dll, function = OleUninitialize, address_out = 0x76d8eba1 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\user32.dll, function = GetMessageW, address_out = 0x769dcde8 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\user32.dll, function = IsWindow, address_out = 0x769d53ba |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\user32.dll, function = DestroyWindow, address_out = 0x769cb2f4 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\user32.dll, function = UnregisterClassW, address_out = 0x769cb9ae |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\user32.dll, function = UnhookWindowsHookEx, address_out = 0x769cadf9 |
|
1 |
Thread 0xad0
3795
0
| Category | Operation | Information | Success | Count | Logfile |
|---|---|---|---|---|---|
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 418, size_out = 418 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, size = 3, size_out = 3 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, type = file_attributes |
|
11 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 448, size_out = 448 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, type = file_attributes |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 402, size_out = 402 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, type = file_attributes |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 1217, size_out = 1217 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 4051, size_out = 4051 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, type = file_attributes |
|
2 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive6349682593628295348.vbs, type = file_attributes |
|
1 | |
| File | Create | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive6349682593628295348.vbs, desired_access = GENERIC_WRITE, GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, FILE_FLAG_OPEN_REPARSE_POINT, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| File | Create | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive6349682593628295348.vbs, desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| File | Write | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive6349682593628295348.vbs, size = 276 |
|
1 | |
| System | Get Info | type = Operating System |
|
1 | |
| File | Create Pipe | pipe_name = Anonymous read pipe, size = 4120 |
|
1 | |
| File | Create Pipe | pipe_name = Anonymous read pipe, size = 4120 |
|
1 | |
| File | Create Pipe | pipe_name = Anonymous read pipe, size = 4120 |
|
1 | |
| Process | Create | process_name = cmd.exe /C cscript.exe C:\Users\EEBsYm5\AppData\Local\Temp\Retrive6349682593628295348.vbs, os_pid = 0xae8, creation_flags = CREATE_UNICODE_ENVIRONMENT, CREATE_NO_WINDOW, startup_flags = STARTF_USESTDHANDLES, show_window = SW_HIDE |
|
1 | |
| File | Read | size = 8192, size_out = 108 |
|
1 | |
| File | Get Info | type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | size = 8192, size_out = 0 |
|
1 | |
| Process | Terminate | exit_code = 1 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive6349682593628295348.vbs, type = file_attributes |
|
1 | |
| File | Delete | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive6349682593628295348.vbs |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_attributes |
|
1 | |
| File | Create | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, desired_access = GENERIC_WRITE, GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, FILE_FLAG_OPEN_REPARSE_POINT, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| File | Create | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| File | Write | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 281 |
|
1 | |
| System | Get Info | type = Operating System |
|
1 | |
| File | Create Pipe | pipe_name = Anonymous read pipe, size = 4120 |
|
1 | |
| File | Create Pipe | pipe_name = Anonymous read pipe, size = 4120 |
|
1 | |
| File | Create Pipe | pipe_name = Anonymous read pipe, size = 4120 |
|
1 | |
| Process | Create | process_name = cmd.exe /C cscript.exe C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, os_pid = 0xb7c, creation_flags = CREATE_UNICODE_ENVIRONMENT, CREATE_NO_WINDOW, startup_flags = STARTF_USESTDHANDLES, show_window = SW_HIDE |
|
1 | |
| File | Read | size = 8192, size_out = 108 |
|
1 | |
| File | Get Info | type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | size = 8192, size_out = 0 |
|
1 | |
| Process | Terminate | exit_code = 1 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_attributes |
|
1 | |
| File | Delete | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\Desktop\d01aa424c91a43c1f87e45da12437d7b4f52b0fa756799ec273bc1f942677874.jar, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Roaming\Oracle\bin\javaw.exe, type = file_attributes |
|
1 | |
| File | Create Pipe | pipe_name = Anonymous read pipe, size = 4120 |
|
1 | |
| File | Create Pipe | pipe_name = Anonymous read pipe, size = 4120 |
|
1 | |
| File | Create Pipe | pipe_name = Anonymous read pipe, size = 4120 |
|
1 | |
| Process | Create | process_name = xcopy "C:\Program Files\Java\jre7" "C:\Users\EEBsYm5\AppData\Roaming\Oracle\" /e, os_pid = 0xbfc, creation_flags = CREATE_UNICODE_ENVIRONMENT, CREATE_NO_WINDOW, startup_flags = STARTF_USESTDHANDLES, show_window = SW_HIDE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 38 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 36 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 39 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 36 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 63 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 56 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 41 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 40 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 45 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 41 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 47 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 43 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 45 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 46 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 41 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 48 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 46 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 42 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 46 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 51 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 42 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 46 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 47 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 43 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 45 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 44 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 46 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 45 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 41 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 41 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 53 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 44 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 48 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 47 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 42 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 43 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 50 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 41 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 53 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 45 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 41 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 40 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 45 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 46 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 40 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 44 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 48 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 46 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 43 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 41 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 43 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 43 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 44 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 43 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 45 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 40 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 41 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 43 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 45 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 41 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 44 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 42 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 42 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 41 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 44 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 44 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 47 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 47 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 45 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 40 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 40 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 48 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 45 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 40 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 41 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 44 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 47 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 46 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 41 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 48 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 47 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 49 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 40 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 45 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 42 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 46 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 40 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 46 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 43 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 46 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 43 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 49 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 56 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 45 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 40 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 51 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 47 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 50 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 57 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 59 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 53 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 50 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 57 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 43 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 53 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 45 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 42 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 57 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 46 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 43 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 53 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 47 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 58 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 50 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 43 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 40 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 40 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 42 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 41 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 46 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 51 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 53 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 43 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 47 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 43 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 53 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 53 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 46 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 39 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 49 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 43 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 46 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 44 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 50 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 44 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 44 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 51 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 59 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 62 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 62 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 62 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 62 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 62 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 62 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 65 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 62 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 65 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 65 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 65 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 50 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 52 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 66 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 54 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 46 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 48 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 51 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 47 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 46 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 56 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 50 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 50 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 46 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 63 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 65 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 61 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 62 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 61 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 60 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 63 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 66 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 45 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 66 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 64 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 71 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 73 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 71 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 73 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 71 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 73 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 48 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 48 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 60 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 71 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 65 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 61 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 51 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 49 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 8192, size_out = 53 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
|
For performance reasons, the remaining 2779 entries are omitted.
The remaining entries can be found in glog.xml. |
|||||
Thread 0xd0c
1
0
| Category | Operation | Information | Success | Count | Logfile |
|---|---|---|---|---|---|
| Module | Get Address | module_name = c:\windows\system32\user32.dll, function = SendMessageW, address_out = 0x769d5539 |
|
1 |
Process #2: java.exe
3281
38
| Information | Value |
|---|---|
| ID | #2 |
| File Name | c:\program files\java\jre7\bin\java.exe |
| Command Line | "C:\Program Files\Java\jre7\bin\java.exe" -jar C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class |
| Initial Working Directory | C:\Users\EEBsYm5\Desktop\ |
| Monitor | Start Time: 00:01:05, Reason: Child Process |
| Unmonitor | End Time: 00:02:41, Reason: Terminated by Timeout |
| Monitor Duration | 00:01:36 |
OS Process Information
| Information | Value |
|---|---|
| PID | 0xa9c |
| Parent PID | 0xa14 (c:\program files\java\jre7\bin\java.exe) |
| Is Created or Modified Executable |
|
| Integrity Level | High (Elevated) |
| Username | CRH2YWU7\EEBsYm5 |
| Enabled Privileges | SeChangeNotifyPrivilege, SeImpersonatePrivilege, SeCreateGlobalPrivilege |
| Thread IDs |
0x
AA0
0x
AB4
0x
AB8
0x
ABC
0x
AC0
0x
ADC
0x
AD4
0x
AD8
0x
AE4
0x
AE0
0x
B10
0x
B34
0x
B38
0x
B3C
0x
B40
0x
C4C
0x
C50
0x
C58
0x
C5C
0x
CDC
0x
D6C
0x
D90
0x
DA8
0x
DB0
0x
DB4
0x
DB8
0x
DBC
0x
DC0
0x
DC4
0x
DC8
0x
E18
0x
E24
0x
E28
|
Region
| Name | Start VA | End VA | Type | Permissions | Monitored | Dumped | YARA | Actions |
|---|---|---|---|---|---|---|---|---|
| private_0x0000000000010000 | 0x00010000 | 0x0002ffff | Private Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x0000000000010000 | 0x00010000 | 0x0001ffff | Pagefile Backed Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x0000000000020000 | 0x00020000 | 0x0002ffff | Pagefile Backed Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x0000000000030000 | 0x00030000 | 0x00033fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| pagefile_0x0000000000040000 | 0x00040000 | 0x00042fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| private_0x0000000000050000 | 0x00050000 | 0x00050fff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000000060000 | 0x00060000 | 0x00060fff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000000070000 | 0x00070000 | 0x000bffff | Private Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x00000000000c0000 | 0x000c0000 | 0x000c0fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| pagefile_0x00000000000d0000 | 0x000d0000 | 0x000d1fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| pagefile_0x00000000000e0000 | 0x000e0000 | 0x000e6fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| private_0x00000000000f0000 | 0x000f0000 | 0x001effff | Private Memory | Readable, Writable |
|
|
|
- |
| locale.nls | 0x001f0000 | 0x00256fff | Memory Mapped File | Readable |
|
|
|
- |
| pagefile_0x0000000000260000 | 0x00260000 | 0x00327fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| pagefile_0x0000000000330000 | 0x00330000 | 0x00331fff | Pagefile Backed Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000000340000 | 0x00340000 | 0x00340fff | Private Memory | Readable |
|
|
|
- |
| private_0x0000000000350000 | 0x00350000 | 0x00350fff | Private Memory | Readable, Writable |
|
|
|
- |
| 2716 | 0x00360000 | 0x0036ffff | Memory Mapped File | Readable, Writable |
|
|
|
- |
| private_0x0000000000370000 | 0x00370000 | 0x003cffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x00000000003d0000 | 0x003d0000 | 0x003dffff | Private Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x00000000003e0000 | 0x003e0000 | 0x004e0fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| pagefile_0x00000000004f0000 | 0x004f0000 | 0x010effff | Pagefile Backed Memory | Readable |
|
|
|
- |
| private_0x00000000010f0000 | 0x010f0000 | 0x0116ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000001170000 | 0x01170000 | 0x0119ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x00000000011a0000 | 0x011a0000 | 0x011affff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x00000000011b0000 | 0x011b0000 | 0x011bffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x00000000011c0000 | 0x011c0000 | 0x012bffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x00000000012c0000 | 0x012c0000 | 0x0136ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000001370000 | 0x01370000 | 0x0137ffff | Private Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x0000000001380000 | 0x01380000 | 0x01380fff | Pagefile Backed Memory | Readable, Writable |
|
|
|
- |
| java.exe | 0x013b0000 | 0x013defff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| pagefile_0x00000000013e0000 | 0x013e0000 | 0x017d2fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| private_0x00000000017e0000 | 0x017e0000 | 0x0182ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000001840000 | 0x01840000 | 0x0188ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000001890000 | 0x01890000 | 0x0198ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000001990000 | 0x01990000 | 0x0199ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x00000000019a0000 | 0x019a0000 | 0x0399ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x00000000039c0000 | 0x039c0000 | 0x03a0ffff | Private Memory | Readable, Writable |
|
|
|
- |
| rsaenh.dll | 0x03a10000 | 0x03a4bfff | Memory Mapped File | Readable |
|
|
|
- |
| private_0x0000000003a50000 | 0x03a50000 | 0x03a9ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000003aa0000 | 0x03aa0000 | 0x03b3ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000003aa0000 | 0x03aa0000 | 0x03b0ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000003b30000 | 0x03b30000 | 0x03b3ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000003b60000 | 0x03b60000 | 0x03baffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000003bb0000 | 0x03bb0000 | 0x03d62fff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000003bf0000 | 0x03bf0000 | 0x03c3ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000003c80000 | 0x03c80000 | 0x03ccffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000003cd0000 | 0x03cd0000 | 0x03d1ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000003d30000 | 0x03d30000 | 0x03d7ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000003d80000 | 0x03d80000 | 0x03f7ffff | Private Memory | Readable, Writable |
|
|
|
- |
| sortdefault.nls | 0x03f80000 | 0x0424efff | Memory Mapped File | Readable |
|
|
|
- |
| private_0x0000000004250000 | 0x04250000 | 0x043bffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000004250000 | 0x04250000 | 0x0437ffff | Private Memory | Readable, Writable |
|
|
|
- |
| rpcss.dll | 0x04250000 | 0x042abfff | Memory Mapped File | Readable |
|
|
|
- |
| private_0x00000000042c0000 | 0x042c0000 | 0x0430ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000004370000 | 0x04370000 | 0x0437ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000004380000 | 0x04380000 | 0x043bffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x00000000043c0000 | 0x043c0000 | 0x0458ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x00000000043c0000 | 0x043c0000 | 0x044bffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x00000000044d0000 | 0x044d0000 | 0x0451ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000004550000 | 0x04550000 | 0x0458ffff | Private Memory | Readable, Writable |
|
|
|
- |
| kernelbase.dll.mui | 0x04590000 | 0x0464ffff | Memory Mapped File | Readable, Writable |
|
|
|
- |
| private_0x00000000046f0000 | 0x046f0000 | 0x0473ffff | Private Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x0000000004740000 | 0x04740000 | 0x0481efff | Pagefile Backed Memory | Readable |
|
|
|
- |
| private_0x0000000004820000 | 0x04820000 | 0x0486ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x00000000048b0000 | 0x048b0000 | 0x048fffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000004900000 | 0x04900000 | 0x04a6ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000023860000 | 0x23860000 | 0x28daffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000028db0000 | 0x28db0000 | 0x3385ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000033860000 | 0x33860000 | 0x3785ffff | Private Memory | Readable, Writable |
|
|
|
- |
| classes.jsa | 0x37860000 | 0x37c9ffff | Memory Mapped File | Readable |
|
|
|
- |
| private_0x0000000037ca0000 | 0x37ca0000 | 0x3825ffff | Private Memory | Readable, Writable |
|
|
|
- |
| classes.jsa | 0x38260000 | 0x388affff | Memory Mapped File | Readable, Writable |
|
|
|
- |
| private_0x00000000388b0000 | 0x388b0000 | 0x38e5ffff | Private Memory | Readable, Writable |
|
|
|
- |
| classes.jsa | 0x38e60000 | 0x390cffff | Memory Mapped File | Readable, Writable |
|
|
|
- |
| private_0x00000000390d0000 | 0x390d0000 | 0x3925ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000039260000 | 0x39260000 | 0x3926ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000039270000 | 0x39270000 | 0x3965ffff | Private Memory | Readable, Writable |
|
|
|
- |
| awt.dll | 0x6cc60000 | 0x6cda2fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| jvm.dll | 0x6cf60000 | 0x6d2dffff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| winmm.dll | 0x6eae0000 | 0x6eb11fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| rasadhlp.dll | 0x6eb20000 | 0x6eb25fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| sunec.dll | 0x6f480000 | 0x6f49ffff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| net.dll | 0x6f4a0000 | 0x6f4b3fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| zip.dll | 0x6f4c0000 | 0x6f4d2fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| nio.dll | 0x6f570000 | 0x6f57efff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| java.dll | 0x6f580000 | 0x6f59ffff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| msvcr100.dll | 0x6f5a0000 | 0x6f65efff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| verify.dll | 0x71c10000 | 0x71c1bfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| wsock32.dll | 0x71ce0000 | 0x71ce6fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| dhcpcsvc.dll | 0x73360000 | 0x73371fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| fwpuclnt.dll | 0x73380000 | 0x733b7fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| dhcpcsvc6.dll | 0x733d0000 | 0x733dcfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| winnsi.dll | 0x734c0000 | 0x734c6fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| iphlpapi.dll | 0x734d0000 | 0x734ebfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| nlaapi.dll | 0x735e0000 | 0x735effff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| winrnr.dll | 0x73c20000 | 0x73c27fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| pnrpnsp.dll | 0x73c30000 | 0x73c41fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| napinsp.dll | 0x73c60000 | 0x73c6ffff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| dwmapi.dll | 0x73da0000 | 0x73db2fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| uxtheme.dll | 0x740d0000 | 0x7410ffff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| comctl32.dll | 0x74250000 | 0x743edfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| wshtcpip.dll | 0x74850000 | 0x74854fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| userenv.dll | 0x74920000 | 0x74936fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| rsaenh.dll | 0x74ae0000 | 0x74b1afff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| dnsapi.dll | 0x74bc0000 | 0x74c03fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| wship6.dll | 0x74cf0000 | 0x74cf5fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| mswsock.dll | 0x74d00000 | 0x74d3bfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| cryptsp.dll | 0x74d40000 | 0x74d55fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| cryptbase.dll | 0x751c0000 | 0x751cbfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| profapi.dll | 0x75270000 | 0x7527afff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| kernelbase.dll | 0x75490000 | 0x754d9fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| shell32.dll | 0x75570000 | 0x761b9fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| rpcrt4.dll | 0x761c0000 | 0x76260fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| sechost.dll | 0x76470000 | 0x76488fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| ws2_32.dll | 0x76630000 | 0x76664fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| imm32.dll | 0x76920000 | 0x7693efff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| gdi32.dll | 0x76970000 | 0x769bdfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| user32.dll | 0x769c0000 | 0x76a88fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| shlwapi.dll | 0x76a90000 | 0x76ae6fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| oleaut32.dll | 0x76b40000 | 0x76bcefff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| usp10.dll | 0x76bd0000 | 0x76c6cfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| ole32.dll | 0x76d70000 | 0x76ecbfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| kernel32.dll | 0x76ed0000 | 0x76fa3fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| advapi32.dll | 0x76fb0000 | 0x7704ffff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| msctf.dll | 0x77050000 | 0x7711bfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| ntdll.dll | 0x77120000 | 0x7725bfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| psapi.dll | 0x77260000 | 0x77264fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| nsi.dll | 0x77270000 | 0x77275fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| lpk.dll | 0x77290000 | 0x77299fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| msvcrt.dll | 0x772a0000 | 0x7734bfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| apisetschema.dll | 0x77360000 | 0x77360fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| pagefile_0x000000007f6f0000 | 0x7f6f0000 | 0x7f7effff | Pagefile Backed Memory | Readable |
|
|
|
- |
| private_0x000000007ffad000 | 0x7ffad000 | 0x7ffadfff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x000000007ffae000 | 0x7ffae000 | 0x7ffaefff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x000000007ffaf000 | 0x7ffaf000 | 0x7ffaffff | Private Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x000000007ffb0000 | 0x7ffb0000 | 0x7ffd2fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| private_0x000000007ffd3000 | 0x7ffd3000 | 0x7ffd3fff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x000000007ffd4000 | 0x7ffd4000 | 0x7ffd4fff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x000000007ffd5000 | 0x7ffd5000 | 0x7ffd5fff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x000000007ffd6000 | 0x7ffd6000 | 0x7ffd6fff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x000000007ffd7000 | 0x7ffd7000 | 0x7ffd7fff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x000000007ffd8000 | 0x7ffd8000 | 0x7ffd8fff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x000000007ffd9000 | 0x7ffd9000 | 0x7ffd9fff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x000000007ffda000 | 0x7ffda000 | 0x7ffdafff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x000000007ffdb000 | 0x7ffdb000 | 0x7ffdbfff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x000000007ffdc000 | 0x7ffdc000 | 0x7ffdcfff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x000000007ffdd000 | 0x7ffdd000 | 0x7ffddfff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x000000007ffde000 | 0x7ffde000 | 0x7ffdefff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x000000007ffdf000 | 0x7ffdf000 | 0x7ffdffff | Private Memory | Readable, Writable |
|
|
|
- |
|
For performance reasons, the remaining 25 entries are omitted.
The remaining entries can be found in flog.txt. |
||||||||
Created Files
| Filename | File Size | Hash Values | YARA Match | Actions |
|---|---|---|---|---|
| c:\users\eebsym5\appdata\local\temp\retrive2551337130529148691.vbs | 0.27 KB |
MD5:
3bdfd33017806b85949b6faa7d4b98e4
SHA1: f92844fee69ef98db6e68931adfaa9a0a0f8ce66 SHA256: 9da575dd2d5b7c1e9bab8b51a16cde457b3371c6dcdb0537356cf1497fa868f6 |
|
|
| c:\users\eebsym5\appdata\local\temp\retrive2742094931696724792.vbs | 0.27 KB |
MD5:
a32c109297ed1ca155598cd295c26611
SHA1: dc4a1fdbaad15ddd6fe22d3907c6b03727b71510 SHA256: 45bfe34aa3ef932f75101246eb53d032f5e7cf6d1f5b4e495334955a255f32e7 |
|
|
| c:\windows\system32\test.txt | 0.84 KB |
MD5:
3d0e087dfb49330b60853005578fb212
SHA1: 67fdc16a3019e0283bc362e60260ab309710f80c SHA256: 8378e312f7d1dc47b3d75335dd0287fe32fbf5ccdbb4810396f911fb5dcd6e8c |
|
|
| c:\users\eebsym5\futkaleatxm\id.txt | 0.05 KB |
MD5:
4ccee4a6fd5867cfa215138a8b045386
SHA1: 96fb6d9a48b81b8bd058c80c4fa4e3484d1a61d2 SHA256: ff4a8660585a9a7e79d9491f4f132a31065420770c0c3b4830af8a482b5f7afa |
|
|
| c:\windows\system32\test.txt | 0.50 KB |
MD5:
e11224734ee902942414452d70f4c37e
SHA1: f3b08e822a82bb114468daa417467162605b61d8 SHA256: 03db1dad19141bc88f6174698ea62584f304d4c389237c5377e1b3d94012543e |
|
|
Threads
Thread 0xab4
2617
5
| Category | Operation | Information | Success | Count | Logfile |
|---|---|---|---|---|---|
| Module | Get Handle | module_name = c:\program files\java\jre7\bin\client\jvm.dll, base_address = 0x6cf60000 |
|
1 | |
| Module | Get Address | module_name = c:\program files\java\jre7\bin\client\jvm.dll, function = JVM_GetVersionInfo, address_out = 0x6d04d980 |
|
1 | |
| System | Get Info | type = Operating System |
|
1 | |
| Module | Get Handle | module_name = c:\windows\system32\kernel32.dll, base_address = 0x76ed0000 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\kernel32.dll, function = GetNativeSystemInfo, address_out = 0x76f0be77 |
|
1 | |
| System | Get Info | type = Hardware Information |
|
2 | |
| Registry | Open Key | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders |
|
1 | |
| Registry | Read Value | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders, value_name = Desktop, data = C:\Users\EEBsYm5\Desktop, type = REG_SZ |
|
1 | |
| Module | Get Handle | module_name = c:\program files\java\jre7\bin\client\jvm.dll, base_address = 0x6cf60000 |
|
1 | |
| Module | Get Filename | module_name = c:\program files\java\jre7\bin\client\jvm.dll, process_name = c:\program files\java\jre7\bin\java.exe, file_name_orig = C:\Program Files\Java\jre7\bin\client\jvm.dll, size = 260 |
|
1 | |
| File | Create | filename = C:\Program Files\Java\jre7\lib\rt.jar, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 4, size_out = 4 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 128, size_out = 128 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 7, size_out = 7 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1781193, size_out = 1781193 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 709, size_out = 709 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 277, size_out = 277 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Open | filename = STD_OUTPUT_HANDLE |
|
1 | |
| File | Open | filename = STD_ERROR_HANDLE |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2305, size_out = 2305 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1022, size_out = 1022 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2882, size_out = 2882 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 104, size_out = 104 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 728, size_out = 728 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 345, size_out = 345 |
|
1 | |
| System | Get Info | type = Operating System |
|
1 | |
| Module | Get Handle | module_name = c:\windows\system32\kernel32.dll, base_address = 0x76ed0000, flags = GET_MODULE_HANDLE_EX_FLAG_UNCHANGED_REFCOUNT, GET_MODULE_HANDLE_EX_FLAG_FROM_ADDRESS |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\kernel32.dll, function = GetFinalPathNameByHandleW, address_out = 0x76f04e2a |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 815, size_out = 815 |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\bin\zip.dll, type = file_attributes |
|
3 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1105, size_out = 1105 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1761, size_out = 1761 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 514, size_out = 514 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 970, size_out = 970 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2589, size_out = 2589 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1008, size_out = 1008 |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\ext\meta-index, type = file_attributes |
|
1 | |
| File | Create | filename = C:\Program Files\Java\jre7\lib\ext\meta-index, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2004, size_out = 2004 |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\ext, type = file_attributes |
|
2 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 669, size_out = 669 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\meta-index, size = 8192, size_out = 829 |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\ext\meta-index, type = file_type |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\ext\meta-index, type = size, size_out = 829 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 962, size_out = 962 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 934, size_out = 934 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1720, size_out = 1720 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1012, size_out = 1012 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3028, size_out = 3028 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1111, size_out = 1111 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2976, size_out = 2976 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 672, size_out = 672 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1189, size_out = 1189 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2646, size_out = 2646 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\meta-index, size = 8192, size_out = 0 |
|
1 | |
| File | Get Info | filename = C:\Windows\Sun\Java\lib\ext\meta-index, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\ext, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\ext\access-bridge.jar, type = file_attributes |
|
3 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 966, size_out = 966 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 800, size_out = 800 |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\ext\dnsns.jar, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\ext\jaccess.jar, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\ext\localedata.jar, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\ext\sunmscapi.jar, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\ext\sunpkcs11.jar, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\ext\zipfs.jar, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Windows\Sun\Java\lib\ext, type = file_attributes |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1280, size_out = 1280 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 609, size_out = 609 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 628, size_out = 628 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 328, size_out = 328 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 327, size_out = 327 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, type = file_attributes |
|
3 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\management\usagetracker.properties, type = file_attributes |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 12212, size_out = 12212 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 748, size_out = 748 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 6630, size_out = 6630 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3392, size_out = 3392 |
|
1 | |
| File | Create | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, file_attributes = FILE_FLAG_BACKUP_SEMANTICS, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE, FILE_SHARE_DELETE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, type = time |
|
1 | |
| File | Create | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, size = 4, size_out = 4 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, size = 128, size_out = 128 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, size = 6113, size_out = 6113 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2563, size_out = 2563 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 476, size_out = 476 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2703, size_out = 2703 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 753, size_out = 753 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3690, size_out = 3690 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3361, size_out = 3361 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3599, size_out = 3599 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 260, size_out = 260 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1899, size_out = 1899 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 678, size_out = 678 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, size = 161, size_out = 161 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1909, size_out = 1909 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 670, size_out = 670 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 762, size_out = 762 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1016, size_out = 1016 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1133, size_out = 1133 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 921, size_out = 921 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1133, size_out = 1133 |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\ext\access-bridge.jar, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\ext\dnsns.jar, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\ext\jaccess.jar, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\ext\localedata.jar, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\ext\sunmscapi.jar, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\ext\sunpkcs11.jar, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\ext\zipfs.jar, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, type = file_attributes |
|
1 | |
| File | Create | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, file_attributes = FILE_FLAG_BACKUP_SEMANTICS, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE, FILE_SHARE_DELETE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, type = time |
|
1 | |
| File | Create | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, size = 4, size_out = 4 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, size = 128, size_out = 128 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, size = 6113, size_out = 6113 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, size = 161, size_out = 161 |
|
2 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, size = 160, size_out = 160 |
|
2 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, size = 161, size_out = 161 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, size = 263, size_out = 263 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, size = 16, size_out = 16 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, size = 729, size_out = 729 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, size = 17, size_out = 17 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, size = 243, size_out = 243 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, size = 16, size_out = 16 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, size = 315, size_out = 315 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, size = 16, size_out = 16 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, size = 437, size_out = 437 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, size = 16, size_out = 16 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, size = 439, size_out = 439 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, size = 16, size_out = 16 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, size = 342, size_out = 342 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 802, size_out = 802 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1127, size_out = 1127 |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\resources.jar, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\meta-index, type = file_attributes |
|
1 | |
| File | Create | filename = C:\Program Files\Java\jre7\lib\meta-index, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib, type = file_attributes |
|
2 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\meta-index, size = 8192, size_out = 2190 |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\meta-index, type = file_type |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\meta-index, type = size, size_out = 2190 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\meta-index, size = 8192, size_out = 0 |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\rt.jar, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\sunrsasign.jar, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\jsse.jar, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\jce.jar, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\charsets.jar, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\jfr.jar, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\classes, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\meta-index, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\resources.jar, type = file_attributes |
|
3 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\rt.jar, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\sunrsasign.jar, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\jsse.jar, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\jce.jar, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\charsets.jar, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\jfr.jar, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\classes, type = file_attributes |
|
2 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\resources.jar, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\rt.jar, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\sunrsasign.jar, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\jsse.jar, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\jce.jar, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\charsets.jar, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\jfr.jar, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\classes, type = file_attributes |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, size = 160, size_out = 160 |
|
1 | |
| File | Create | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, file_attributes = FILE_FLAG_BACKUP_SEMANTICS, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE, FILE_SHARE_DELETE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, type = time |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, size = 1468, size_out = 1468 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1486, size_out = 1486 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, size = 16, size_out = 16 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, size = 258, size_out = 258 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2351, size_out = 2351 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 877, size_out = 877 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 645, size_out = 645 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 6444, size_out = 6444 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1453, size_out = 1453 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 513, size_out = 513 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 4556, size_out = 4556 |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\security\java.security, type = file_attributes |
|
1 | |
| File | Create | filename = C:\Program Files\Java\jre7\lib\security\java.security, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\security\java.security, size = 8192, size_out = 8192 |
|
2 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\security\java.security, size = 8192, size_out = 1440 |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\security\java.security, type = file_type |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\security\java.security, type = size, size_out = 17824 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\security\java.security, size = 8192, size_out = 0 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2345, size_out = 2345 |
|
1 | |
| File | Create | filename = C:\Program Files\Java\jre7\lib\jsse.jar, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 4, size_out = 4 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 128, size_out = 128 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 7, size_out = 7 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 13694, size_out = 13694 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 1056, size_out = 1056 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3940, size_out = 3940 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 5672, size_out = 5672 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 844, size_out = 844 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 803, size_out = 803 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2601, size_out = 2601 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 6732, size_out = 6732 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 732, size_out = 732 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 454, size_out = 454 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 78, size_out = 78 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 457, size_out = 457 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 973, size_out = 973 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 308, size_out = 308 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 381, size_out = 381 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 310, size_out = 310 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3431, size_out = 3431 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 382, size_out = 382 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 281, size_out = 281 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 131, size_out = 131 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 5929, size_out = 5929 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, size = 160, size_out = 160 |
|
2 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, size = 16, size_out = 16 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, size = 405, size_out = 405 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, size = 17, size_out = 17 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, size = 182, size_out = 182 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, size = 258, size_out = 258 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, size = 3, size_out = 3 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, size = 354, size_out = 354 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, size = 3, size_out = 3 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, size = 16, size_out = 16 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, size = 645, size_out = 645 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, size = 17, size_out = 17 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, size = 380, size_out = 380 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, size = 17, size_out = 17 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, size = 512, size_out = 512 |
|
1 | |
| File | Create | filename = C:\Program Files\Java\jre7\lib\jce.jar, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 4, size_out = 4 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 128, size_out = 128 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 6708, size_out = 6708 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 4096, size_out = 4096 |
|
2 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 1693, size_out = 1693 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 1351, size_out = 1351 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1358, size_out = 1358 |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, type = file_attributes |
|
1 | |
| File | Create | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, file_attributes = FILE_FLAG_BACKUP_SEMANTICS, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE, FILE_SHARE_DELETE |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, type = time |
|
1 | |
| File | Create | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 4, size_out = 4 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 128, size_out = 128 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 1240, size_out = 1240 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 160, size_out = 160 |
|
2 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 590, size_out = 590 |
|
2 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 525, size_out = 525 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 1320, size_out = 1320 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2666, size_out = 2666 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 314, size_out = 314 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 951, size_out = 951 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 10594, size_out = 10594 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3882, size_out = 3882 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3549, size_out = 3549 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1381, size_out = 1381 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 8211, size_out = 8211 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1075, size_out = 1075 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3695, size_out = 3695 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2117, size_out = 2117 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 346, size_out = 346 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 576, size_out = 576 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 24203, size_out = 24203 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 13092, size_out = 13092 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 623, size_out = 623 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3174, size_out = 3174 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2257, size_out = 2257 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1621, size_out = 1621 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2563, size_out = 2563 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2395, size_out = 2395 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 14258, size_out = 14258 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 853, size_out = 853 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 967, size_out = 967 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3914, size_out = 3914 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 5828, size_out = 5828 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 12814, size_out = 12814 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 4077, size_out = 4077 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2399, size_out = 2399 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2181, size_out = 2181 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2812, size_out = 2812 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 278, size_out = 278 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 6713, size_out = 6713 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3217, size_out = 3217 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 265, size_out = 265 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 6705, size_out = 6705 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3395, size_out = 3395 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1337, size_out = 1337 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 5120, size_out = 5120 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 374, size_out = 374 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1663, size_out = 1663 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 4945, size_out = 4945 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2801, size_out = 2801 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2263, size_out = 2263 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 4843, size_out = 4843 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2266, size_out = 2266 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3589, size_out = 3589 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3217, size_out = 3217 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2498, size_out = 2498 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2363, size_out = 2363 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 631, size_out = 631 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 866, size_out = 866 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 282, size_out = 282 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3850, size_out = 3850 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 591, size_out = 591 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 907, size_out = 907 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3908, size_out = 3908 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 8490, size_out = 8490 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 444, size_out = 444 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1731, size_out = 1731 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 4645, size_out = 4645 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 11624, size_out = 11624 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 915, size_out = 915 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 687, size_out = 687 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 11725, size_out = 11725 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1715, size_out = 1715 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1952, size_out = 1952 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1957, size_out = 1957 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1960, size_out = 1960 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1966, size_out = 1966 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 441, size_out = 441 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 723, size_out = 723 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3045, size_out = 3045 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2242, size_out = 2242 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 387, size_out = 387 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 6064, size_out = 6064 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1369, size_out = 1369 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 4032, size_out = 4032 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 6002, size_out = 6002 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 6001, size_out = 6001 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2439, size_out = 2439 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 144, size_out = 144 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1559, size_out = 1559 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 499, size_out = 499 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 734, size_out = 734 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 390, size_out = 390 |
|
1 | |
| File | Get Info | filename = C:\Program%20Files\Java\jre7\lib\ext\x86\sunec.dll, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program%20Files\Java\jre7\lib\ext\sunec.dll, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\bin\sunec.dll, type = file_attributes |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 1434, size_out = 1434 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 454, size_out = 454 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 5439, size_out = 5439 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 619, size_out = 619 |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, type = file_attributes |
|
1 | |
| File | Create | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, file_attributes = FILE_FLAG_BACKUP_SEMANTICS, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE, FILE_SHARE_DELETE |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, type = time |
|
1 | |
| File | Create | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 4, size_out = 4 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 128, size_out = 128 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 10470, size_out = 10470 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 160, size_out = 160 |
|
2 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 3596, size_out = 3596 |
|
2 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 3529, size_out = 3529 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 1320, size_out = 1320 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 160, size_out = 160 |
|
2 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 735, size_out = 735 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 4170, size_out = 4170 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 817, size_out = 817 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 331, size_out = 331 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2357, size_out = 2357 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 187, size_out = 187 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 3665, size_out = 3665 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 3856, size_out = 3856 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 333, size_out = 333 |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\rt.jar, type = file_attributes |
|
1 | |
| File | Create | filename = C:\Program Files\Java\jre7\lib\rt.jar, file_attributes = FILE_FLAG_BACKUP_SEMANTICS, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE, FILE_SHARE_DELETE |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\rt.jar, type = time |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\jce.jar, type = file_attributes |
|
1 | |
| File | Create | filename = C:\Program Files\Java\jre7\lib\jce.jar, file_attributes = FILE_FLAG_BACKUP_SEMANTICS, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE, FILE_SHARE_DELETE |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\jce.jar, type = time |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 160, size_out = 160 |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\security\US_export_policy.jar, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\security\local_policy.jar, type = file_attributes |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 2915, size_out = 2915 |
|
1 | |
| File | Create | filename = C:\Program Files\Java\jre7\lib\security\US_export_policy.jar, file_attributes = FILE_FLAG_BACKUP_SEMANTICS, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE, FILE_SHARE_DELETE |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\security\US_export_policy.jar, type = time |
|
1 | |
| File | Create | filename = C:\Program Files\Java\jre7\lib\security\US_export_policy.jar, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\security\US_export_policy.jar, size = 4, size_out = 4 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\security\US_export_policy.jar, size = 128, size_out = 128 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\security\US_export_policy.jar, size = 328, size_out = 328 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\security\US_export_policy.jar, size = 350, size_out = 350 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\security\US_export_policy.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\security\US_export_policy.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\security\US_export_policy.jar, size = 160, size_out = 160 |
|
3 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\security\US_export_policy.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\security\US_export_policy.jar, size = 213, size_out = 213 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\security\US_export_policy.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\security\US_export_policy.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\security\US_export_policy.jar, size = 1319, size_out = 1319 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\security\US_export_policy.jar, size = 151, size_out = 151 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\security\US_export_policy.jar, size = 92, size_out = 92 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 4096, size_out = 4096 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 47, size_out = 47 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\security\US_export_policy.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\security\US_export_policy.jar, size = 115, size_out = 115 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 502, size_out = 502 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 807, size_out = 807 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 530, size_out = 530 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 1987, size_out = 1987 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 706, size_out = 706 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 4096, size_out = 4096 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 3777, size_out = 3777 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 3082, size_out = 3082 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 4270, size_out = 4270 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 8559, size_out = 8559 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 6031, size_out = 6031 |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\bin\net.dll, type = file_attributes |
|
1 | |
| Socket | Create | protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM |
|
1 | |
| Socket | Close | type = SOCK_STREAM |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 671, size_out = 671 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1961, size_out = 1961 |
|
1 | |
| DNS | Get Hostname | name_out = cRh2YWu7 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3287, size_out = 3287 |
|
1 | |
| DNS | Resolve Name | host = cRh2YWu7, address_out = fe80:0000:0000:0000:48d9:542c:fc57:360f, 192.168.0.222 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp, type = file_attributes |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 383, size_out = 383 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3661, size_out = 3661 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 292, size_out = 292 |
|
1 | |
| File | Create | filename = C:\Program Files\Java\jre7\lib\security\local_policy.jar, file_attributes = FILE_FLAG_BACKUP_SEMANTICS, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE, FILE_SHARE_DELETE |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\security\local_policy.jar, type = time |
|
1 | |
| File | Create | filename = C:\Program Files\Java\jre7\lib\security\local_policy.jar, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\security\local_policy.jar, size = 4, size_out = 4 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\security\local_policy.jar, size = 128, size_out = 128 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\security\local_policy.jar, size = 389, size_out = 389 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\security\local_policy.jar, size = 411, size_out = 411 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\security\local_policy.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\security\local_policy.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\security\local_policy.jar, size = 194, size_out = 194 |
|
2 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\security\local_policy.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\security\local_policy.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\security\local_policy.jar, size = 242, size_out = 242 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\security\local_policy.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\security\local_policy.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\security\local_policy.jar, size = 1318, size_out = 1318 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\security\local_policy.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\security\local_policy.jar, size = 153, size_out = 153 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\security\local_policy.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\security\local_policy.jar, size = 209, size_out = 209 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 883, size_out = 883 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 994, size_out = 994 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 780, size_out = 780 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\security\local_policy.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\security\local_policy.jar, size = 206, size_out = 206 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 533, size_out = 533 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 775, size_out = 775 |
|
1 | |
| File | Create | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, file_attributes = FILE_FLAG_BACKUP_SEMANTICS, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE, FILE_SHARE_DELETE |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, type = time |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 301, size_out = 301 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 8192, size_out = 8192 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 3596, size_out = 3596 |
|
2 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 3529, size_out = 3529 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 1320, size_out = 1320 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 160, size_out = 160 |
|
2 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 3596, size_out = 3596 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 3529, size_out = 3529 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 1320, size_out = 1320 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 1137, size_out = 1137 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 1486, size_out = 1486 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 1009, size_out = 1009 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 1052, size_out = 1052 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 269, size_out = 269 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 1438, size_out = 1438 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 2684, size_out = 2684 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 157, size_out = 157 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 902, size_out = 902 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 1516, size_out = 1516 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 925, size_out = 925 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 1403, size_out = 1403 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 684, size_out = 684 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 2171, size_out = 2171 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 1421, size_out = 1421 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 694, size_out = 694 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 171, size_out = 171 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 1111, size_out = 1111 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 814, size_out = 814 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 608, size_out = 608 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 677, size_out = 677 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 274, size_out = 274 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 1343, size_out = 1343 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 541, size_out = 541 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 2912, size_out = 2912 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 1249, size_out = 1249 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 1311, size_out = 1311 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 265, size_out = 265 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 1605, size_out = 1605 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 557, size_out = 557 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 173, size_out = 173 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 2789, size_out = 2789 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar, size = 230, size_out = 230 |
|
1 | |
|
For performance reasons, the remaining 1499 entries are omitted.
The remaining entries can be found in glog.xml. |
|||||
Thread 0xad4
3
0
| Category | Operation | Information | Success | Count | Logfile |
|---|---|---|---|---|---|
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 541, size_out = 541 |
|
1 |
Thread 0xb3c
33
0
| Category | Operation | Information | Success | Count | Logfile |
|---|---|---|---|---|---|
| Module | Load | module_name = COMCTL32.dll, base_address = 0x74250000 |
|
1 | |
| Module | Get Address | module_name = c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll, function = InitCommonControlsEx, address_out = 0x742709ce |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\user32.dll, function = LoadIconW, address_out = 0x769cf142 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\user32.dll, function = RegisterClassW, address_out = 0x769ced4a |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\user32.dll, function = GetDC, address_out = 0x769d544c |
|
1 | |
| Module | Load | module_name = GDI32.dll, base_address = 0x76970000 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\gdi32.dll, function = GetDeviceCaps, address_out = 0x76976f7f |
|
2 | |
| Module | Get Address | module_name = c:\windows\system32\user32.dll, function = ReleaseDC, address_out = 0x769d5421 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\user32.dll, function = CreateWindowExW, address_out = 0x769cec7c |
|
1 | |
| Window | Create | window_name = theAwtToolkitWindow, class_name = SunAwtToolkit, wndproc_parameter = 0 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\user32.dll, function = DefWindowProcW, address_out = 0x769d507d |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\user32.dll, function = SetWindowsHookExW, address_out = 0x769ce30c |
|
1 | |
| System | Register Hook | type = WH_GETMESSAGE, hookproc_address = 0x6ccf1da0 |
|
1 | |
| Module | Load | module_name = ole32.dll, base_address = 0x76d70000 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\ole32.dll, function = OleInitialize, address_out = 0x76d8efd7 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 569, size_out = 569 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 333, size_out = 333 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\user32.dll, function = WaitMessage, address_out = 0x769d66bd |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\user32.dll, function = PeekMessageW, address_out = 0x769d634a |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\user32.dll, function = EnumThreadWindows, address_out = 0x769cb712 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\user32.dll, function = PostMessageW, address_out = 0x769d447b |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\user32.dll, function = CallNextHookEx, address_out = 0x769cabe1 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\user32.dll, function = PostQuitMessage, address_out = 0x769cb308 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\ole32.dll, function = OleUninitialize, address_out = 0x76d8eba1 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\user32.dll, function = GetMessageW, address_out = 0x769dcde8 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\user32.dll, function = IsWindow, address_out = 0x769d53ba |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\user32.dll, function = DestroyWindow, address_out = 0x769cb2f4 |
|
1 |
Thread 0xb40
357
0
| Category | Operation | Information | Success | Count | Logfile |
|---|---|---|---|---|---|
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, size = 16, size_out = 16 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, size = 390, size_out = 390 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 448, size_out = 448 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 4013, size_out = 4013 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1566, size_out = 1566 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 402, size_out = 402 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 1366, size_out = 1366 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 9311, size_out = 9311 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 3572, size_out = 3572 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1619, size_out = 1619 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 2404, size_out = 2404 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 3013, size_out = 3013 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 1708, size_out = 1708 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 2879, size_out = 2879 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 1285, size_out = 1285 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 1398, size_out = 1398 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 1090, size_out = 1090 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 3789, size_out = 3789 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 436, size_out = 436 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 792, size_out = 792 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 384, size_out = 384 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 78, size_out = 78 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 1217, size_out = 1217 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 480, size_out = 480 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 622, size_out = 622 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 76, size_out = 76 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 527, size_out = 527 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 4051, size_out = 4051 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 7991, size_out = 7991 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 704, size_out = 704 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 8401, size_out = 8401 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 2096, size_out = 2096 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2691, size_out = 2691 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1111, size_out = 1111 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1664, size_out = 1664 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive2551337130529148691.vbs, type = file_attributes |
|
1 | |
| File | Create | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive2551337130529148691.vbs, desired_access = GENERIC_WRITE, GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, FILE_FLAG_OPEN_REPARSE_POINT, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| File | Create | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive2551337130529148691.vbs, desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| File | Write | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive2551337130529148691.vbs, size = 276 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 6028, size_out = 6028 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 7832, size_out = 7832 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 382, size_out = 382 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 5512, size_out = 5512 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 949, size_out = 949 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1167, size_out = 1167 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1731, size_out = 1731 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1427, size_out = 1427 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1429, size_out = 1429 |
|
1 | |
| File | Create Pipe | pipe_name = Anonymous read pipe, size = 4120 |
|
1 | |
| File | Create Pipe | pipe_name = Anonymous read pipe, size = 4120 |
|
1 | |
| File | Create Pipe | pipe_name = Anonymous read pipe, size = 4120 |
|
1 | |
| Process | Create | process_name = cmd.exe /C cscript.exe C:\Users\EEBsYm5\AppData\Local\Temp\Retrive2551337130529148691.vbs, os_pid = 0xb48, creation_flags = CREATE_UNICODE_ENVIRONMENT, CREATE_NO_WINDOW, startup_flags = STARTF_USESTDHANDLES, show_window = SW_HIDE |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1873, size_out = 1873 |
|
1 | |
| File | Read | size = 8192, size_out = 108 |
|
1 | |
| File | Get Info | type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | size = 8192, size_out = 0 |
|
1 | |
| Process | Terminate | exit_code = 1 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive2551337130529148691.vbs, type = file_attributes |
|
1 | |
| File | Delete | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive2551337130529148691.vbs |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive2742094931696724792.vbs, type = file_attributes |
|
1 | |
| File | Create | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive2742094931696724792.vbs, desired_access = GENERIC_WRITE, GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, FILE_FLAG_OPEN_REPARSE_POINT, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| File | Create | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive2742094931696724792.vbs, desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| File | Write | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive2742094931696724792.vbs, size = 281 |
|
1 | |
| System | Get Info | type = Operating System |
|
1 | |
| File | Create Pipe | pipe_name = Anonymous read pipe, size = 4120 |
|
1 | |
| File | Create Pipe | pipe_name = Anonymous read pipe, size = 4120 |
|
1 | |
| File | Create Pipe | pipe_name = Anonymous read pipe, size = 4120 |
|
1 | |
| Process | Create | process_name = cmd.exe /C cscript.exe C:\Users\EEBsYm5\AppData\Local\Temp\Retrive2742094931696724792.vbs, os_pid = 0xbac, creation_flags = CREATE_UNICODE_ENVIRONMENT, CREATE_NO_WINDOW, startup_flags = STARTF_USESTDHANDLES, show_window = SW_HIDE |
|
1 | |
| File | Read | size = 8192, size_out = 108 |
|
1 | |
| File | Get Info | type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | size = 8192, size_out = 0 |
|
1 | |
| Process | Terminate | exit_code = 1 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive2742094931696724792.vbs, type = file_attributes |
|
1 | |
| File | Delete | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive2742094931696724792.vbs |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Roaming\Oracle\bin\javaw.exe, type = file_attributes |
|
1 | |
| File | Create | filename = C:\Windows\System32\test.txt, desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| File | Write | filename = C:\Windows\System32\test.txt, size = 859 |
|
1 | |
| System | Get Info | type = Operating System |
|
1 | |
| File | Create Pipe | pipe_name = Anonymous read pipe, size = 4120 |
|
1 | |
| File | Create Pipe | pipe_name = Anonymous read pipe, size = 4120 |
|
1 | |
| Process | Create | process_name = cmd.exe, os_pid = 0xc1c, creation_flags = CREATE_UNICODE_ENVIRONMENT, CREATE_NO_WINDOW, startup_flags = STARTF_USESTDHANDLES, show_window = SW_HIDE |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 445, size_out = 445 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1797, size_out = 1797 |
|
1 | |
| File | Write | size = 131 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive2742094931696724792.vbs, size = 8192, size_out = 36 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive2742094931696724792.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive2742094931696724792.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive2742094931696724792.vbs, size = 8192, size_out = 2 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive2742094931696724792.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive2742094931696724792.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive2742094931696724792.vbs, size = 8192, size_out = 63 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive2742094931696724792.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive2742094931696724792.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive2742094931696724792.vbs, size = 8192, size_out = 2 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive2742094931696724792.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive2742094931696724792.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive2742094931696724792.vbs, size = 8192, size_out = 2 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive2742094931696724792.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive2742094931696724792.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive2742094931696724792.vbs, size = 8192, size_out = 25 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive2742094931696724792.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive2742094931696724792.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive2742094931696724792.vbs, size = 8192, size_out = 131 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive2742094931696724792.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive2742094931696724792.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive2742094931696724792.vbs, size = 8192, size_out = 95 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive2742094931696724792.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive2742094931696724792.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive2742094931696724792.vbs, size = 8192, size_out = 24 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive2742094931696724792.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive2742094931696724792.vbs, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1396, size_out = 1396 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 582, size_out = 582 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 46400, size_out = 46400 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 263, size_out = 263 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 357, size_out = 357 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 5472, size_out = 5472 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3241, size_out = 3241 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 784, size_out = 784 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1886, size_out = 1886 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 5529, size_out = 5529 |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\bin\net.dll, type = file_attributes |
|
3 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1188, size_out = 1188 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 213, size_out = 213 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 878, size_out = 878 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 7520, size_out = 7520 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 8446, size_out = 8446 |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\bin\management.dll, type = file_attributes |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 5830, size_out = 5830 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1929, size_out = 1929 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 519, size_out = 519 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 855, size_out = 855 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 413, size_out = 413 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 300, size_out = 300 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 152, size_out = 152 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1206, size_out = 1206 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 7192, size_out = 7192 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 536, size_out = 536 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 22580, size_out = 22580 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 325, size_out = 325 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2388, size_out = 2388 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1746, size_out = 1746 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 845, size_out = 845 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 14934, size_out = 14934 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 322, size_out = 322 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1032, size_out = 1032 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 773, size_out = 773 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 122, size_out = 122 |
|
1 | |
| File | Create | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, file_attributes = FILE_FLAG_BACKUP_SEMANTICS, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE, FILE_SHARE_DELETE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\_0.86996859035608224741331762670039370.class, type = time |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\fUTkALeaTxM, type = file_attributes |
|
1 | |
| File | Create Directory | C:\Users\EEBsYm5\fUTkALeaTxM |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\fUTkALeaTxM\ID.txt, type = file_attributes |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3759, size_out = 3759 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 348, size_out = 348 |
|
1 | |
| File | Create | filename = C:\Users\EEBsYm5\fUTkALeaTxM\ID.txt, desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| File | Write | filename = C:\Users\EEBsYm5\fUTkALeaTxM\ID.txt, size = 47 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\fUTkALeaTxM\DdWDtpinxpf, type = file_attributes |
|
2 | |
| File | Create Directory | C:\Users\EEBsYm5\fUTkALeaTxM\DdWDtpinxpf |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\fUTkALeaTxM\DdWDtpinxpf, type = file_attributes |
|
3 |
Thread 0xc50
269
3
| Category | Operation | Information | Success | Count | Logfile |
|---|---|---|---|---|---|
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 26461, size_out = 26461 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 4540, size_out = 4540 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1995, size_out = 1995 |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\bin\net.dll, type = file_attributes |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1261, size_out = 1261 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 4115, size_out = 4115 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2598, size_out = 2598 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 11029, size_out = 11029 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 296, size_out = 296 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1028, size_out = 1028 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 17440, size_out = 17440 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 3033, size_out = 3033 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 861, size_out = 861 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 2660, size_out = 2660 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 1444, size_out = 1444 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 1192, size_out = 1192 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 7071, size_out = 7071 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2038, size_out = 2038 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 2049, size_out = 2049 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 1627, size_out = 1627 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 8760, size_out = 8760 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 3164, size_out = 3164 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 2552, size_out = 2552 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1600, size_out = 1600 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 109, size_out = 109 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 235, size_out = 235 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 2863, size_out = 2863 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 443, size_out = 443 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 837, size_out = 837 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 3196, size_out = 3196 |
|
1 | |
| File | Create | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, file_attributes = FILE_FLAG_BACKUP_SEMANTICS, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE, FILE_SHARE_DELETE |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, type = time |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 1262, size_out = 1262 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 590, size_out = 590 |
|
2 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 525, size_out = 525 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 1320, size_out = 1320 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 160, size_out = 160 |
|
2 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 590, size_out = 590 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 525, size_out = 525 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 1320, size_out = 1320 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 1812, size_out = 1812 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 240, size_out = 240 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 1434, size_out = 1434 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 2863, size_out = 2863 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 242, size_out = 242 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 390, size_out = 390 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 242, size_out = 242 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 1989, size_out = 1989 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 837, size_out = 837 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 734, size_out = 734 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 235, size_out = 235 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 5122, size_out = 5122 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 285, size_out = 285 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 889, size_out = 889 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3271, size_out = 3271 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 496, size_out = 496 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunec.jar, size = 1812, size_out = 1812 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 302, size_out = 302 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 23927, size_out = 23927 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1227, size_out = 1227 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 761, size_out = 761 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 107, size_out = 107 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2146, size_out = 2146 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 975, size_out = 975 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 2114, size_out = 2114 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3293, size_out = 3293 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jce.jar, size = 634, size_out = 634 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 725, size_out = 725 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 859, size_out = 859 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 745, size_out = 745 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 1326, size_out = 1326 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 4319, size_out = 4319 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 595, size_out = 595 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 626, size_out = 626 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 763, size_out = 763 |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\ext\sunmscapi.jar, type = file_attributes |
|
1 | |
| File | Create | filename = C:\Program Files\Java\jre7\lib\ext\sunmscapi.jar, file_attributes = FILE_FLAG_BACKUP_SEMANTICS, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE, FILE_SHARE_DELETE |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\ext\sunmscapi.jar, type = time |
|
1 | |
| File | Create | filename = C:\Program Files\Java\jre7\lib\ext\sunmscapi.jar, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunmscapi.jar, size = 4, size_out = 4 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunmscapi.jar, size = 128, size_out = 128 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunmscapi.jar, size = 2191, size_out = 2191 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunmscapi.jar, size = 103, size_out = 103 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunmscapi.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunmscapi.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunmscapi.jar, size = 913, size_out = 913 |
|
2 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunmscapi.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunmscapi.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunmscapi.jar, size = 852, size_out = 852 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunmscapi.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunmscapi.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunmscapi.jar, size = 1319, size_out = 1319 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunmscapi.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunmscapi.jar, size = 103, size_out = 103 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunmscapi.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunmscapi.jar, size = 1269, size_out = 1269 |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\ext\sunmscapi.jar, type = file_attributes |
|
2 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunmscapi.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunmscapi.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\ext\sunmscapi.jar, size = 404, size_out = 404 |
|
1 | |
| File | Get Info | filename = C:\Program%20Files\Java\jre7\lib\ext\x86\sunmscapi.dll, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program%20Files\Java\jre7\lib\ext\sunmscapi.dll, type = file_attributes |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\bin\sunmscapi.dll, type = file_attributes |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 1399, size_out = 1399 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 3618, size_out = 3618 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 1507, size_out = 1507 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 8099, size_out = 8099 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 964, size_out = 964 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 1312, size_out = 1312 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\jsse.jar, size = 5799, size_out = 5799 |
|
1 | |
| Socket | Create | protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 686, size_out = 686 |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\net.properties, type = file_attributes |
|
2 | |
| File | Create | filename = C:\Program Files\Java\jre7\lib\net.properties, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\net.properties, size = 8192, size_out = 3070 |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\net.properties, type = file_type |
|
1 | |
| File | Get Info | filename = C:\Program Files\Java\jre7\lib\net.properties, type = size, size_out = 3070 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\net.properties, size = 8192, size_out = 0 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 3605, size_out = 3605 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 331, size_out = 331 |
|
1 | |
| Socket | Connect | remote_address = 0000:0000:0000:0000:0000:ffff:7f00:0001, remote_port = 7777 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 160, size_out = 160 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 30, size_out = 30 |
|
1 | |
| File | Read | filename = C:\Program Files\Java\jre7\lib\rt.jar, size = 278, size_out = 278 |
|
1 | |
| Socket | Close | type = SOCK_STREAM |
|
1 |
Thread 0xc58
0
3
| Category | Operation | Information | Success | Count | Logfile |
|---|---|---|---|---|---|
| Socket | Create | protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM |
|
1 | |
| Socket | Connect | remote_address = 0000:0000:0000:0000:0000:ffff:7f00:0001, remote_port = 7777 |
|
1 | |
| Socket | Close | type = SOCK_STREAM |
|
1 |
Thread 0xc5c
0
3
| Category | Operation | Information | Success | Count | Logfile |
|---|---|---|---|---|---|
| Socket | Create | protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM |
|
1 | |
| Socket | Connect | remote_address = 0000:0000:0000:0000:0000:ffff:7f00:0001, remote_port = 7777 |
|
1 | |
| Socket | Close | type = SOCK_STREAM |
|
1 |
Thread 0xcdc
0
3
| Category | Operation | Information | Success | Count | Logfile |
|---|---|---|---|---|---|
| Socket | Create | protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM |
|
1 | |
| Socket | Connect | remote_address = 0000:0000:0000:0000:0000:ffff:7f00:0001, remote_port = 7777 |
|
1 | |
| Socket | Close | type = SOCK_STREAM |
|
1 |
Thread 0xd6c
0
3
| Category | Operation | Information | Success | Count | Logfile |
|---|---|---|---|---|---|
| Socket | Create | protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM |
|
1 | |
| Socket | Connect | remote_address = 0000:0000:0000:0000:0000:ffff:7f00:0001, remote_port = 7777 |
|
1 | |
| Socket | Close | type = SOCK_STREAM |
|
1 |
Thread 0xda8
0
3
| Category | Operation | Information | Success | Count | Logfile |
|---|---|---|---|---|---|
| Socket | Create | protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM |
|
1 | |
| Socket | Connect | remote_address = 0000:0000:0000:0000:0000:ffff:7f00:0001, remote_port = 7777 |
|
1 | |
| Socket | Close | type = SOCK_STREAM |
|
1 |
Thread 0xdb0
0
3
| Category | Operation | Information | Success | Count | Logfile |
|---|---|---|---|---|---|
| Socket | Create | protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM |
|
1 | |
| Socket | Connect | remote_address = 0000:0000:0000:0000:0000:ffff:7f00:0001, remote_port = 7777 |
|
1 | |
| Socket | Close | type = SOCK_STREAM |
|
1 |
Thread 0xdbc
0
3
| Category | Operation | Information | Success | Count | Logfile |
|---|---|---|---|---|---|
| Socket | Create | protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM |
|
1 | |
| Socket | Connect | remote_address = 0000:0000:0000:0000:0000:ffff:7f00:0001, remote_port = 7777 |
|
1 | |
| Socket | Close | type = SOCK_STREAM |
|
1 |
Thread 0xdc0
0
3
| Category | Operation | Information | Success | Count | Logfile |
|---|---|---|---|---|---|
| Socket | Create | protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM |
|
1 | |
| Socket | Connect | remote_address = 0000:0000:0000:0000:0000:ffff:7f00:0001, remote_port = 7777 |
|
1 | |
| Socket | Close | type = SOCK_STREAM |
|
1 |
Thread 0xdc4
0
3
| Category | Operation | Information | Success | Count | Logfile |
|---|---|---|---|---|---|
| Socket | Create | protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM |
|
1 | |
| Socket | Connect | remote_address = 0000:0000:0000:0000:0000:ffff:7f00:0001, remote_port = 7777 |
|
1 | |
| Socket | Close | type = SOCK_STREAM |
|
1 |
Thread 0xdc8
0
3
| Category | Operation | Information | Success | Count | Logfile |
|---|---|---|---|---|---|
| Socket | Create | protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM |
|
1 | |
| Socket | Connect | remote_address = 0000:0000:0000:0000:0000:ffff:7f00:0001, remote_port = 7777 |
|
1 | |
| Socket | Close | type = SOCK_STREAM |
|
1 |
Thread 0xe28
2
0
| Category | Operation | Information | Success | Count | Logfile |
|---|---|---|---|---|---|
| Module | Get Address | module_name = c:\windows\system32\user32.dll, function = SendMessageW, address_out = 0x769d5539 |
|
1 | |
| System | Sleep | duration = 100 milliseconds (0.100 seconds) |
|
1 |
Process #3: cmd.exe
56
0
| Information | Value |
|---|---|
| ID | #3 |
| File Name | c:\windows\system32\cmd.exe |
| Command Line | cmd.exe /C cscript.exe C:\Users\EEBsYm5\AppData\Local\Temp\Retrive6349682593628295348.vbs |
| Initial Working Directory | C:\Users\EEBsYm5\Desktop\ |
| Monitor | Start Time: 00:01:12, Reason: Child Process |
| Unmonitor | End Time: 00:02:41, Reason: Terminated by Timeout |
| Monitor Duration | 00:01:29 |
OS Process Information
| Information | Value |
|---|---|
| PID | 0xae8 |
| Parent PID | 0xa14 (c:\program files\java\jre7\bin\java.exe) |
| Is Created or Modified Executable |
|
| Integrity Level | High (Elevated) |
| Username | CRH2YWU7\EEBsYm5 |
| Enabled Privileges | SeChangeNotifyPrivilege, SeImpersonatePrivilege, SeCreateGlobalPrivilege |
| Thread IDs |
0x
AEC
|
Region
| Name | Start VA | End VA | Type | Permissions | Monitored | Dumped | YARA | Actions |
|---|---|---|---|---|---|---|---|---|
| private_0x0000000000010000 | 0x00010000 | 0x0002ffff | Private Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x0000000000010000 | 0x00010000 | 0x0001ffff | Pagefile Backed Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x0000000000020000 | 0x00020000 | 0x0002ffff | Pagefile Backed Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x0000000000030000 | 0x00030000 | 0x00033fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| pagefile_0x0000000000040000 | 0x00040000 | 0x00040fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| locale.nls | 0x00050000 | 0x000b6fff | Memory Mapped File | Readable |
|
|
|
- |
| pagefile_0x00000000000c0000 | 0x000c0000 | 0x000c6fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| pagefile_0x00000000000d0000 | 0x000d0000 | 0x000d1fff | Pagefile Backed Memory | Readable, Writable |
|
|
|
- |
| private_0x00000000000e0000 | 0x000e0000 | 0x000e0fff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x00000000000f0000 | 0x000f0000 | 0x000f0fff | Private Memory | Readable, Writable |
|
|
|
- |
| cscript.exe | 0x00100000 | 0x00121fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| private_0x0000000000130000 | 0x00130000 | 0x0022ffff | Private Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x0000000000230000 | 0x00230000 | 0x002f7fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| cscript.exe.mui | 0x00300000 | 0x00302fff | Memory Mapped File | Readable, Writable |
|
|
|
- |
| private_0x0000000000320000 | 0x00320000 | 0x0032ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x00000000003a0000 | 0x003a0000 | 0x0049ffff | Private Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x00000000004a0000 | 0x004a0000 | 0x005a0fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| pagefile_0x00000000005b0000 | 0x005b0000 | 0x011affff | Pagefile Backed Memory | Readable |
|
|
|
- |
| pagefile_0x00000000011b0000 | 0x011b0000 | 0x01312fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| sortdefault.nls | 0x01320000 | 0x015eefff | Memory Mapped File | Readable |
|
|
|
- |
| cmd.exe | 0x4a090000 | 0x4a0dbfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| winbrand.dll | 0x6f550000 | 0x6f556fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| kernelbase.dll | 0x75490000 | 0x754d9fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| imm32.dll | 0x76920000 | 0x7693efff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| gdi32.dll | 0x76970000 | 0x769bdfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| user32.dll | 0x769c0000 | 0x76a88fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| usp10.dll | 0x76bd0000 | 0x76c6cfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| kernel32.dll | 0x76ed0000 | 0x76fa3fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| msctf.dll | 0x77050000 | 0x7711bfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| ntdll.dll | 0x77120000 | 0x7725bfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| lpk.dll | 0x77290000 | 0x77299fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| msvcrt.dll | 0x772a0000 | 0x7734bfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| apisetschema.dll | 0x77360000 | 0x77360fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| pagefile_0x000000007f6f0000 | 0x7f6f0000 | 0x7f7effff | Pagefile Backed Memory | Readable |
|
|
|
- |
| pagefile_0x000000007ffb0000 | 0x7ffb0000 | 0x7ffd2fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| private_0x000000007ffd5000 | 0x7ffd5000 | 0x7ffd5fff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x000000007ffdf000 | 0x7ffdf000 | 0x7ffdffff | Private Memory | Readable, Writable |
|
|
|
- |
Threads
Thread 0xaec
56
0
| Category | Operation | Information | Success | Count | Logfile |
|---|---|---|---|---|---|
| System | Get Time | type = System Time, time = 2018-02-24 20:29:37 (UTC) |
|
1 | |
| System | Get Time | type = Ticks, time = 136781 |
|
1 | |
| Module | Get Handle | module_name = c:\windows\system32\cmd.exe, base_address = 0x4a090000 |
|
1 | |
| Module | Get Handle | module_name = c:\windows\system32\kernel32.dll, base_address = 0x76ed0000 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\kernel32.dll, function = SetThreadUILanguage, address_out = 0x76f224c2 |
|
1 | |
| Registry | Open Key | reg_name = HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\System |
|
1 | |
| File | Open | filename = STD_OUTPUT_HANDLE |
|
2 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| Environment | Get Environment String | - |
|
2 | |
| Registry | Open Key | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DisableUNCCheck, data = 232, type = REG_NONE |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = EnableExtensions, data = 1, type = REG_DWORD_LITTLE_ENDIAN |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DelayedExpansion, data = 1, type = REG_NONE |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DefaultColor, data = 0, type = REG_DWORD_LITTLE_ENDIAN |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = CompletionChar, data = 64, type = REG_DWORD_LITTLE_ENDIAN |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = PathCompletionChar, data = 64, type = REG_DWORD_LITTLE_ENDIAN |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = AutoRun, data = 64, type = REG_NONE |
|
1 | |
| Registry | Open Key | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor |
|
1 | |
| Registry | Read Value | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DisableUNCCheck, data = 64, type = REG_NONE |
|
1 | |
| Registry | Read Value | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = EnableExtensions, data = 1, type = REG_DWORD_LITTLE_ENDIAN |
|
1 | |
| Registry | Read Value | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DelayedExpansion, data = 1, type = REG_NONE |
|
1 | |
| Registry | Read Value | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DefaultColor, data = 0, type = REG_DWORD_LITTLE_ENDIAN |
|
1 | |
| Registry | Read Value | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = CompletionChar, data = 9, type = REG_DWORD_LITTLE_ENDIAN |
|
1 | |
| Registry | Read Value | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = PathCompletionChar, data = 9, type = REG_DWORD_LITTLE_ENDIAN |
|
1 | |
| Registry | Read Value | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = AutoRun, data = 9, type = REG_NONE |
|
1 | |
| Module | Get Filename | process_name = c:\windows\system32\cmd.exe, file_name_orig = C:\Windows\system32\cmd.exe, size = 260 |
|
1 | |
| Environment | Get Environment String | name = PATH, result_out = C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ |
|
1 | |
| Environment | Get Environment String | name = PATHEXT, result_out = .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC |
|
1 | |
| Environment | Get Environment String | name = PROMPT |
|
1 | |
| Environment | Set Environment String | name = PROMPT, value = $P$G |
|
1 | |
| Environment | Get Environment String | - |
|
1 | |
| Environment | Get Environment String | name = COMSPEC, result_out = C:\Windows\system32\cmd.exe |
|
1 | |
| Environment | Get Environment String | name = KEYS |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\Desktop, type = file_attributes |
|
2 | |
| Environment | Set Environment String | name = =C:, value = C:\Users\EEBsYm5\Desktop |
|
1 | |
| Environment | Get Environment String | - |
|
1 | |
| Module | Get Handle | module_name = c:\windows\system32\kernel32.dll, base_address = 0x76ed0000 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\kernel32.dll, function = CopyFileExW, address_out = 0x76f0ac6c |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\kernel32.dll, function = IsDebuggerPresent, address_out = 0x76f13ea8 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\kernel32.dll, function = SetConsoleInputExeNameW, address_out = 0x76f22732 |
|
1 | |
| File | Get Info | filename = cscript.exe, type = file_attributes |
|
1 | |
| Environment | Get Environment String | name = PATH, result_out = C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ |
|
1 | |
| Environment | Get Environment String | name = PATHEXT, result_out = .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC |
|
1 | |
| Process | Create | process_name = C:\Windows\system32\cscript.exe, os_pid = 0xb00, creation_flags = CREATE_EXTENDED_STARTUPINFO_PRESENT, show_window = SW_SHOWNORMAL |
|
1 | |
| Environment | Set Environment String | name = COPYCMD |
|
1 | |
| Environment | Get Environment String | - |
|
1 | |
| Environment | Set Environment String | name = =ExitCode, value = 00000000 |
|
1 | |
| Environment | Get Environment String | - |
|
1 | |
| Environment | Set Environment String | name = =ExitCodeAscii |
|
1 | |
| Environment | Get Environment String | - |
|
1 | |
| File | Open | filename = STD_OUTPUT_HANDLE |
|
2 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 |
Process #4: cscript.exe
82
0
| Information | Value |
|---|---|
| ID | #4 |
| File Name | c:\windows\system32\cscript.exe |
| Command Line | cscript.exe C:\Users\EEBsYm5\AppData\Local\Temp\Retrive6349682593628295348.vbs |
| Initial Working Directory | C:\Users\EEBsYm5\Desktop\ |
| Monitor | Start Time: 00:01:13, Reason: Child Process |
| Unmonitor | End Time: 00:02:41, Reason: Terminated by Timeout |
| Monitor Duration | 00:01:28 |
OS Process Information
| Information | Value |
|---|---|
| PID | 0xb00 |
| Parent PID | 0xae8 (c:\windows\system32\cmd.exe) |
| Is Created or Modified Executable |
|
| Integrity Level | High (Elevated) |
| Username | CRH2YWU7\EEBsYm5 |
| Enabled Privileges | SeChangeNotifyPrivilege, SeImpersonatePrivilege, SeCreateGlobalPrivilege |
| Thread IDs |
0x
B04
0x
B08
0x
B0C
0x
B14
0x
B20
0x
B28
0x
B2C
0x
B30
|
Region
| Name | Start VA | End VA | Type | Permissions | Monitored | Dumped | YARA | Actions |
|---|---|---|---|---|---|---|---|---|
| private_0x0000000000010000 | 0x00010000 | 0x0002ffff | Private Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x0000000000010000 | 0x00010000 | 0x0001ffff | Pagefile Backed Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x0000000000020000 | 0x00020000 | 0x0002ffff | Pagefile Backed Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x0000000000030000 | 0x00030000 | 0x00033fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| locale.nls | 0x00040000 | 0x000a6fff | Memory Mapped File | Readable |
|
|
|
- |
| pagefile_0x00000000000b0000 | 0x000b0000 | 0x000b6fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| pagefile_0x00000000000c0000 | 0x000c0000 | 0x000c1fff | Pagefile Backed Memory | Readable, Writable |
|
|
|
- |
| private_0x00000000000d0000 | 0x000d0000 | 0x000dffff | Private Memory | Readable, Writable |
|
|
|
- |
| cscript.exe.mui | 0x000e0000 | 0x000e2fff | Memory Mapped File | Readable, Writable |
|
|
|
- |
| private_0x00000000000f0000 | 0x000f0000 | 0x000f0fff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000000100000 | 0x00100000 | 0x00100fff | Private Memory | Readable, Writable |
|
|
|
- |
| cscript.exe | 0x00110000 | 0x0011bfff | Memory Mapped File | Readable |
|
|
|
- |
| pagefile_0x0000000000120000 | 0x00120000 | 0x00120fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| private_0x0000000000130000 | 0x00130000 | 0x0022ffff | Private Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x0000000000230000 | 0x00230000 | 0x002f7fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| pagefile_0x0000000000300000 | 0x00300000 | 0x00400fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| pagefile_0x0000000000410000 | 0x00410000 | 0x00410fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| private_0x0000000000420000 | 0x00420000 | 0x0051ffff | Private Memory | Readable, Writable |
|
|
|
- |
| rpcss.dll | 0x00520000 | 0x0057bfff | Memory Mapped File | Readable |
|
|
|
- |
| private_0x0000000000520000 | 0x00520000 | 0x0056ffff | Private Memory | Readable, Writable |
|
|
|
- |
| retrive6349682593628295348.vbs | 0x00520000 | 0x00520fff | Memory Mapped File | Readable |
|
|
|
|
| private_0x0000000000520000 | 0x00520000 | 0x0052ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000000530000 | 0x00530000 | 0x0056ffff | Private Memory | Readable, Writable |
|
|
|
- |
| rsaenh.dll | 0x00570000 | 0x005abfff | Memory Mapped File | Readable |
|
|
|
- |
| retrive6349682593628295348.vbs | 0x00570000 | 0x00570fff | Memory Mapped File | Readable |
|
|
|
|
| private_0x0000000000570000 | 0x00570000 | 0x0059ffff | Private Memory | Readable, Writable |
|
|
|
- |
| wbemdisp.tlb | 0x00570000 | 0x0057efff | Memory Mapped File | Readable |
|
|
|
- |
| private_0x0000000000590000 | 0x00590000 | 0x0059ffff | Private Memory | Readable, Writable |
|
|
|
- |
| cscript.exe | 0x005f0000 | 0x00611fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| pagefile_0x0000000000620000 | 0x00620000 | 0x0121ffff | Pagefile Backed Memory | Readable |
|
|
|
- |
| pagefile_0x0000000001220000 | 0x01220000 | 0x012fefff | Pagefile Backed Memory | Readable |
|
|
|
- |
| private_0x0000000001380000 | 0x01380000 | 0x0147ffff | Private Memory | Readable, Writable |
|
|
|
- |
| sortdefault.nls | 0x01480000 | 0x0174efff | Memory Mapped File | Readable |
|
|
|
- |
| private_0x0000000001750000 | 0x01750000 | 0x0184ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000001850000 | 0x01850000 | 0x0194ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000001a20000 | 0x01a20000 | 0x01b1ffff | Private Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x0000000001b20000 | 0x01b20000 | 0x01f1ffff | Pagefile Backed Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000001f20000 | 0x01f20000 | 0x020cffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000001f20000 | 0x01f20000 | 0x0207ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000001f40000 | 0x01f40000 | 0x0203ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000002040000 | 0x02040000 | 0x0207ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000002090000 | 0x02090000 | 0x020cffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x00000000020f0000 | 0x020f0000 | 0x021effff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000002220000 | 0x02220000 | 0x0231ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000002470000 | 0x02470000 | 0x0256ffff | Private Memory | Readable, Writable |
|
|
|
- |
| wbemdisp.dll | 0x6d500000 | 0x6d530fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| scrobj.dll | 0x6dad0000 | 0x6dafcfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| wmiutils.dll | 0x6f390000 | 0x6f3a6fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| comctl32.dll | 0x6f3c0000 | 0x6f443fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| wshext.dll | 0x6f450000 | 0x6f465fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| vbscript.dll | 0x6f4e0000 | 0x6f54afff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| msisip.dll | 0x6f560000 | 0x6f567fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| wbemsvc.dll | 0x6f7c0000 | 0x6f7cefff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| wbemprox.dll | 0x6fa20000 | 0x6fa29fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| ntdsapi.dll | 0x6fa30000 | 0x6fa47fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| fastprox.dll | 0x6fa50000 | 0x6fae5fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| wbemcomn.dll | 0x6fc20000 | 0x6fc7bfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| dwmapi.dll | 0x73da0000 | 0x73db2fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| uxtheme.dll | 0x740d0000 | 0x7410ffff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| version.dll | 0x747c0000 | 0x747c8fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| rsaenh.dll | 0x74ae0000 | 0x74b1afff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| cryptsp.dll | 0x74d40000 | 0x74d55fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| cryptbase.dll | 0x751c0000 | 0x751cbfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| sxs.dll | 0x751d0000 | 0x7522efff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| rpcrtremote.dll | 0x75260000 | 0x7526dfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| msasn1.dll | 0x752e0000 | 0x752ebfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| wintrust.dll | 0x752f0000 | 0x7531cfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| crypt32.dll | 0x75320000 | 0x7543cfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| kernelbase.dll | 0x75490000 | 0x754d9fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| shell32.dll | 0x75570000 | 0x761b9fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| rpcrt4.dll | 0x761c0000 | 0x76260fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| sechost.dll | 0x76470000 | 0x76488fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| ws2_32.dll | 0x76630000 | 0x76664fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| clbcatq.dll | 0x766d0000 | 0x76752fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| imm32.dll | 0x76920000 | 0x7693efff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| gdi32.dll | 0x76970000 | 0x769bdfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| user32.dll | 0x769c0000 | 0x76a88fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| shlwapi.dll | 0x76a90000 | 0x76ae6fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| oleaut32.dll | 0x76b40000 | 0x76bcefff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| usp10.dll | 0x76bd0000 | 0x76c6cfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| ole32.dll | 0x76d70000 | 0x76ecbfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| kernel32.dll | 0x76ed0000 | 0x76fa3fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| advapi32.dll | 0x76fb0000 | 0x7704ffff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| msctf.dll | 0x77050000 | 0x7711bfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| ntdll.dll | 0x77120000 | 0x7725bfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| nsi.dll | 0x77270000 | 0x77275fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| lpk.dll | 0x77290000 | 0x77299fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| msvcrt.dll | 0x772a0000 | 0x7734bfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| apisetschema.dll | 0x77360000 | 0x77360fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| pagefile_0x000000007f6f0000 | 0x7f6f0000 | 0x7f7effff | Pagefile Backed Memory | Readable |
|
|
|
- |
| pagefile_0x000000007ffb0000 | 0x7ffb0000 | 0x7ffd2fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| private_0x000000007ffd7000 | 0x7ffd7000 | 0x7ffd7fff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x000000007ffd8000 | 0x7ffd8000 | 0x7ffd8fff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x000000007ffd9000 | 0x7ffd9000 | 0x7ffd9fff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x000000007ffda000 | 0x7ffda000 | 0x7ffdafff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x000000007ffdb000 | 0x7ffdb000 | 0x7ffdbfff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x000000007ffdc000 | 0x7ffdc000 | 0x7ffdcfff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x000000007ffdd000 | 0x7ffdd000 | 0x7ffddfff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x000000007ffde000 | 0x7ffde000 | 0x7ffdefff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x000000007ffdf000 | 0x7ffdf000 | 0x7ffdffff | Private Memory | Readable, Writable |
|
|
|
- |
Threads
Thread 0xb04
80
0
| Category | Operation | Information | Success | Count | Logfile |
|---|---|---|---|---|---|
| System | Get Time | type = System Time, time = 2018-02-24 20:29:37 (UTC) |
|
1 | |
| System | Get Time | type = Ticks, time = 137140 |
|
1 | |
| Module | Get Handle | module_name = c:\windows\system32\cscript.exe, base_address = 0x5f0000 |
|
1 | |
| System | Get Info | type = Operating System |
|
1 | |
| Module | Load | module_name = kernel32.dll, base_address = 0x76ed0000 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\kernel32.dll, function = SetThreadUILanguage, address_out = 0x76f224c2 |
|
1 | |
| Registry | Open Key | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings |
|
1 | |
| Registry | Open Key | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = IgnoreUserSettings, data = 132, type = REG_NONE |
|
1 | |
| Registry | Read Value | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = Enabled, data = 132, type = REG_NONE |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = Enabled, data = 132, type = REG_NONE |
|
1 | |
| Registry | Open Key | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings |
|
1 | |
| Registry | Open Key | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = IgnoreUserSettings, data = 0, type = REG_NONE |
|
1 | |
| Registry | Read Value | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = LogSecuritySuccesses, data = 0, type = REG_NONE |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = LogSecuritySuccesses, data = 0, type = REG_NONE |
|
1 | |
| Module | Load | module_name = kernel32.dll, base_address = 0x76ed0000 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\kernel32.dll, function = HeapSetInformation, address_out = 0x76f24157 |
|
1 | |
| Module | Get Filename | module_name = c:\windows\system32\cscript.exe, process_name = c:\windows\system32\cscript.exe, file_name_orig = C:\Windows\system32\cscript.exe, size = 261 |
|
1 | |
| Registry | Open Key | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = IgnoreUserSettings, data = 237, type = REG_NONE |
|
1 | |
| Registry | Open Key | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings |
|
1 | |
| Registry | Read Value | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = TrustPolicy, data = 226, type = REG_NONE |
|
1 | |
| Registry | Read Value | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = UseWINSAFER, data = 237, type = REG_NONE |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = TrustPolicy, data = 226, type = REG_NONE |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = UseWINSAFER, data = 1, type = REG_SZ |
|
1 | |
| Registry | Create Key | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = Timeout, data = 208, type = REG_NONE |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = DisplayLogo, data = 1, type = REG_SZ |
|
1 | |
| Registry | Create Key | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings |
|
1 | |
| Registry | Read Value | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = Timeout, data = 208, type = REG_NONE |
|
1 | |
| Registry | Read Value | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = DisplayLogo, data = 49, type = REG_NONE |
|
1 | |
| File | Open | filename = STD_OUTPUT_HANDLE |
|
1 | |
| File | Write | filename = STD_OUTPUT_HANDLE, size = 108 |
|
1 | |
| System | Sleep | duration = -1 (infinite) |
|
1 | |
| Registry | Open Key | reg_name = HKEY_CLASSES_ROOT\.vbs |
|
1 | |
| Registry | Read Value | reg_name = HKEY_CLASSES_ROOT\.vbs, data = VBSFile, type = REG_SZ |
|
1 | |
| Registry | Open Key | reg_name = HKEY_CLASSES_ROOT\VBSFile\ScriptEngine |
|
1 | |
| Registry | Read Value | reg_name = HKEY_CLASSES_ROOT\VBSFile\ScriptEngine, data = VBScript, type = REG_SZ |
|
1 | |
| COM | Create | interface = 00000000-0000-0000-C000-000000000046, cls_context = CLSCTX_INPROC_SERVER, CLSCTX_INPROC_HANDLER, CLSCTX_LOCAL_SERVER, CLSCTX_REMOTE_SERVER |
|
1 | |
| System | Get Info | type = Operating System |
|
1 | |
| Module | Load | module_name = ole32.dll, base_address = 0x76d70000 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\ole32.dll, function = CoCreateInstance, address_out = 0x76db9d0b |
|
1 | |
| COM | Create | interface = 6C736DC1-AB0D-11D0-A2AD-00A0C90F27E8, cls_context = CLSCTX_INPROC_SERVER |
|
1 | |
| System | Get Time | type = Ticks, time = 137889 |
|
1 | |
| File | Create | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive6349682593628295348.vbs, desired_access = GENERIC_READ, file_attributes = FILE_FLAG_SEQUENTIAL_SCAN, share_mode = FILE_SHARE_READ |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive6349682593628295348.vbs, type = size |
|
1 | |
| Module | Create Mapping | module_name = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive6349682593628295348.vbs, filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive6349682593628295348.vbs, protection = PAGE_READONLY, maximum_size = 276 |
|
1 | |
| Module | Map | C:\Users\EEBsYm5\AppData\Local\Temp\Retrive6349682593628295348.vbs, process_name = c:\windows\system32\cscript.exe, desired_access = FILE_MAP_READ |
|
1 | |
| System | Get Info | type = Operating System |
|
1 | |
| Module | Unmap | process_name = c:\windows\system32\cscript.exe |
|
1 | |
| System | Get Info | type = System Directory |
|
1 | |
| System | Get Info | type = System Directory, result_out = C:\Windows\system32 |
|
1 | |
| Module | Load | module_name = C:\Windows\system32\advapi32.dll, base_address = 0x76fb0000 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\advapi32.dll, function = SaferIdentifyLevel, address_out = 0x76fd2102 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\advapi32.dll, function = SaferComputeTokenFromLevel, address_out = 0x76fd3352 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\advapi32.dll, function = SaferCloseLevel, address_out = 0x76fd3825 |
|
1 | |
| System | Get Info | type = Operating System |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive6349682593628295348.vbs, type = size |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive6349682593628295348.vbs, size = 276, size_out = 276 |
|
1 | |
| COM | Create | interface = E4D1C9B0-46E8-11D4-A2A6-00104BD35090, cls_context = CLSCTX_INPROC_SERVER |
|
1 | |
| System | Get Info | type = Operating System |
|
1 | |
| System | Get Info | type = Hardware Information |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\ole32.dll, function = CreateBindCtx, address_out = 0x76db6d2c |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\ole32.dll, function = MkParseDisplayName, address_out = 0x76d7cea9 |
|
1 | |
| System | Get Info | type = Operating System |
|
1 | |
| Registry | Open Key | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Wbem\Scripting |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Wbem\Scripting, value_name = Default Impersonation Level, data = 3 |
|
1 | |
| System | Get Info | type = System Directory, result_out = C:\Windows\system32 |
|
1 | |
| Module | Load | module_name = C:\Windows\system32\advapi32.dll, base_address = 0x76fb0000 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\advapi32.dll, function = DuplicateTokenEx, address_out = 0x76fbca24 |
|
1 | |
| COM | Create | interface = DC12A687-737F-11CF-884D-00AA004B2E24, cls_context = CLSCTX_INPROC_SERVER |
|
1 | |
| COM | Create | interface = 3BC15AF2-736C-477E-9E51-238AF8667DCC, cls_context = CLSCTX_INPROC_SERVER |
|
5 | |
| Module | Get Address | module_name = c:\windows\system32\ole32.dll, function = BindMoniker, address_out = 0x76d7c6a7 |
|
1 | |
| System | Sleep | duration = -1 (infinite) |
|
1 |
Thread 0xb0c
2
0
| Category | Operation | Information | Success | Count | Logfile |
|---|---|---|---|---|---|
| Window | Create | class_name = WSH-Timer, wndproc_parameter = 860800 |
|
1 | |
| Window | Set Attribute | class_name = WSH-Timer, index = 18446744073709551595, new_long = 860800 |
|
1 |
Process #6: cmd.exe
56
0
| Information | Value |
|---|---|
| ID | #6 |
| File Name | c:\windows\system32\cmd.exe |
| Command Line | cmd.exe /C cscript.exe C:\Users\EEBsYm5\AppData\Local\Temp\Retrive2551337130529148691.vbs |
| Initial Working Directory | C:\Users\EEBsYm5\Desktop\ |
| Monitor | Start Time: 00:01:20, Reason: Child Process |
| Unmonitor | End Time: 00:02:41, Reason: Terminated by Timeout |
| Monitor Duration | 00:01:21 |
OS Process Information
| Information | Value |
|---|---|
| PID | 0xb48 |
| Parent PID | 0xa9c (c:\program files\java\jre7\bin\java.exe) |
| Is Created or Modified Executable |
|
| Integrity Level | High (Elevated) |
| Username | CRH2YWU7\EEBsYm5 |
| Enabled Privileges | SeChangeNotifyPrivilege, SeImpersonatePrivilege, SeCreateGlobalPrivilege |
| Thread IDs |
0x
B4C
|
Region
| Name | Start VA | End VA | Type | Permissions | Monitored | Dumped | YARA | Actions |
|---|---|---|---|---|---|---|---|---|
| private_0x0000000000010000 | 0x00010000 | 0x0002ffff | Private Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x0000000000010000 | 0x00010000 | 0x0001ffff | Pagefile Backed Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x0000000000020000 | 0x00020000 | 0x0002ffff | Pagefile Backed Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x0000000000030000 | 0x00030000 | 0x00033fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| pagefile_0x0000000000040000 | 0x00040000 | 0x00040fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| locale.nls | 0x00050000 | 0x000b6fff | Memory Mapped File | Readable |
|
|
|
- |
| pagefile_0x00000000000c0000 | 0x000c0000 | 0x00187fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| pagefile_0x0000000000190000 | 0x00190000 | 0x00196fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| pagefile_0x00000000001a0000 | 0x001a0000 | 0x001a1fff | Pagefile Backed Memory | Readable, Writable |
|
|
|
- |
| private_0x00000000001b0000 | 0x001b0000 | 0x001b0fff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x00000000001c0000 | 0x001c0000 | 0x001c0fff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x00000000001d0000 | 0x001d0000 | 0x001dffff | Private Memory | Readable, Writable |
|
|
|
- |
| cscript.exe.mui | 0x001e0000 | 0x001e2fff | Memory Mapped File | Readable, Writable |
|
|
|
- |
| private_0x00000000001f0000 | 0x001f0000 | 0x002effff | Private Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x00000000002f0000 | 0x002f0000 | 0x003f0fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| cscript.exe | 0x00400000 | 0x00421fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| private_0x0000000000430000 | 0x00430000 | 0x0052ffff | Private Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x0000000000530000 | 0x00530000 | 0x0112ffff | Pagefile Backed Memory | Readable |
|
|
|
- |
| pagefile_0x0000000001130000 | 0x01130000 | 0x01292fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| sortdefault.nls | 0x012a0000 | 0x0156efff | Memory Mapped File | Readable |
|
|
|
- |
| cmd.exe | 0x4a090000 | 0x4a0dbfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| winbrand.dll | 0x6f550000 | 0x6f556fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| kernelbase.dll | 0x75490000 | 0x754d9fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| imm32.dll | 0x76920000 | 0x7693efff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| gdi32.dll | 0x76970000 | 0x769bdfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| user32.dll | 0x769c0000 | 0x76a88fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| usp10.dll | 0x76bd0000 | 0x76c6cfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| kernel32.dll | 0x76ed0000 | 0x76fa3fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| msctf.dll | 0x77050000 | 0x7711bfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| ntdll.dll | 0x77120000 | 0x7725bfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| lpk.dll | 0x77290000 | 0x77299fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| msvcrt.dll | 0x772a0000 | 0x7734bfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| apisetschema.dll | 0x77360000 | 0x77360fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| pagefile_0x000000007f6f0000 | 0x7f6f0000 | 0x7f7effff | Pagefile Backed Memory | Readable |
|
|
|
- |
| pagefile_0x000000007ffb0000 | 0x7ffb0000 | 0x7ffd2fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| private_0x000000007ffd4000 | 0x7ffd4000 | 0x7ffd4fff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x000000007ffdf000 | 0x7ffdf000 | 0x7ffdffff | Private Memory | Readable, Writable |
|
|
|
- |
Threads
Thread 0xb4c
56
0
| Category | Operation | Information | Success | Count | Logfile |
|---|---|---|---|---|---|
| System | Get Time | type = System Time, time = 2018-02-24 20:29:42 (UTC) |
|
1 | |
| System | Get Time | type = Ticks, time = 141274 |
|
1 | |
| Module | Get Handle | module_name = c:\windows\system32\cmd.exe, base_address = 0x4a090000 |
|
1 | |
| Module | Get Handle | module_name = c:\windows\system32\kernel32.dll, base_address = 0x76ed0000 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\kernel32.dll, function = SetThreadUILanguage, address_out = 0x76f224c2 |
|
1 | |
| Registry | Open Key | reg_name = HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\System |
|
1 | |
| File | Open | filename = STD_OUTPUT_HANDLE |
|
2 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| Environment | Get Environment String | - |
|
2 | |
| Registry | Open Key | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DisableUNCCheck, data = 232, type = REG_NONE |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = EnableExtensions, data = 1, type = REG_DWORD_LITTLE_ENDIAN |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DelayedExpansion, data = 1, type = REG_NONE |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DefaultColor, data = 0, type = REG_DWORD_LITTLE_ENDIAN |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = CompletionChar, data = 64, type = REG_DWORD_LITTLE_ENDIAN |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = PathCompletionChar, data = 64, type = REG_DWORD_LITTLE_ENDIAN |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = AutoRun, data = 64, type = REG_NONE |
|
1 | |
| Registry | Open Key | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor |
|
1 | |
| Registry | Read Value | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DisableUNCCheck, data = 64, type = REG_NONE |
|
1 | |
| Registry | Read Value | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = EnableExtensions, data = 1, type = REG_DWORD_LITTLE_ENDIAN |
|
1 | |
| Registry | Read Value | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DelayedExpansion, data = 1, type = REG_NONE |
|
1 | |
| Registry | Read Value | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DefaultColor, data = 0, type = REG_DWORD_LITTLE_ENDIAN |
|
1 | |
| Registry | Read Value | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = CompletionChar, data = 9, type = REG_DWORD_LITTLE_ENDIAN |
|
1 | |
| Registry | Read Value | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = PathCompletionChar, data = 9, type = REG_DWORD_LITTLE_ENDIAN |
|
1 | |
| Registry | Read Value | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = AutoRun, data = 9, type = REG_NONE |
|
1 | |
| Module | Get Filename | process_name = c:\windows\system32\cmd.exe, file_name_orig = C:\Windows\system32\cmd.exe, size = 260 |
|
1 | |
| Environment | Get Environment String | name = PATH, result_out = C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ |
|
1 | |
| Environment | Get Environment String | name = PATHEXT, result_out = .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC |
|
1 | |
| Environment | Get Environment String | name = PROMPT |
|
1 | |
| Environment | Set Environment String | name = PROMPT, value = $P$G |
|
1 | |
| Environment | Get Environment String | - |
|
1 | |
| Environment | Get Environment String | name = COMSPEC, result_out = C:\Windows\system32\cmd.exe |
|
1 | |
| Environment | Get Environment String | name = KEYS |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\Desktop, type = file_attributes |
|
2 | |
| Environment | Set Environment String | name = =C:, value = C:\Users\EEBsYm5\Desktop |
|
1 | |
| Environment | Get Environment String | - |
|
1 | |
| Module | Get Handle | module_name = c:\windows\system32\kernel32.dll, base_address = 0x76ed0000 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\kernel32.dll, function = CopyFileExW, address_out = 0x76f0ac6c |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\kernel32.dll, function = IsDebuggerPresent, address_out = 0x76f13ea8 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\kernel32.dll, function = SetConsoleInputExeNameW, address_out = 0x76f22732 |
|
1 | |
| File | Get Info | filename = cscript.exe, type = file_attributes |
|
1 | |
| Environment | Get Environment String | name = PATH, result_out = C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ |
|
1 | |
| Environment | Get Environment String | name = PATHEXT, result_out = .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC |
|
1 | |
| Process | Create | process_name = C:\Windows\system32\cscript.exe, os_pid = 0xb60, creation_flags = CREATE_EXTENDED_STARTUPINFO_PRESENT, show_window = SW_SHOWNORMAL |
|
1 | |
| Environment | Set Environment String | name = COPYCMD |
|
1 | |
| Environment | Get Environment String | - |
|
1 | |
| Environment | Set Environment String | name = =ExitCode, value = 00000000 |
|
1 | |
| Environment | Get Environment String | - |
|
1 | |
| Environment | Set Environment String | name = =ExitCodeAscii |
|
1 | |
| Environment | Get Environment String | - |
|
1 | |
| File | Open | filename = STD_OUTPUT_HANDLE |
|
2 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 |
Process #7: cscript.exe
82
0
| Information | Value |
|---|---|
| ID | #7 |
| File Name | c:\windows\system32\cscript.exe |
| Command Line | cscript.exe C:\Users\EEBsYm5\AppData\Local\Temp\Retrive2551337130529148691.vbs |
| Initial Working Directory | C:\Users\EEBsYm5\Desktop\ |
| Monitor | Start Time: 00:01:20, Reason: Child Process |
| Unmonitor | End Time: 00:02:41, Reason: Terminated by Timeout |
| Monitor Duration | 00:01:21 |
OS Process Information
| Information | Value |
|---|---|
| PID | 0xb60 |
| Parent PID | 0xb48 (c:\windows\system32\cmd.exe) |
| Is Created or Modified Executable |
|
| Integrity Level | High (Elevated) |
| Username | CRH2YWU7\EEBsYm5 |
| Enabled Privileges | SeChangeNotifyPrivilege, SeImpersonatePrivilege, SeCreateGlobalPrivilege |
| Thread IDs |
0x
B64
0x
B68
0x
B6C
0x
B74
0x
B78
0x
B88
0x
B94
0x
B98
|
Region
| Name | Start VA | End VA | Type | Permissions | Monitored | Dumped | YARA | Actions |
|---|---|---|---|---|---|---|---|---|
| private_0x0000000000010000 | 0x00010000 | 0x0002ffff | Private Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x0000000000010000 | 0x00010000 | 0x0001ffff | Pagefile Backed Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x0000000000020000 | 0x00020000 | 0x0002ffff | Pagefile Backed Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x0000000000030000 | 0x00030000 | 0x00033fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| locale.nls | 0x00040000 | 0x000a6fff | Memory Mapped File | Readable |
|
|
|
- |
| pagefile_0x00000000000b0000 | 0x000b0000 | 0x000b6fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| private_0x00000000000c0000 | 0x000c0000 | 0x000cffff | Private Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x00000000000d0000 | 0x000d0000 | 0x000d1fff | Pagefile Backed Memory | Readable, Writable |
|
|
|
- |
| cscript.exe.mui | 0x000e0000 | 0x000e2fff | Memory Mapped File | Readable, Writable |
|
|
|
- |
| private_0x00000000000f0000 | 0x000f0000 | 0x001effff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x00000000001f0000 | 0x001f0000 | 0x001f0fff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000000200000 | 0x00200000 | 0x002fffff | Private Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x0000000000300000 | 0x00300000 | 0x003c7fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| pagefile_0x00000000003d0000 | 0x003d0000 | 0x004d0fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| private_0x00000000004e0000 | 0x004e0000 | 0x004e0fff | Private Memory | Readable, Writable |
|
|
|
- |
| rpcss.dll | 0x004f0000 | 0x0054bfff | Memory Mapped File | Readable |
|
|
|
- |
| pagefile_0x00000000004f0000 | 0x004f0000 | 0x005cefff | Pagefile Backed Memory | Readable |
|
|
|
- |
| cscript.exe | 0x005d0000 | 0x005dbfff | Memory Mapped File | Readable |
|
|
|
- |
| pagefile_0x00000000005e0000 | 0x005e0000 | 0x005e0fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| cscript.exe | 0x005f0000 | 0x00611fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| pagefile_0x0000000000620000 | 0x00620000 | 0x0121ffff | Pagefile Backed Memory | Readable |
|
|
|
- |
| private_0x0000000001220000 | 0x01220000 | 0x013dffff | Private Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x0000000001220000 | 0x01220000 | 0x01220fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| retrive2551337130529148691.vbs | 0x01230000 | 0x01230fff | Memory Mapped File | Readable |
|
|
|
|
| rsaenh.dll | 0x01230000 | 0x0126bfff | Memory Mapped File | Readable |
|
|
|
- |
| private_0x0000000001230000 | 0x01230000 | 0x0123ffff | Private Memory | Readable, Writable |
|
|
|
- |
| retrive2551337130529148691.vbs | 0x01240000 | 0x01240fff | Memory Mapped File | Readable |
|
|
|
|
| private_0x0000000001240000 | 0x01240000 | 0x0137ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000001240000 | 0x01240000 | 0x0133ffff | Private Memory | Readable, Writable |
|
|
|
- |
| wbemdisp.tlb | 0x01340000 | 0x0134efff | Memory Mapped File | Readable |
|
|
|
- |
| private_0x0000000001370000 | 0x01370000 | 0x0137ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x00000000013a0000 | 0x013a0000 | 0x013dffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000001430000 | 0x01430000 | 0x0152ffff | Private Memory | Readable, Writable |
|
|
|
- |
| sortdefault.nls | 0x01530000 | 0x017fefff | Memory Mapped File | Readable |
|
|
|
- |
| private_0x0000000001800000 | 0x01800000 | 0x0185ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x00000000018f0000 | 0x018f0000 | 0x019effff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x00000000019f0000 | 0x019f0000 | 0x01a8ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000001a90000 | 0x01a90000 | 0x01b8ffff | Private Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x0000000001b90000 | 0x01b90000 | 0x01f8ffff | Pagefile Backed Memory | Readable, Writable |
|
|
|
- |
| private_0x00000000020a0000 | 0x020a0000 | 0x0219ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x00000000021a0000 | 0x021a0000 | 0x0229ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x00000000023e0000 | 0x023e0000 | 0x024dffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x00000000025b0000 | 0x025b0000 | 0x026affff | Private Memory | Readable, Writable |
|
|
|
- |
| comctl32.dll | 0x6d380000 | 0x6d403fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| wmiutils.dll | 0x6f390000 | 0x6f3a6fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| wbemdisp.dll | 0x6f3d0000 | 0x6f400fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| scrobj.dll | 0x6f410000 | 0x6f43cfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| wshext.dll | 0x6f440000 | 0x6f455fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| msisip.dll | 0x6f460000 | 0x6f467fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| vbscript.dll | 0x6f4e0000 | 0x6f54afff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| wbemsvc.dll | 0x6f7c0000 | 0x6f7cefff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| wbemprox.dll | 0x6fa20000 | 0x6fa29fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| ntdsapi.dll | 0x6fa30000 | 0x6fa47fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| fastprox.dll | 0x6fa50000 | 0x6fae5fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| wbemcomn.dll | 0x6fc20000 | 0x6fc7bfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| dwmapi.dll | 0x73da0000 | 0x73db2fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| uxtheme.dll | 0x740d0000 | 0x7410ffff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| version.dll | 0x747c0000 | 0x747c8fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| rsaenh.dll | 0x74ae0000 | 0x74b1afff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| cryptsp.dll | 0x74d40000 | 0x74d55fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| cryptbase.dll | 0x751c0000 | 0x751cbfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| sxs.dll | 0x751d0000 | 0x7522efff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| rpcrtremote.dll | 0x75260000 | 0x7526dfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| msasn1.dll | 0x752e0000 | 0x752ebfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| wintrust.dll | 0x752f0000 | 0x7531cfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| crypt32.dll | 0x75320000 | 0x7543cfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| kernelbase.dll | 0x75490000 | 0x754d9fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| shell32.dll | 0x75570000 | 0x761b9fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| rpcrt4.dll | 0x761c0000 | 0x76260fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| sechost.dll | 0x76470000 | 0x76488fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| ws2_32.dll | 0x76630000 | 0x76664fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| clbcatq.dll | 0x766d0000 | 0x76752fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| imm32.dll | 0x76920000 | 0x7693efff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| gdi32.dll | 0x76970000 | 0x769bdfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| user32.dll | 0x769c0000 | 0x76a88fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| shlwapi.dll | 0x76a90000 | 0x76ae6fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| oleaut32.dll | 0x76b40000 | 0x76bcefff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| usp10.dll | 0x76bd0000 | 0x76c6cfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| ole32.dll | 0x76d70000 | 0x76ecbfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| kernel32.dll | 0x76ed0000 | 0x76fa3fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| advapi32.dll | 0x76fb0000 | 0x7704ffff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| msctf.dll | 0x77050000 | 0x7711bfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| ntdll.dll | 0x77120000 | 0x7725bfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| nsi.dll | 0x77270000 | 0x77275fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| lpk.dll | 0x77290000 | 0x77299fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| msvcrt.dll | 0x772a0000 | 0x7734bfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| apisetschema.dll | 0x77360000 | 0x77360fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| pagefile_0x000000007f6f0000 | 0x7f6f0000 | 0x7f7effff | Pagefile Backed Memory | Readable |
|
|
|
- |
| pagefile_0x000000007ffb0000 | 0x7ffb0000 | 0x7ffd2fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| private_0x000000007ffd3000 | 0x7ffd3000 | 0x7ffd3fff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x000000007ffd8000 | 0x7ffd8000 | 0x7ffd8fff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x000000007ffd9000 | 0x7ffd9000 | 0x7ffd9fff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x000000007ffda000 | 0x7ffda000 | 0x7ffdafff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x000000007ffdb000 | 0x7ffdb000 | 0x7ffdbfff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x000000007ffdc000 | 0x7ffdc000 | 0x7ffdcfff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x000000007ffdd000 | 0x7ffdd000 | 0x7ffddfff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x000000007ffde000 | 0x7ffde000 | 0x7ffdefff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x000000007ffdf000 | 0x7ffdf000 | 0x7ffdffff | Private Memory | Readable, Writable |
|
|
|
- |
Threads
Thread 0xb64
80
0
| Category | Operation | Information | Success | Count | Logfile |
|---|---|---|---|---|---|
| System | Get Time | type = System Time, time = 2018-02-24 20:29:42 (UTC) |
|
1 | |
| System | Get Time | type = Ticks, time = 141336 |
|
1 | |
| Module | Get Handle | module_name = c:\windows\system32\cscript.exe, base_address = 0x5f0000 |
|
1 | |
| System | Get Info | type = Operating System |
|
1 | |
| Module | Load | module_name = kernel32.dll, base_address = 0x76ed0000 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\kernel32.dll, function = SetThreadUILanguage, address_out = 0x76f224c2 |
|
1 | |
| Registry | Open Key | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings |
|
1 | |
| Registry | Open Key | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = IgnoreUserSettings, data = 36, type = REG_NONE |
|
1 | |
| Registry | Read Value | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = Enabled, data = 36, type = REG_NONE |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = Enabled, data = 36, type = REG_NONE |
|
1 | |
| Registry | Open Key | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings |
|
1 | |
| Registry | Open Key | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = IgnoreUserSettings, data = 0, type = REG_NONE |
|
1 | |
| Registry | Read Value | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = LogSecuritySuccesses, data = 0, type = REG_NONE |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = LogSecuritySuccesses, data = 0, type = REG_NONE |
|
1 | |
| Module | Load | module_name = kernel32.dll, base_address = 0x76ed0000 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\kernel32.dll, function = HeapSetInformation, address_out = 0x76f24157 |
|
1 | |
| Module | Get Filename | module_name = c:\windows\system32\cscript.exe, process_name = c:\windows\system32\cscript.exe, file_name_orig = C:\Windows\system32\cscript.exe, size = 261 |
|
1 | |
| Registry | Open Key | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = IgnoreUserSettings, data = 237, type = REG_NONE |
|
1 | |
| Registry | Open Key | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings |
|
1 | |
| Registry | Read Value | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = TrustPolicy, data = 118, type = REG_NONE |
|
1 | |
| Registry | Read Value | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = UseWINSAFER, data = 237, type = REG_NONE |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = TrustPolicy, data = 118, type = REG_NONE |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = UseWINSAFER, data = 1, type = REG_SZ |
|
1 | |
| Registry | Create Key | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = Timeout, data = 112, type = REG_NONE |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = DisplayLogo, data = 1, type = REG_SZ |
|
1 | |
| Registry | Create Key | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings |
|
1 | |
| Registry | Read Value | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = Timeout, data = 112, type = REG_NONE |
|
1 | |
| Registry | Read Value | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = DisplayLogo, data = 49, type = REG_NONE |
|
1 | |
| File | Open | filename = STD_OUTPUT_HANDLE |
|
1 | |
| File | Write | filename = STD_OUTPUT_HANDLE, size = 108 |
|
1 | |
| System | Sleep | duration = -1 (infinite) |
|
1 | |
| Registry | Open Key | reg_name = HKEY_CLASSES_ROOT\.vbs |
|
1 | |
| Registry | Read Value | reg_name = HKEY_CLASSES_ROOT\.vbs, data = VBSFile, type = REG_SZ |
|
1 | |
| Registry | Open Key | reg_name = HKEY_CLASSES_ROOT\VBSFile\ScriptEngine |
|
1 | |
| Registry | Read Value | reg_name = HKEY_CLASSES_ROOT\VBSFile\ScriptEngine, data = VBScript, type = REG_SZ |
|
1 | |
| COM | Create | interface = 00000000-0000-0000-C000-000000000046, cls_context = CLSCTX_INPROC_SERVER, CLSCTX_INPROC_HANDLER, CLSCTX_LOCAL_SERVER, CLSCTX_REMOTE_SERVER |
|
1 | |
| System | Get Info | type = Operating System |
|
1 | |
| Module | Load | module_name = ole32.dll, base_address = 0x76d70000 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\ole32.dll, function = CoCreateInstance, address_out = 0x76db9d0b |
|
1 | |
| COM | Create | interface = 6C736DC1-AB0D-11D0-A2AD-00A0C90F27E8, cls_context = CLSCTX_INPROC_SERVER |
|
1 | |
| System | Get Time | type = Ticks, time = 141399 |
|
1 | |
| File | Create | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive2551337130529148691.vbs, desired_access = GENERIC_READ, file_attributes = FILE_FLAG_SEQUENTIAL_SCAN, share_mode = FILE_SHARE_READ |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive2551337130529148691.vbs, type = size |
|
1 | |
| Module | Create Mapping | module_name = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive2551337130529148691.vbs, filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive2551337130529148691.vbs, protection = PAGE_READONLY, maximum_size = 276 |
|
1 | |
| Module | Map | C:\Users\EEBsYm5\AppData\Local\Temp\Retrive2551337130529148691.vbs, process_name = c:\windows\system32\cscript.exe, desired_access = FILE_MAP_READ |
|
1 | |
| System | Get Info | type = Operating System |
|
1 | |
| Module | Unmap | process_name = c:\windows\system32\cscript.exe |
|
1 | |
| System | Get Info | type = System Directory |
|
1 | |
| System | Get Info | type = System Directory, result_out = C:\Windows\system32 |
|
1 | |
| Module | Load | module_name = C:\Windows\system32\advapi32.dll, base_address = 0x76fb0000 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\advapi32.dll, function = SaferIdentifyLevel, address_out = 0x76fd2102 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\advapi32.dll, function = SaferComputeTokenFromLevel, address_out = 0x76fd3352 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\advapi32.dll, function = SaferCloseLevel, address_out = 0x76fd3825 |
|
1 | |
| System | Get Info | type = Operating System |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive2551337130529148691.vbs, type = size |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive2551337130529148691.vbs, size = 276, size_out = 276 |
|
1 | |
| COM | Create | interface = E4D1C9B0-46E8-11D4-A2A6-00104BD35090, cls_context = CLSCTX_INPROC_SERVER |
|
1 | |
| System | Get Info | type = Operating System |
|
1 | |
| System | Get Info | type = Hardware Information |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\ole32.dll, function = CreateBindCtx, address_out = 0x76db6d2c |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\ole32.dll, function = MkParseDisplayName, address_out = 0x76d7cea9 |
|
1 | |
| System | Get Info | type = Operating System |
|
1 | |
| Registry | Open Key | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Wbem\Scripting |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Wbem\Scripting, value_name = Default Impersonation Level, data = 3 |
|
1 | |
| System | Get Info | type = System Directory, result_out = C:\Windows\system32 |
|
1 | |
| Module | Load | module_name = C:\Windows\system32\advapi32.dll, base_address = 0x76fb0000 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\advapi32.dll, function = DuplicateTokenEx, address_out = 0x76fbca24 |
|
1 | |
| COM | Create | interface = DC12A687-737F-11CF-884D-00AA004B2E24, cls_context = CLSCTX_INPROC_SERVER |
|
1 | |
| COM | Create | interface = 3BC15AF2-736C-477E-9E51-238AF8667DCC, cls_context = CLSCTX_INPROC_SERVER |
|
5 | |
| Module | Get Address | module_name = c:\windows\system32\ole32.dll, function = BindMoniker, address_out = 0x76d7c6a7 |
|
1 | |
| System | Sleep | duration = -1 (infinite) |
|
1 |
Thread 0xb6c
2
0
| Category | Operation | Information | Success | Count | Logfile |
|---|---|---|---|---|---|
| Window | Create | class_name = WSH-Timer, wndproc_parameter = 795264 |
|
1 | |
| Window | Set Attribute | class_name = WSH-Timer, index = 18446744073709551595, new_long = 795264 |
|
1 |
Process #8: cmd.exe
56
0
| Information | Value |
|---|---|
| ID | #8 |
| File Name | c:\windows\system32\cmd.exe |
| Command Line | cmd.exe /C cscript.exe C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs |
| Initial Working Directory | C:\Users\EEBsYm5\Desktop\ |
| Monitor | Start Time: 00:01:20, Reason: Child Process |
| Unmonitor | End Time: 00:02:41, Reason: Terminated by Timeout |
| Monitor Duration | 00:01:21 |
OS Process Information
| Information | Value |
|---|---|
| PID | 0xb7c |
| Parent PID | 0xa14 (c:\program files\java\jre7\bin\java.exe) |
| Is Created or Modified Executable |
|
| Integrity Level | High (Elevated) |
| Username | CRH2YWU7\EEBsYm5 |
| Enabled Privileges | SeChangeNotifyPrivilege, SeImpersonatePrivilege, SeCreateGlobalPrivilege |
| Thread IDs |
0x
B80
|
Region
| Name | Start VA | End VA | Type | Permissions | Monitored | Dumped | YARA | Actions |
|---|---|---|---|---|---|---|---|---|
| private_0x0000000000010000 | 0x00010000 | 0x0002ffff | Private Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x0000000000010000 | 0x00010000 | 0x0001ffff | Pagefile Backed Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x0000000000020000 | 0x00020000 | 0x0002ffff | Pagefile Backed Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x0000000000030000 | 0x00030000 | 0x00033fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| pagefile_0x0000000000040000 | 0x00040000 | 0x00040fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| locale.nls | 0x00050000 | 0x000b6fff | Memory Mapped File | Readable |
|
|
|
- |
| pagefile_0x00000000000c0000 | 0x000c0000 | 0x000c6fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| pagefile_0x00000000000d0000 | 0x000d0000 | 0x000d1fff | Pagefile Backed Memory | Readable, Writable |
|
|
|
- |
| private_0x00000000000e0000 | 0x000e0000 | 0x000e0fff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x00000000000f0000 | 0x000f0000 | 0x000f0fff | Private Memory | Readable, Writable |
|
|
|
- |
| cscript.exe | 0x00100000 | 0x00121fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| cscript.exe.mui | 0x00130000 | 0x00132fff | Memory Mapped File | Readable, Writable |
|
|
|
- |
| private_0x0000000000150000 | 0x00150000 | 0x0024ffff | Private Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x0000000000250000 | 0x00250000 | 0x00317fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| private_0x0000000000320000 | 0x00320000 | 0x0032ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x00000000003a0000 | 0x003a0000 | 0x0049ffff | Private Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x00000000004a0000 | 0x004a0000 | 0x005a0fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| pagefile_0x00000000005b0000 | 0x005b0000 | 0x011affff | Pagefile Backed Memory | Readable |
|
|
|
- |
| pagefile_0x00000000011b0000 | 0x011b0000 | 0x01312fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| sortdefault.nls | 0x01320000 | 0x015eefff | Memory Mapped File | Readable |
|
|
|
- |
| cmd.exe | 0x4a090000 | 0x4a0dbfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| winbrand.dll | 0x6f550000 | 0x6f556fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| kernelbase.dll | 0x75490000 | 0x754d9fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| imm32.dll | 0x76920000 | 0x7693efff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| gdi32.dll | 0x76970000 | 0x769bdfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| user32.dll | 0x769c0000 | 0x76a88fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| usp10.dll | 0x76bd0000 | 0x76c6cfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| kernel32.dll | 0x76ed0000 | 0x76fa3fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| msctf.dll | 0x77050000 | 0x7711bfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| ntdll.dll | 0x77120000 | 0x7725bfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| lpk.dll | 0x77290000 | 0x77299fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| msvcrt.dll | 0x772a0000 | 0x7734bfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| apisetschema.dll | 0x77360000 | 0x77360fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| pagefile_0x000000007f6f0000 | 0x7f6f0000 | 0x7f7effff | Pagefile Backed Memory | Readable |
|
|
|
- |
| pagefile_0x000000007ffb0000 | 0x7ffb0000 | 0x7ffd2fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| private_0x000000007ffd4000 | 0x7ffd4000 | 0x7ffd4fff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x000000007ffdf000 | 0x7ffdf000 | 0x7ffdffff | Private Memory | Readable, Writable |
|
|
|
- |
Threads
Thread 0xb80
56
0
| Category | Operation | Information | Success | Count | Logfile |
|---|---|---|---|---|---|
| System | Get Time | type = System Time, time = 2018-02-24 20:29:42 (UTC) |
|
1 | |
| System | Get Time | type = Ticks, time = 141555 |
|
1 | |
| Module | Get Handle | module_name = c:\windows\system32\cmd.exe, base_address = 0x4a090000 |
|
1 | |
| Module | Get Handle | module_name = c:\windows\system32\kernel32.dll, base_address = 0x76ed0000 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\kernel32.dll, function = SetThreadUILanguage, address_out = 0x76f224c2 |
|
1 | |
| Registry | Open Key | reg_name = HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\System |
|
1 | |
| File | Open | filename = STD_OUTPUT_HANDLE |
|
2 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| Environment | Get Environment String | - |
|
2 | |
| Registry | Open Key | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DisableUNCCheck, data = 232, type = REG_NONE |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = EnableExtensions, data = 1, type = REG_DWORD_LITTLE_ENDIAN |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DelayedExpansion, data = 1, type = REG_NONE |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DefaultColor, data = 0, type = REG_DWORD_LITTLE_ENDIAN |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = CompletionChar, data = 64, type = REG_DWORD_LITTLE_ENDIAN |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = PathCompletionChar, data = 64, type = REG_DWORD_LITTLE_ENDIAN |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = AutoRun, data = 64, type = REG_NONE |
|
1 | |
| Registry | Open Key | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor |
|
1 | |
| Registry | Read Value | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DisableUNCCheck, data = 64, type = REG_NONE |
|
1 | |
| Registry | Read Value | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = EnableExtensions, data = 1, type = REG_DWORD_LITTLE_ENDIAN |
|
1 | |
| Registry | Read Value | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DelayedExpansion, data = 1, type = REG_NONE |
|
1 | |
| Registry | Read Value | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DefaultColor, data = 0, type = REG_DWORD_LITTLE_ENDIAN |
|
1 | |
| Registry | Read Value | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = CompletionChar, data = 9, type = REG_DWORD_LITTLE_ENDIAN |
|
1 | |
| Registry | Read Value | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = PathCompletionChar, data = 9, type = REG_DWORD_LITTLE_ENDIAN |
|
1 | |
| Registry | Read Value | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = AutoRun, data = 9, type = REG_NONE |
|
1 | |
| Module | Get Filename | process_name = c:\windows\system32\cmd.exe, file_name_orig = C:\Windows\system32\cmd.exe, size = 260 |
|
1 | |
| Environment | Get Environment String | name = PATH, result_out = C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ |
|
1 | |
| Environment | Get Environment String | name = PATHEXT, result_out = .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC |
|
1 | |
| Environment | Get Environment String | name = PROMPT |
|
1 | |
| Environment | Set Environment String | name = PROMPT, value = $P$G |
|
1 | |
| Environment | Get Environment String | - |
|
1 | |
| Environment | Get Environment String | name = COMSPEC, result_out = C:\Windows\system32\cmd.exe |
|
1 | |
| Environment | Get Environment String | name = KEYS |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\Desktop, type = file_attributes |
|
2 | |
| Environment | Set Environment String | name = =C:, value = C:\Users\EEBsYm5\Desktop |
|
1 | |
| Environment | Get Environment String | - |
|
1 | |
| Module | Get Handle | module_name = c:\windows\system32\kernel32.dll, base_address = 0x76ed0000 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\kernel32.dll, function = CopyFileExW, address_out = 0x76f0ac6c |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\kernel32.dll, function = IsDebuggerPresent, address_out = 0x76f13ea8 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\kernel32.dll, function = SetConsoleInputExeNameW, address_out = 0x76f22732 |
|
1 | |
| File | Get Info | filename = cscript.exe, type = file_attributes |
|
1 | |
| Environment | Get Environment String | name = PATH, result_out = C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ |
|
1 | |
| Environment | Get Environment String | name = PATHEXT, result_out = .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC |
|
1 | |
| Process | Create | process_name = C:\Windows\system32\cscript.exe, os_pid = 0xba0, creation_flags = CREATE_EXTENDED_STARTUPINFO_PRESENT, show_window = SW_SHOWNORMAL |
|
1 | |
| Environment | Set Environment String | name = COPYCMD |
|
1 | |
| Environment | Get Environment String | - |
|
1 | |
| Environment | Set Environment String | name = =ExitCode, value = 00000000 |
|
1 | |
| Environment | Get Environment String | - |
|
1 | |
| Environment | Set Environment String | name = =ExitCodeAscii |
|
1 | |
| Environment | Get Environment String | - |
|
1 | |
| File | Open | filename = STD_OUTPUT_HANDLE |
|
2 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 |
Process #9: cscript.exe
81
0
| Information | Value |
|---|---|
| ID | #9 |
| File Name | c:\windows\system32\cscript.exe |
| Command Line | cscript.exe C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs |
| Initial Working Directory | C:\Users\EEBsYm5\Desktop\ |
| Monitor | Start Time: 00:01:20, Reason: Child Process |
| Unmonitor | End Time: 00:02:41, Reason: Terminated by Timeout |
| Monitor Duration | 00:01:21 |
OS Process Information
| Information | Value |
|---|---|
| PID | 0xba0 |
| Parent PID | 0xb7c (c:\windows\system32\cmd.exe) |
| Is Created or Modified Executable |
|
| Integrity Level | High (Elevated) |
| Username | CRH2YWU7\EEBsYm5 |
| Enabled Privileges | SeChangeNotifyPrivilege, SeImpersonatePrivilege, SeCreateGlobalPrivilege |
| Thread IDs |
0x
BA4
0x
BBC
0x
BC4
0x
BC8
0x
BCC
0x
BD8
0x
BDC
0x
BE0
|
Region
| Name | Start VA | End VA | Type | Permissions | Monitored | Dumped | YARA | Actions |
|---|---|---|---|---|---|---|---|---|
| private_0x0000000000010000 | 0x00010000 | 0x0002ffff | Private Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x0000000000010000 | 0x00010000 | 0x0001ffff | Pagefile Backed Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x0000000000020000 | 0x00020000 | 0x0002ffff | Pagefile Backed Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x0000000000030000 | 0x00030000 | 0x00033fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| locale.nls | 0x00040000 | 0x000a6fff | Memory Mapped File | Readable |
|
|
|
- |
| pagefile_0x00000000000b0000 | 0x000b0000 | 0x000b6fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| pagefile_0x00000000000c0000 | 0x000c0000 | 0x000c1fff | Pagefile Backed Memory | Readable, Writable |
|
|
|
- |
| cscript.exe.mui | 0x000d0000 | 0x000d2fff | Memory Mapped File | Readable, Writable |
|
|
|
- |
| private_0x00000000000e0000 | 0x000e0000 | 0x000e0fff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x00000000000f0000 | 0x000f0000 | 0x000f0fff | Private Memory | Readable, Writable |
|
|
|
- |
| cscript.exe | 0x00100000 | 0x0010bfff | Memory Mapped File | Readable |
|
|
|
- |
| pagefile_0x0000000000110000 | 0x00110000 | 0x00110fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| pagefile_0x0000000000120000 | 0x00120000 | 0x00120fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| retrive5365638019239783154.vbs | 0x00130000 | 0x00130fff | Memory Mapped File | Readable |
|
|
|
|
| private_0x0000000000130000 | 0x00130000 | 0x0013ffff | Private Memory | Readable, Writable |
|
|
|
- |
| retrive5365638019239783154.vbs | 0x00140000 | 0x00140fff | Memory Mapped File | Readable |
|
|
|
|
| wbemdisp.tlb | 0x00140000 | 0x0014efff | Memory Mapped File | Readable |
|
|
|
- |
| private_0x0000000000150000 | 0x00150000 | 0x0024ffff | Private Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x0000000000250000 | 0x00250000 | 0x00317fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| rpcss.dll | 0x00320000 | 0x0037bfff | Memory Mapped File | Readable |
|
|
|
- |
| private_0x0000000000320000 | 0x00320000 | 0x0038ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000000390000 | 0x00390000 | 0x0048ffff | Private Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x0000000000490000 | 0x00490000 | 0x00590fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| rsaenh.dll | 0x005a0000 | 0x005dbfff | Memory Mapped File | Readable |
|
|
|
- |
| cscript.exe | 0x005f0000 | 0x00611fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| pagefile_0x0000000000620000 | 0x00620000 | 0x006fefff | Pagefile Backed Memory | Readable |
|
|
|
- |
| private_0x0000000000700000 | 0x00700000 | 0x007fffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000000800000 | 0x00800000 | 0x0080ffff | Private Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x0000000000810000 | 0x00810000 | 0x0140ffff | Pagefile Backed Memory | Readable |
|
|
|
- |
| private_0x0000000001540000 | 0x01540000 | 0x0163ffff | Private Memory | Readable, Writable |
|
|
|
- |
| sortdefault.nls | 0x01640000 | 0x0190efff | Memory Mapped File | Readable |
|
|
|
- |
| private_0x0000000001940000 | 0x01940000 | 0x01a3ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000001af0000 | 0x01af0000 | 0x01beffff | Private Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x0000000001bf0000 | 0x01bf0000 | 0x01feffff | Pagefile Backed Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000001ff0000 | 0x01ff0000 | 0x0212ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000002140000 | 0x02140000 | 0x0223ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000002240000 | 0x02240000 | 0x023dffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000002240000 | 0x02240000 | 0x0238ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x00000000023a0000 | 0x023a0000 | 0x023dffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x00000000024e0000 | 0x024e0000 | 0x025dffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x00000000026d0000 | 0x026d0000 | 0x027cffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x00000000028c0000 | 0x028c0000 | 0x029bffff | Private Memory | Readable, Writable |
|
|
|
- |
| wbemdisp.dll | 0x6d500000 | 0x6d530fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| scrobj.dll | 0x6dad0000 | 0x6dafcfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| wmiutils.dll | 0x6f390000 | 0x6f3a6fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| comctl32.dll | 0x6f3c0000 | 0x6f443fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| wshext.dll | 0x6f450000 | 0x6f465fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| vbscript.dll | 0x6f4e0000 | 0x6f54afff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| msisip.dll | 0x6f560000 | 0x6f567fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| wbemsvc.dll | 0x6f7c0000 | 0x6f7cefff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| wbemprox.dll | 0x6fa20000 | 0x6fa29fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| ntdsapi.dll | 0x6fa30000 | 0x6fa47fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| fastprox.dll | 0x6fa50000 | 0x6fae5fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| wbemcomn.dll | 0x6fc20000 | 0x6fc7bfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| dwmapi.dll | 0x73da0000 | 0x73db2fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| uxtheme.dll | 0x740d0000 | 0x7410ffff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| version.dll | 0x747c0000 | 0x747c8fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| rsaenh.dll | 0x74ae0000 | 0x74b1afff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| cryptsp.dll | 0x74d40000 | 0x74d55fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| cryptbase.dll | 0x751c0000 | 0x751cbfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| sxs.dll | 0x751d0000 | 0x7522efff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| rpcrtremote.dll | 0x75260000 | 0x7526dfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| msasn1.dll | 0x752e0000 | 0x752ebfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| wintrust.dll | 0x752f0000 | 0x7531cfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| crypt32.dll | 0x75320000 | 0x7543cfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| kernelbase.dll | 0x75490000 | 0x754d9fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| shell32.dll | 0x75570000 | 0x761b9fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| rpcrt4.dll | 0x761c0000 | 0x76260fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| sechost.dll | 0x76470000 | 0x76488fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| ws2_32.dll | 0x76630000 | 0x76664fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| clbcatq.dll | 0x766d0000 | 0x76752fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| imm32.dll | 0x76920000 | 0x7693efff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| gdi32.dll | 0x76970000 | 0x769bdfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| user32.dll | 0x769c0000 | 0x76a88fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| shlwapi.dll | 0x76a90000 | 0x76ae6fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| oleaut32.dll | 0x76b40000 | 0x76bcefff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| usp10.dll | 0x76bd0000 | 0x76c6cfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| ole32.dll | 0x76d70000 | 0x76ecbfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| kernel32.dll | 0x76ed0000 | 0x76fa3fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| advapi32.dll | 0x76fb0000 | 0x7704ffff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| msctf.dll | 0x77050000 | 0x7711bfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| ntdll.dll | 0x77120000 | 0x7725bfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| nsi.dll | 0x77270000 | 0x77275fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| lpk.dll | 0x77290000 | 0x77299fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| msvcrt.dll | 0x772a0000 | 0x7734bfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| apisetschema.dll | 0x77360000 | 0x77360fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| pagefile_0x000000007f6f0000 | 0x7f6f0000 | 0x7f7effff | Pagefile Backed Memory | Readable |
|
|
|
- |
| pagefile_0x000000007ffb0000 | 0x7ffb0000 | 0x7ffd2fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| private_0x000000007ffd7000 | 0x7ffd7000 | 0x7ffd7fff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x000000007ffd8000 | 0x7ffd8000 | 0x7ffd8fff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x000000007ffd9000 | 0x7ffd9000 | 0x7ffd9fff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x000000007ffda000 | 0x7ffda000 | 0x7ffdafff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x000000007ffdb000 | 0x7ffdb000 | 0x7ffdbfff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x000000007ffdc000 | 0x7ffdc000 | 0x7ffdcfff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x000000007ffdd000 | 0x7ffdd000 | 0x7ffddfff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x000000007ffde000 | 0x7ffde000 | 0x7ffdefff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x000000007ffdf000 | 0x7ffdf000 | 0x7ffdffff | Private Memory | Readable, Writable |
|
|
|
- |
Threads
Thread 0xba4
79
0
| Category | Operation | Information | Success | Count | Logfile |
|---|---|---|---|---|---|
| System | Get Time | type = System Time, time = 2018-02-24 20:29:42 (UTC) |
|
1 | |
| System | Get Time | type = Ticks, time = 141695 |
|
1 | |
| Module | Get Handle | module_name = c:\windows\system32\cscript.exe, base_address = 0x5f0000 |
|
1 | |
| System | Get Info | type = Operating System |
|
1 | |
| Module | Load | module_name = kernel32.dll, base_address = 0x76ed0000 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\kernel32.dll, function = SetThreadUILanguage, address_out = 0x76f224c2 |
|
1 | |
| Registry | Open Key | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings |
|
1 | |
| Registry | Open Key | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = IgnoreUserSettings, data = 132, type = REG_NONE |
|
1 | |
| Registry | Read Value | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = Enabled, data = 132, type = REG_NONE |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = Enabled, data = 132, type = REG_NONE |
|
1 | |
| Registry | Open Key | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings |
|
1 | |
| Registry | Open Key | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = IgnoreUserSettings, data = 0, type = REG_NONE |
|
1 | |
| Registry | Read Value | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = LogSecuritySuccesses, data = 0, type = REG_NONE |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = LogSecuritySuccesses, data = 0, type = REG_NONE |
|
1 | |
| Module | Load | module_name = kernel32.dll, base_address = 0x76ed0000 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\kernel32.dll, function = HeapSetInformation, address_out = 0x76f24157 |
|
1 | |
| Module | Get Filename | module_name = c:\windows\system32\cscript.exe, process_name = c:\windows\system32\cscript.exe, file_name_orig = C:\Windows\system32\cscript.exe, size = 261 |
|
1 | |
| Registry | Open Key | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = IgnoreUserSettings, data = 237, type = REG_NONE |
|
1 | |
| Registry | Open Key | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings |
|
1 | |
| Registry | Read Value | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = TrustPolicy, data = 41, type = REG_NONE |
|
1 | |
| Registry | Read Value | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = UseWINSAFER, data = 237, type = REG_NONE |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = TrustPolicy, data = 41, type = REG_NONE |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = UseWINSAFER, data = 1, type = REG_SZ |
|
1 | |
| Registry | Create Key | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = Timeout, data = 208, type = REG_NONE |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = DisplayLogo, data = 1, type = REG_SZ |
|
1 | |
| Registry | Create Key | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings |
|
1 | |
| Registry | Read Value | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = Timeout, data = 208, type = REG_NONE |
|
1 | |
| Registry | Read Value | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = DisplayLogo, data = 49, type = REG_NONE |
|
1 | |
| File | Open | filename = STD_OUTPUT_HANDLE |
|
1 | |
| File | Write | filename = STD_OUTPUT_HANDLE, size = 108 |
|
1 | |
| System | Sleep | duration = -1 (infinite) |
|
1 | |
| Registry | Open Key | reg_name = HKEY_CLASSES_ROOT\.vbs |
|
1 | |
| Registry | Read Value | reg_name = HKEY_CLASSES_ROOT\.vbs, data = VBSFile, type = REG_SZ |
|
1 | |
| Registry | Open Key | reg_name = HKEY_CLASSES_ROOT\VBSFile\ScriptEngine |
|
1 | |
| Registry | Read Value | reg_name = HKEY_CLASSES_ROOT\VBSFile\ScriptEngine, data = VBScript, type = REG_SZ |
|
1 | |
| COM | Create | interface = 00000000-0000-0000-C000-000000000046, cls_context = CLSCTX_INPROC_SERVER, CLSCTX_INPROC_HANDLER, CLSCTX_LOCAL_SERVER, CLSCTX_REMOTE_SERVER |
|
1 | |
| System | Get Info | type = Operating System |
|
1 | |
| Module | Load | module_name = ole32.dll, base_address = 0x76d70000 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\ole32.dll, function = CoCreateInstance, address_out = 0x76db9d0b |
|
1 | |
| COM | Create | interface = 6C736DC1-AB0D-11D0-A2AD-00A0C90F27E8, cls_context = CLSCTX_INPROC_SERVER |
|
1 | |
| System | Get Time | type = Ticks, time = 141758 |
|
1 | |
| File | Create | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, desired_access = GENERIC_READ, file_attributes = FILE_FLAG_SEQUENTIAL_SCAN, share_mode = FILE_SHARE_READ |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = size |
|
1 | |
| Module | Create Mapping | module_name = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, protection = PAGE_READONLY, maximum_size = 281 |
|
1 | |
| Module | Map | C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, process_name = c:\windows\system32\cscript.exe, desired_access = FILE_MAP_READ |
|
1 | |
| Module | Unmap | process_name = c:\windows\system32\cscript.exe |
|
1 | |
| System | Get Info | type = System Directory |
|
1 | |
| System | Get Info | type = System Directory, result_out = C:\Windows\system32 |
|
1 | |
| Module | Load | module_name = C:\Windows\system32\advapi32.dll, base_address = 0x76fb0000 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\advapi32.dll, function = SaferIdentifyLevel, address_out = 0x76fd2102 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\advapi32.dll, function = SaferComputeTokenFromLevel, address_out = 0x76fd3352 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\advapi32.dll, function = SaferCloseLevel, address_out = 0x76fd3825 |
|
1 | |
| System | Get Info | type = Operating System |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, type = size |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive5365638019239783154.vbs, size = 281, size_out = 281 |
|
1 | |
| COM | Create | interface = E4D1C9B0-46E8-11D4-A2A6-00104BD35090, cls_context = CLSCTX_INPROC_SERVER |
|
1 | |
| System | Get Info | type = Operating System |
|
1 | |
| System | Get Info | type = Hardware Information |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\ole32.dll, function = CreateBindCtx, address_out = 0x76db6d2c |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\ole32.dll, function = MkParseDisplayName, address_out = 0x76d7cea9 |
|
1 | |
| System | Get Info | type = Operating System |
|
1 | |
| Registry | Open Key | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Wbem\Scripting |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Wbem\Scripting, value_name = Default Impersonation Level, data = 3 |
|
1 | |
| System | Get Info | type = System Directory, result_out = C:\Windows\system32 |
|
1 | |
| Module | Load | module_name = C:\Windows\system32\advapi32.dll, base_address = 0x76fb0000 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\advapi32.dll, function = DuplicateTokenEx, address_out = 0x76fbca24 |
|
1 | |
| COM | Create | interface = DC12A687-737F-11CF-884D-00AA004B2E24, cls_context = CLSCTX_INPROC_SERVER |
|
1 | |
| COM | Create | interface = 3BC15AF2-736C-477E-9E51-238AF8667DCC, cls_context = CLSCTX_INPROC_SERVER |
|
5 | |
| Module | Get Address | module_name = c:\windows\system32\ole32.dll, function = BindMoniker, address_out = 0x76d7c6a7 |
|
1 | |
| System | Sleep | duration = -1 (infinite) |
|
1 |
Thread 0xbc4
2
0
| Category | Operation | Information | Success | Count | Logfile |
|---|---|---|---|---|---|
| Window | Create | class_name = WSH-Timer, wndproc_parameter = 8397440 |
|
1 | |
| Window | Set Attribute | class_name = WSH-Timer, index = 18446744073709551595, new_long = 8397440 |
|
1 |
Process #10: cmd.exe
56
0
| Information | Value |
|---|---|
| ID | #10 |
| File Name | c:\windows\system32\cmd.exe |
| Command Line | cmd.exe /C cscript.exe C:\Users\EEBsYm5\AppData\Local\Temp\Retrive2742094931696724792.vbs |
| Initial Working Directory | C:\Users\EEBsYm5\Desktop\ |
| Monitor | Start Time: 00:01:20, Reason: Child Process |
| Unmonitor | End Time: 00:02:41, Reason: Terminated by Timeout |
| Monitor Duration | 00:01:21 |
OS Process Information
| Information | Value |
|---|---|
| PID | 0xbac |
| Parent PID | 0xa9c (c:\program files\java\jre7\bin\java.exe) |
| Is Created or Modified Executable |
|
| Integrity Level | High (Elevated) |
| Username | CRH2YWU7\EEBsYm5 |
| Enabled Privileges | SeChangeNotifyPrivilege, SeImpersonatePrivilege, SeCreateGlobalPrivilege |
| Thread IDs |
0x
BB0
|
Region
| Name | Start VA | End VA | Type | Permissions | Monitored | Dumped | YARA | Actions |
|---|---|---|---|---|---|---|---|---|
| private_0x0000000000010000 | 0x00010000 | 0x0002ffff | Private Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x0000000000010000 | 0x00010000 | 0x0001ffff | Pagefile Backed Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x0000000000020000 | 0x00020000 | 0x0002ffff | Pagefile Backed Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000000030000 | 0x00030000 | 0x0012ffff | Private Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x0000000000130000 | 0x00130000 | 0x00133fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| pagefile_0x0000000000140000 | 0x00140000 | 0x00140fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| locale.nls | 0x00150000 | 0x001b6fff | Memory Mapped File | Readable |
|
|
|
- |
| pagefile_0x00000000001c0000 | 0x001c0000 | 0x001c6fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| pagefile_0x00000000001d0000 | 0x001d0000 | 0x001d1fff | Pagefile Backed Memory | Readable, Writable |
|
|
|
- |
| private_0x00000000001e0000 | 0x001e0000 | 0x001e0fff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x00000000001f0000 | 0x001f0000 | 0x001f0fff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000000200000 | 0x00200000 | 0x0020ffff | Private Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x0000000000210000 | 0x00210000 | 0x002d7fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| cscript.exe | 0x002e0000 | 0x00301fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| cscript.exe.mui | 0x00310000 | 0x00312fff | Memory Mapped File | Readable, Writable |
|
|
|
- |
| private_0x0000000000330000 | 0x00330000 | 0x0042ffff | Private Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x0000000000430000 | 0x00430000 | 0x00530fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| pagefile_0x0000000000540000 | 0x00540000 | 0x0113ffff | Pagefile Backed Memory | Readable |
|
|
|
- |
| pagefile_0x0000000001140000 | 0x01140000 | 0x012a2fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| sortdefault.nls | 0x012b0000 | 0x0157efff | Memory Mapped File | Readable |
|
|
|
- |
| cmd.exe | 0x4a090000 | 0x4a0dbfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| winbrand.dll | 0x6f550000 | 0x6f556fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| kernelbase.dll | 0x75490000 | 0x754d9fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| imm32.dll | 0x76920000 | 0x7693efff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| gdi32.dll | 0x76970000 | 0x769bdfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| user32.dll | 0x769c0000 | 0x76a88fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| usp10.dll | 0x76bd0000 | 0x76c6cfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| kernel32.dll | 0x76ed0000 | 0x76fa3fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| msctf.dll | 0x77050000 | 0x7711bfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| ntdll.dll | 0x77120000 | 0x7725bfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| lpk.dll | 0x77290000 | 0x77299fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| msvcrt.dll | 0x772a0000 | 0x7734bfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| apisetschema.dll | 0x77360000 | 0x77360fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| pagefile_0x000000007f6f0000 | 0x7f6f0000 | 0x7f7effff | Pagefile Backed Memory | Readable |
|
|
|
- |
| pagefile_0x000000007ffb0000 | 0x7ffb0000 | 0x7ffd2fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| private_0x000000007ffd9000 | 0x7ffd9000 | 0x7ffd9fff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x000000007ffdf000 | 0x7ffdf000 | 0x7ffdffff | Private Memory | Readable, Writable |
|
|
|
- |
Threads
Thread 0xbb0
56
0
| Category | Operation | Information | Success | Count | Logfile |
|---|---|---|---|---|---|
| System | Get Time | type = System Time, time = 2018-02-24 20:29:42 (UTC) |
|
1 | |
| System | Get Time | type = Ticks, time = 141789 |
|
1 | |
| Module | Get Handle | module_name = c:\windows\system32\cmd.exe, base_address = 0x4a090000 |
|
1 | |
| Module | Get Handle | module_name = c:\windows\system32\kernel32.dll, base_address = 0x76ed0000 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\kernel32.dll, function = SetThreadUILanguage, address_out = 0x76f224c2 |
|
1 | |
| Registry | Open Key | reg_name = HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\System |
|
1 | |
| File | Open | filename = STD_OUTPUT_HANDLE |
|
2 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| Environment | Get Environment String | - |
|
2 | |
| Registry | Open Key | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DisableUNCCheck, data = 232, type = REG_NONE |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = EnableExtensions, data = 1, type = REG_DWORD_LITTLE_ENDIAN |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DelayedExpansion, data = 1, type = REG_NONE |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DefaultColor, data = 0, type = REG_DWORD_LITTLE_ENDIAN |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = CompletionChar, data = 64, type = REG_DWORD_LITTLE_ENDIAN |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = PathCompletionChar, data = 64, type = REG_DWORD_LITTLE_ENDIAN |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = AutoRun, data = 64, type = REG_NONE |
|
1 | |
| Registry | Open Key | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor |
|
1 | |
| Registry | Read Value | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DisableUNCCheck, data = 64, type = REG_NONE |
|
1 | |
| Registry | Read Value | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = EnableExtensions, data = 1, type = REG_DWORD_LITTLE_ENDIAN |
|
1 | |
| Registry | Read Value | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DelayedExpansion, data = 1, type = REG_NONE |
|
1 | |
| Registry | Read Value | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DefaultColor, data = 0, type = REG_DWORD_LITTLE_ENDIAN |
|
1 | |
| Registry | Read Value | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = CompletionChar, data = 9, type = REG_DWORD_LITTLE_ENDIAN |
|
1 | |
| Registry | Read Value | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = PathCompletionChar, data = 9, type = REG_DWORD_LITTLE_ENDIAN |
|
1 | |
| Registry | Read Value | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = AutoRun, data = 9, type = REG_NONE |
|
1 | |
| Module | Get Filename | process_name = c:\windows\system32\cmd.exe, file_name_orig = C:\Windows\system32\cmd.exe, size = 260 |
|
1 | |
| Environment | Get Environment String | name = PATH, result_out = C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ |
|
1 | |
| Environment | Get Environment String | name = PATHEXT, result_out = .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC |
|
1 | |
| Environment | Get Environment String | name = PROMPT |
|
1 | |
| Environment | Set Environment String | name = PROMPT, value = $P$G |
|
1 | |
| Environment | Get Environment String | - |
|
1 | |
| Environment | Get Environment String | name = COMSPEC, result_out = C:\Windows\system32\cmd.exe |
|
1 | |
| Environment | Get Environment String | name = KEYS |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\Desktop, type = file_attributes |
|
2 | |
| Environment | Set Environment String | name = =C:, value = C:\Users\EEBsYm5\Desktop |
|
1 | |
| Environment | Get Environment String | - |
|
1 | |
| Module | Get Handle | module_name = c:\windows\system32\kernel32.dll, base_address = 0x76ed0000 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\kernel32.dll, function = CopyFileExW, address_out = 0x76f0ac6c |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\kernel32.dll, function = IsDebuggerPresent, address_out = 0x76f13ea8 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\kernel32.dll, function = SetConsoleInputExeNameW, address_out = 0x76f22732 |
|
1 | |
| File | Get Info | filename = cscript.exe, type = file_attributes |
|
1 | |
| Environment | Get Environment String | name = PATH, result_out = C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ |
|
1 | |
| Environment | Get Environment String | name = PATHEXT, result_out = .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC |
|
1 | |
| Process | Create | process_name = C:\Windows\system32\cscript.exe, os_pid = 0xbd0, creation_flags = CREATE_EXTENDED_STARTUPINFO_PRESENT, show_window = SW_SHOWNORMAL |
|
1 | |
| Environment | Set Environment String | name = COPYCMD |
|
1 | |
| Environment | Get Environment String | - |
|
1 | |
| Environment | Set Environment String | name = =ExitCode, value = 00000000 |
|
1 | |
| Environment | Get Environment String | - |
|
1 | |
| Environment | Set Environment String | name = =ExitCodeAscii |
|
1 | |
| Environment | Get Environment String | - |
|
1 | |
| File | Open | filename = STD_OUTPUT_HANDLE |
|
2 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 |
Process #11: cscript.exe
81
0
| Information | Value |
|---|---|
| ID | #11 |
| File Name | c:\windows\system32\cscript.exe |
| Command Line | cscript.exe C:\Users\EEBsYm5\AppData\Local\Temp\Retrive2742094931696724792.vbs |
| Initial Working Directory | C:\Users\EEBsYm5\Desktop\ |
| Monitor | Start Time: 00:01:21, Reason: Child Process |
| Unmonitor | End Time: 00:02:41, Reason: Terminated by Timeout |
| Monitor Duration | 00:01:20 |
OS Process Information
| Information | Value |
|---|---|
| PID | 0xbd0 |
| Parent PID | 0xbac (c:\windows\system32\cmd.exe) |
| Is Created or Modified Executable |
|
| Integrity Level | High (Elevated) |
| Username | CRH2YWU7\EEBsYm5 |
| Enabled Privileges | SeChangeNotifyPrivilege, SeImpersonatePrivilege, SeCreateGlobalPrivilege |
| Thread IDs |
0x
BD4
0x
BE4
0x
BE8
0x
BEC
0x
BF0
0x
BF8
0x
C04
0x
C08
|
Region
| Name | Start VA | End VA | Type | Permissions | Monitored | Dumped | YARA | Actions |
|---|---|---|---|---|---|---|---|---|
| private_0x0000000000010000 | 0x00010000 | 0x0002ffff | Private Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x0000000000010000 | 0x00010000 | 0x0001ffff | Pagefile Backed Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x0000000000020000 | 0x00020000 | 0x0002ffff | Pagefile Backed Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000000030000 | 0x00030000 | 0x0012ffff | Private Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x0000000000130000 | 0x00130000 | 0x00133fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| locale.nls | 0x00140000 | 0x001a6fff | Memory Mapped File | Readable |
|
|
|
- |
| pagefile_0x00000000001b0000 | 0x001b0000 | 0x00277fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| pagefile_0x0000000000280000 | 0x00280000 | 0x00286fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| pagefile_0x0000000000290000 | 0x00290000 | 0x00291fff | Pagefile Backed Memory | Readable, Writable |
|
|
|
- |
| cscript.exe.mui | 0x002a0000 | 0x002a2fff | Memory Mapped File | Readable, Writable |
|
|
|
- |
| private_0x00000000002b0000 | 0x002b0000 | 0x002b0fff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x00000000002c0000 | 0x002c0000 | 0x002c0fff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x00000000002d0000 | 0x002d0000 | 0x0031ffff | Private Memory | Readable, Writable |
|
|
|
- |
| cscript.exe | 0x002d0000 | 0x002dbfff | Memory Mapped File | Readable |
|
|
|
- |
| private_0x00000000002e0000 | 0x002e0000 | 0x0031ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000000320000 | 0x00320000 | 0x0041ffff | Private Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x0000000000420000 | 0x00420000 | 0x00520fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| rpcss.dll | 0x00530000 | 0x0058bfff | Memory Mapped File | Readable |
|
|
|
- |
| pagefile_0x0000000000530000 | 0x00530000 | 0x00530fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| pagefile_0x0000000000540000 | 0x00540000 | 0x00540fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| retrive2742094931696724792.vbs | 0x00550000 | 0x00550fff | Memory Mapped File | Readable |
|
|
|
|
| rsaenh.dll | 0x00550000 | 0x0058bfff | Memory Mapped File | Readable |
|
|
|
- |
| private_0x0000000000550000 | 0x00550000 | 0x0055ffff | Private Memory | Readable, Writable |
|
|
|
- |
| retrive2742094931696724792.vbs | 0x00560000 | 0x00560fff | Memory Mapped File | Readable |
|
|
|
|
| wbemdisp.tlb | 0x00560000 | 0x0056efff | Memory Mapped File | Readable |
|
|
|
- |
| private_0x00000000005c0000 | 0x005c0000 | 0x005cffff | Private Memory | Readable, Writable |
|
|
|
- |
| cscript.exe | 0x005f0000 | 0x00611fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| pagefile_0x0000000000620000 | 0x00620000 | 0x0121ffff | Pagefile Backed Memory | Readable |
|
|
|
- |
| pagefile_0x0000000001220000 | 0x01220000 | 0x012fefff | Pagefile Backed Memory | Readable |
|
|
|
- |
| private_0x0000000001320000 | 0x01320000 | 0x0141ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000001420000 | 0x01420000 | 0x0148ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x00000000014c0000 | 0x014c0000 | 0x015bffff | Private Memory | Readable, Writable |
|
|
|
- |
| sortdefault.nls | 0x015c0000 | 0x0188efff | Memory Mapped File | Readable |
|
|
|
- |
| private_0x0000000001940000 | 0x01940000 | 0x01a3ffff | Private Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x0000000001a40000 | 0x01a40000 | 0x01e3ffff | Pagefile Backed Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000001f20000 | 0x01f20000 | 0x0201ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000002020000 | 0x02020000 | 0x0211ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000002120000 | 0x02120000 | 0x0228ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000002290000 | 0x02290000 | 0x0243ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x00000000022f0000 | 0x022f0000 | 0x023effff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000002400000 | 0x02400000 | 0x0243ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000002460000 | 0x02460000 | 0x0255ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000002580000 | 0x02580000 | 0x0267ffff | Private Memory | Readable, Writable |
|
|
|
- |
| wbemdisp.dll | 0x6d3d0000 | 0x6d400fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| scrobj.dll | 0x6d740000 | 0x6d76cfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| wmiutils.dll | 0x6f390000 | 0x6f3a6fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| comctl32.dll | 0x6f3c0000 | 0x6f443fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| wshext.dll | 0x6f450000 | 0x6f465fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| vbscript.dll | 0x6f4e0000 | 0x6f54afff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| msisip.dll | 0x6f560000 | 0x6f567fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| wbemsvc.dll | 0x6f7c0000 | 0x6f7cefff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| wbemprox.dll | 0x6fa20000 | 0x6fa29fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| ntdsapi.dll | 0x6fa30000 | 0x6fa47fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| fastprox.dll | 0x6fa50000 | 0x6fae5fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| wbemcomn.dll | 0x6fc20000 | 0x6fc7bfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| dwmapi.dll | 0x73da0000 | 0x73db2fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| uxtheme.dll | 0x740d0000 | 0x7410ffff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| version.dll | 0x747c0000 | 0x747c8fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| rsaenh.dll | 0x74ae0000 | 0x74b1afff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| cryptsp.dll | 0x74d40000 | 0x74d55fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| cryptbase.dll | 0x751c0000 | 0x751cbfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| sxs.dll | 0x751d0000 | 0x7522efff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| rpcrtremote.dll | 0x75260000 | 0x7526dfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| msasn1.dll | 0x752e0000 | 0x752ebfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| wintrust.dll | 0x752f0000 | 0x7531cfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| crypt32.dll | 0x75320000 | 0x7543cfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| kernelbase.dll | 0x75490000 | 0x754d9fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| shell32.dll | 0x75570000 | 0x761b9fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| rpcrt4.dll | 0x761c0000 | 0x76260fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| sechost.dll | 0x76470000 | 0x76488fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| ws2_32.dll | 0x76630000 | 0x76664fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| clbcatq.dll | 0x766d0000 | 0x76752fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| imm32.dll | 0x76920000 | 0x7693efff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| gdi32.dll | 0x76970000 | 0x769bdfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| user32.dll | 0x769c0000 | 0x76a88fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| shlwapi.dll | 0x76a90000 | 0x76ae6fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| oleaut32.dll | 0x76b40000 | 0x76bcefff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| usp10.dll | 0x76bd0000 | 0x76c6cfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| ole32.dll | 0x76d70000 | 0x76ecbfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| kernel32.dll | 0x76ed0000 | 0x76fa3fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| advapi32.dll | 0x76fb0000 | 0x7704ffff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| msctf.dll | 0x77050000 | 0x7711bfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| ntdll.dll | 0x77120000 | 0x7725bfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| nsi.dll | 0x77270000 | 0x77275fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| lpk.dll | 0x77290000 | 0x77299fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| msvcrt.dll | 0x772a0000 | 0x7734bfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| apisetschema.dll | 0x77360000 | 0x77360fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| pagefile_0x000000007f6f0000 | 0x7f6f0000 | 0x7f7effff | Pagefile Backed Memory | Readable |
|
|
|
- |
| pagefile_0x000000007ffb0000 | 0x7ffb0000 | 0x7ffd2fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| private_0x000000007ffd7000 | 0x7ffd7000 | 0x7ffd7fff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x000000007ffd8000 | 0x7ffd8000 | 0x7ffd8fff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x000000007ffd9000 | 0x7ffd9000 | 0x7ffd9fff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x000000007ffda000 | 0x7ffda000 | 0x7ffdafff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x000000007ffdb000 | 0x7ffdb000 | 0x7ffdbfff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x000000007ffdc000 | 0x7ffdc000 | 0x7ffdcfff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x000000007ffdd000 | 0x7ffdd000 | 0x7ffddfff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x000000007ffde000 | 0x7ffde000 | 0x7ffdefff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x000000007ffdf000 | 0x7ffdf000 | 0x7ffdffff | Private Memory | Readable, Writable |
|
|
|
- |
Threads
Thread 0xbd4
79
0
| Category | Operation | Information | Success | Count | Logfile |
|---|---|---|---|---|---|
| System | Get Time | type = System Time, time = 2018-02-24 20:29:42 (UTC) |
|
1 | |
| System | Get Time | type = Ticks, time = 141929 |
|
1 | |
| Module | Get Handle | module_name = c:\windows\system32\cscript.exe, base_address = 0x5f0000 |
|
1 | |
| System | Get Info | type = Operating System |
|
1 | |
| Module | Load | module_name = kernel32.dll, base_address = 0x76ed0000 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\kernel32.dll, function = SetThreadUILanguage, address_out = 0x76f224c2 |
|
1 | |
| Registry | Open Key | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings |
|
1 | |
| Registry | Open Key | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = IgnoreUserSettings, data = 212, type = REG_NONE |
|
1 | |
| Registry | Read Value | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = Enabled, data = 212, type = REG_NONE |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = Enabled, data = 212, type = REG_NONE |
|
1 | |
| Registry | Open Key | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings |
|
1 | |
| Registry | Open Key | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = IgnoreUserSettings, data = 0, type = REG_NONE |
|
1 | |
| Registry | Read Value | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = LogSecuritySuccesses, data = 0, type = REG_NONE |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = LogSecuritySuccesses, data = 0, type = REG_NONE |
|
1 | |
| Module | Load | module_name = kernel32.dll, base_address = 0x76ed0000 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\kernel32.dll, function = HeapSetInformation, address_out = 0x76f24157 |
|
1 | |
| Module | Get Filename | module_name = c:\windows\system32\cscript.exe, process_name = c:\windows\system32\cscript.exe, file_name_orig = C:\Windows\system32\cscript.exe, size = 261 |
|
1 | |
| Registry | Open Key | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = IgnoreUserSettings, data = 237, type = REG_NONE |
|
1 | |
| Registry | Open Key | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings |
|
1 | |
| Registry | Read Value | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = TrustPolicy, data = 110, type = REG_NONE |
|
1 | |
| Registry | Read Value | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = UseWINSAFER, data = 237, type = REG_NONE |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = TrustPolicy, data = 110, type = REG_NONE |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = UseWINSAFER, data = 1, type = REG_SZ |
|
1 | |
| Registry | Create Key | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = Timeout, data = 32, type = REG_NONE |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings, value_name = DisplayLogo, data = 1, type = REG_SZ |
|
1 | |
| Registry | Create Key | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings |
|
1 | |
| Registry | Read Value | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = Timeout, data = 32, type = REG_NONE |
|
1 | |
| Registry | Read Value | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings, value_name = DisplayLogo, data = 49, type = REG_NONE |
|
1 | |
| File | Open | filename = STD_OUTPUT_HANDLE |
|
1 | |
| File | Write | filename = STD_OUTPUT_HANDLE, size = 108 |
|
1 | |
| System | Sleep | duration = -1 (infinite) |
|
1 | |
| Registry | Open Key | reg_name = HKEY_CLASSES_ROOT\.vbs |
|
1 | |
| Registry | Read Value | reg_name = HKEY_CLASSES_ROOT\.vbs, data = VBSFile, type = REG_SZ |
|
1 | |
| Registry | Open Key | reg_name = HKEY_CLASSES_ROOT\VBSFile\ScriptEngine |
|
1 | |
| Registry | Read Value | reg_name = HKEY_CLASSES_ROOT\VBSFile\ScriptEngine, data = VBScript, type = REG_SZ |
|
1 | |
| COM | Create | interface = 00000000-0000-0000-C000-000000000046, cls_context = CLSCTX_INPROC_SERVER, CLSCTX_INPROC_HANDLER, CLSCTX_LOCAL_SERVER, CLSCTX_REMOTE_SERVER |
|
1 | |
| System | Get Info | type = Operating System |
|
1 | |
| Module | Load | module_name = ole32.dll, base_address = 0x76d70000 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\ole32.dll, function = CoCreateInstance, address_out = 0x76db9d0b |
|
1 | |
| COM | Create | interface = 6C736DC1-AB0D-11D0-A2AD-00A0C90F27E8, cls_context = CLSCTX_INPROC_SERVER |
|
1 | |
| System | Get Time | type = Ticks, time = 142023 |
|
1 | |
| File | Create | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive2742094931696724792.vbs, desired_access = GENERIC_READ, file_attributes = FILE_FLAG_SEQUENTIAL_SCAN, share_mode = FILE_SHARE_READ |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive2742094931696724792.vbs, type = size |
|
1 | |
| Module | Create Mapping | module_name = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive2742094931696724792.vbs, filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive2742094931696724792.vbs, protection = PAGE_READONLY, maximum_size = 281 |
|
1 | |
| Module | Map | C:\Users\EEBsYm5\AppData\Local\Temp\Retrive2742094931696724792.vbs, process_name = c:\windows\system32\cscript.exe, desired_access = FILE_MAP_READ |
|
1 | |
| Module | Unmap | process_name = c:\windows\system32\cscript.exe |
|
1 | |
| System | Get Info | type = System Directory |
|
1 | |
| System | Get Info | type = System Directory, result_out = C:\Windows\system32 |
|
1 | |
| Module | Load | module_name = C:\Windows\system32\advapi32.dll, base_address = 0x76fb0000 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\advapi32.dll, function = SaferIdentifyLevel, address_out = 0x76fd2102 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\advapi32.dll, function = SaferComputeTokenFromLevel, address_out = 0x76fd3352 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\advapi32.dll, function = SaferCloseLevel, address_out = 0x76fd3825 |
|
1 | |
| System | Get Info | type = Operating System |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive2742094931696724792.vbs, type = size |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\AppData\Local\Temp\Retrive2742094931696724792.vbs, size = 281, size_out = 281 |
|
1 | |
| COM | Create | interface = E4D1C9B0-46E8-11D4-A2A6-00104BD35090, cls_context = CLSCTX_INPROC_SERVER |
|
1 | |
| System | Get Info | type = Operating System |
|
1 | |
| System | Get Info | type = Hardware Information |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\ole32.dll, function = CreateBindCtx, address_out = 0x76db6d2c |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\ole32.dll, function = MkParseDisplayName, address_out = 0x76d7cea9 |
|
1 | |
| System | Get Info | type = Operating System |
|
1 | |
| Registry | Open Key | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Wbem\Scripting |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Wbem\Scripting, value_name = Default Impersonation Level, data = 3 |
|
1 | |
| System | Get Info | type = System Directory, result_out = C:\Windows\system32 |
|
1 | |
| Module | Load | module_name = C:\Windows\system32\advapi32.dll, base_address = 0x76fb0000 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\advapi32.dll, function = DuplicateTokenEx, address_out = 0x76fbca24 |
|
1 | |
| COM | Create | interface = DC12A687-737F-11CF-884D-00AA004B2E24, cls_context = CLSCTX_INPROC_SERVER |
|
1 | |
| COM | Create | interface = 3BC15AF2-736C-477E-9E51-238AF8667DCC, cls_context = CLSCTX_INPROC_SERVER |
|
5 | |
| Module | Get Address | module_name = c:\windows\system32\ole32.dll, function = BindMoniker, address_out = 0x76d7c6a7 |
|
1 | |
| System | Sleep | duration = -1 (infinite) |
|
1 |
Thread 0xbe8
2
0
| Category | Operation | Information | Success | Count | Logfile |
|---|---|---|---|---|---|
| Window | Create | class_name = WSH-Timer, wndproc_parameter = 6038144 |
|
1 | |
| Window | Set Attribute | class_name = WSH-Timer, index = 18446744073709551595, new_long = 6038144 |
|
1 |
Process #12: xcopy.exe
0
0
| Information | Value |
|---|---|
| ID | #12 |
| File Name | c:\windows\system32\xcopy.exe |
| Command Line | xcopy "C:\Program Files\Java\jre7" "C:\Users\EEBsYm5\AppData\Roaming\Oracle\" /e |
| Initial Working Directory | C:\Users\EEBsYm5\Desktop\ |
| Monitor | Start Time: 00:01:21, Reason: Child Process |
| Unmonitor | End Time: 00:02:41, Reason: Terminated by Timeout |
| Monitor Duration | 00:01:20 |
| Remarks | No high level activity detected in monitored regions |
OS Process Information
| Information | Value |
|---|---|
| PID | 0xbfc |
| Parent PID | 0xa14 (c:\program files\java\jre7\bin\java.exe) |
| Is Created or Modified Executable |
|
| Integrity Level | High (Elevated) |
| Username | CRH2YWU7\EEBsYm5 |
| Enabled Privileges | SeChangeNotifyPrivilege, SeImpersonatePrivilege, SeCreateGlobalPrivilege |
| Thread IDs |
0x
C00
|
Region
| Name | Start VA | End VA | Type | Permissions | Monitored | Dumped | YARA | Actions |
|---|---|---|---|---|---|---|---|---|
| private_0x0000000000010000 | 0x00010000 | 0x0002ffff | Private Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x0000000000010000 | 0x00010000 | 0x0001ffff | Pagefile Backed Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x0000000000020000 | 0x00020000 | 0x0002ffff | Pagefile Backed Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x0000000000030000 | 0x00030000 | 0x00033fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| pagefile_0x0000000000040000 | 0x00040000 | 0x00040fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| private_0x0000000000070000 | 0x00070000 | 0x000affff | Private Memory | Readable, Writable |
|
|
|
- |
| locale.nls | 0x000b0000 | 0x00116fff | Memory Mapped File | Readable |
|
|
|
- |
| private_0x0000000000160000 | 0x00160000 | 0x0016ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x00000000001b0000 | 0x001b0000 | 0x002affff | Private Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x00000000002b0000 | 0x002b0000 | 0x00377fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| xcopy.exe | 0x00550000 | 0x0055bfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| ifsutil.dll | 0x6d510000 | 0x6d536fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| ulib.dll | 0x6dae0000 | 0x6dafcfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| cfgmgr32.dll | 0x75440000 | 0x75466fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| devobj.dll | 0x75470000 | 0x75481fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| kernelbase.dll | 0x75490000 | 0x754d9fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| rpcrt4.dll | 0x761c0000 | 0x76260fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| sechost.dll | 0x76470000 | 0x76488fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| setupapi.dll | 0x76490000 | 0x7662cfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| imm32.dll | 0x76920000 | 0x7693efff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| gdi32.dll | 0x76970000 | 0x769bdfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| user32.dll | 0x769c0000 | 0x76a88fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| oleaut32.dll | 0x76b40000 | 0x76bcefff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| usp10.dll | 0x76bd0000 | 0x76c6cfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| ole32.dll | 0x76d70000 | 0x76ecbfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| kernel32.dll | 0x76ed0000 | 0x76fa3fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| advapi32.dll | 0x76fb0000 | 0x7704ffff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| msctf.dll | 0x77050000 | 0x7711bfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| ntdll.dll | 0x77120000 | 0x7725bfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| lpk.dll | 0x77290000 | 0x77299fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| msvcrt.dll | 0x772a0000 | 0x7734bfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| apisetschema.dll | 0x77360000 | 0x77360fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| pagefile_0x000000007f6f0000 | 0x7f6f0000 | 0x7f7effff | Pagefile Backed Memory | Readable |
|
|
|
- |
| pagefile_0x000000007ffb0000 | 0x7ffb0000 | 0x7ffd2fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| private_0x000000007ffd4000 | 0x7ffd4000 | 0x7ffd4fff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x000000007ffdf000 | 0x7ffdf000 | 0x7ffdffff | Private Memory | Readable, Writable |
|
|
|
- |
Process #13: cmd.exe
374
0
| Information | Value |
|---|---|
| ID | #13 |
| File Name | c:\windows\system32\cmd.exe |
| Command Line | cmd.exe |
| Initial Working Directory | C:\Users\EEBsYm5\Desktop\ |
| Monitor | Start Time: 00:01:23, Reason: Child Process |
| Unmonitor | End Time: 00:02:41, Reason: Terminated by Timeout |
| Monitor Duration | 00:01:18 |
OS Process Information
| Information | Value |
|---|---|
| PID | 0xc1c |
| Parent PID | 0xa9c (c:\program files\java\jre7\bin\java.exe) |
| Is Created or Modified Executable |
|
| Integrity Level | High (Elevated) |
| Username | CRH2YWU7\EEBsYm5 |
| Enabled Privileges | SeChangeNotifyPrivilege, SeImpersonatePrivilege, SeCreateGlobalPrivilege |
| Thread IDs |
0x
C20
|
Region
| Name | Start VA | End VA | Type | Permissions | Monitored | Dumped | YARA | Actions |
|---|---|---|---|---|---|---|---|---|
| private_0x0000000000010000 | 0x00010000 | 0x0002ffff | Private Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x0000000000010000 | 0x00010000 | 0x0001ffff | Pagefile Backed Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x0000000000020000 | 0x00020000 | 0x0002ffff | Pagefile Backed Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000000030000 | 0x00030000 | 0x0012ffff | Private Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x0000000000130000 | 0x00130000 | 0x00133fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| pagefile_0x0000000000140000 | 0x00140000 | 0x00140fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| pagefile_0x0000000000150000 | 0x00150000 | 0x00156fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| pagefile_0x0000000000160000 | 0x00160000 | 0x00161fff | Pagefile Backed Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000000170000 | 0x00170000 | 0x00170fff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000000180000 | 0x00180000 | 0x00180fff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000000190000 | 0x00190000 | 0x0028ffff | Private Memory | Readable, Writable |
|
|
|
- |
| locale.nls | 0x00290000 | 0x002f6fff | Memory Mapped File | Readable |
|
|
|
- |
| pagefile_0x0000000000300000 | 0x00300000 | 0x003c7fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| private_0x0000000000490000 | 0x00490000 | 0x0049ffff | Private Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x00000000004a0000 | 0x004a0000 | 0x005a0fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| pagefile_0x00000000005b0000 | 0x005b0000 | 0x011affff | Pagefile Backed Memory | Readable |
|
|
|
- |
| pagefile_0x00000000011b0000 | 0x011b0000 | 0x01312fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| basebrd.dll | 0x01320000 | 0x013e7fff | Memory Mapped File | Readable |
|
|
|
- |
| pagefile_0x00000000013f0000 | 0x013f0000 | 0x017e2fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| sortdefault.nls | 0x017f0000 | 0x01abefff | Memory Mapped File | Readable |
|
|
|
- |
| cmd.exe | 0x4a750000 | 0x4a79bfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| winbrand.dll | 0x6f560000 | 0x6f566fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| kernelbase.dll | 0x75490000 | 0x754d9fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| imm32.dll | 0x76920000 | 0x7693efff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| gdi32.dll | 0x76970000 | 0x769bdfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| user32.dll | 0x769c0000 | 0x76a88fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| usp10.dll | 0x76bd0000 | 0x76c6cfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| kernel32.dll | 0x76ed0000 | 0x76fa3fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| msctf.dll | 0x77050000 | 0x7711bfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| ntdll.dll | 0x77120000 | 0x7725bfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| lpk.dll | 0x77290000 | 0x77299fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| msvcrt.dll | 0x772a0000 | 0x7734bfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| apisetschema.dll | 0x77360000 | 0x77360fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| pagefile_0x000000007f6f0000 | 0x7f6f0000 | 0x7f7effff | Pagefile Backed Memory | Readable |
|
|
|
- |
| pagefile_0x000000007ffb0000 | 0x7ffb0000 | 0x7ffd2fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| private_0x000000007ffd9000 | 0x7ffd9000 | 0x7ffd9fff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x000000007ffdf000 | 0x7ffdf000 | 0x7ffdffff | Private Memory | Readable, Writable |
|
|
|
- |
Threads
Thread 0xc20
374
0
| Category | Operation | Information | Success | Count | Logfile |
|---|---|---|---|---|---|
| System | Get Time | type = System Time, time = 2018-02-24 20:29:45 (UTC) |
|
1 | |
| System | Get Time | type = Ticks, time = 144425 |
|
1 | |
| Module | Get Handle | module_name = c:\windows\system32\cmd.exe, base_address = 0x4a750000 |
|
1 | |
| Module | Get Handle | module_name = c:\windows\system32\kernel32.dll, base_address = 0x76ed0000 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\kernel32.dll, function = SetThreadUILanguage, address_out = 0x76f224c2 |
|
1 | |
| Registry | Open Key | reg_name = HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\System |
|
1 | |
| File | Open | filename = STD_OUTPUT_HANDLE |
|
2 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| Environment | Get Environment String | - |
|
2 | |
| Registry | Open Key | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DisableUNCCheck, data = 224, type = REG_NONE |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = EnableExtensions, data = 1, type = REG_DWORD_LITTLE_ENDIAN |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DelayedExpansion, data = 1, type = REG_NONE |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DefaultColor, data = 0, type = REG_DWORD_LITTLE_ENDIAN |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = CompletionChar, data = 64, type = REG_DWORD_LITTLE_ENDIAN |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = PathCompletionChar, data = 64, type = REG_DWORD_LITTLE_ENDIAN |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = AutoRun, data = 64, type = REG_NONE |
|
1 | |
| Registry | Open Key | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor |
|
1 | |
| Registry | Read Value | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DisableUNCCheck, data = 64, type = REG_NONE |
|
1 | |
| Registry | Read Value | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = EnableExtensions, data = 1, type = REG_DWORD_LITTLE_ENDIAN |
|
1 | |
| Registry | Read Value | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DelayedExpansion, data = 1, type = REG_NONE |
|
1 | |
| Registry | Read Value | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DefaultColor, data = 0, type = REG_DWORD_LITTLE_ENDIAN |
|
1 | |
| Registry | Read Value | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = CompletionChar, data = 9, type = REG_DWORD_LITTLE_ENDIAN |
|
1 | |
| Registry | Read Value | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = PathCompletionChar, data = 9, type = REG_DWORD_LITTLE_ENDIAN |
|
1 | |
| Registry | Read Value | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = AutoRun, data = 9, type = REG_NONE |
|
1 | |
| Module | Get Filename | process_name = c:\windows\system32\cmd.exe, file_name_orig = C:\Windows\system32\cmd.exe, size = 260 |
|
1 | |
| Environment | Get Environment String | name = PATH, result_out = C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ |
|
1 | |
| Environment | Get Environment String | name = PATHEXT, result_out = .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC |
|
1 | |
| Environment | Get Environment String | name = PROMPT |
|
1 | |
| Environment | Set Environment String | name = PROMPT, value = $P$G |
|
1 | |
| Environment | Get Environment String | - |
|
1 | |
| Environment | Get Environment String | name = COMSPEC, result_out = C:\Windows\system32\cmd.exe |
|
1 | |
| Environment | Get Environment String | name = KEYS |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\Desktop, type = file_attributes |
|
2 | |
| Environment | Set Environment String | name = =C:, value = C:\Users\EEBsYm5\Desktop |
|
1 | |
| Environment | Get Environment String | - |
|
1 | |
| File | Open | filename = STD_OUTPUT_HANDLE |
|
1 | |
| File | Get Info | filename = STD_OUTPUT_HANDLE, type = file_type |
|
1 | |
| System | Get Info | type = Operating System |
|
1 | |
| File | Open | filename = STD_OUTPUT_HANDLE |
|
1 | |
| File | Get Info | filename = STD_OUTPUT_HANDLE, type = file_type |
|
1 | |
| File | Open | filename = STD_OUTPUT_HANDLE |
|
1 | |
| File | Write | filename = STD_OUTPUT_HANDLE, size = 36 |
|
1 | |
| File | Open | filename = STD_OUTPUT_HANDLE |
|
1 | |
| File | Get Info | filename = STD_OUTPUT_HANDLE, type = file_type |
|
1 | |
| File | Open | filename = STD_OUTPUT_HANDLE |
|
1 | |
| File | Write | filename = STD_OUTPUT_HANDLE, size = 2 |
|
1 | |
| File | Open | filename = STD_OUTPUT_HANDLE |
|
1 | |
| File | Get Info | filename = STD_OUTPUT_HANDLE, type = file_type |
|
1 | |
| File | Open | filename = STD_OUTPUT_HANDLE |
|
1 | |
| File | Write | filename = STD_OUTPUT_HANDLE, size = 63 |
|
1 | |
| File | Open | filename = STD_OUTPUT_HANDLE |
|
1 | |
| File | Get Info | filename = STD_OUTPUT_HANDLE, type = file_type |
|
1 | |
| File | Open | filename = STD_OUTPUT_HANDLE |
|
1 | |
| File | Write | filename = STD_OUTPUT_HANDLE, size = 2 |
|
1 | |
| Module | Get Handle | module_name = c:\windows\system32\kernel32.dll, base_address = 0x76ed0000 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\kernel32.dll, function = CopyFileExW, address_out = 0x76f0ac6c |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\kernel32.dll, function = IsDebuggerPresent, address_out = 0x76f13ea8 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\kernel32.dll, function = SetConsoleInputExeNameW, address_out = 0x76f22732 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = STD_INPUT_HANDLE, type = file_type |
|
1 | |
| File | Open | filename = STD_OUTPUT_HANDLE |
|
1 | |
| File | Get Info | filename = STD_OUTPUT_HANDLE, type = file_type |
|
1 | |
| File | Open | filename = STD_OUTPUT_HANDLE |
|
1 | |
| File | Write | filename = STD_OUTPUT_HANDLE, size = 2 |
|
1 | |
| Environment | Get Environment String | name = PROMPT, result_out = $P$G |
|
1 | |
| File | Open | filename = STD_OUTPUT_HANDLE |
|
1 | |
| File | Get Info | filename = STD_OUTPUT_HANDLE, type = file_type |
|
1 | |
| File | Open | filename = STD_OUTPUT_HANDLE |
|
1 | |
| File | Write | filename = STD_OUTPUT_HANDLE, size = 25 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = STD_INPUT_HANDLE, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = STD_INPUT_HANDLE, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Open | filename = STD_OUTPUT_HANDLE |
|
1 | |
| File | Get Info | filename = STD_OUTPUT_HANDLE, type = file_type |
|
1 | |
| File | Open | filename = STD_OUTPUT_HANDLE |
|
1 | |
| File | Write | filename = STD_OUTPUT_HANDLE, size = 131 |
|
1 | |
| Environment | Get Environment String | name = PATH, result_out = C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ |
|
1 | |
| Environment | Get Environment String | name = PATHEXT, result_out = .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC |
|
1 | |
| File | Open | filename = STD_ERROR_HANDLE |
|
1 | |
| File | Get Info | filename = STD_ERROR_HANDLE, type = file_type |
|
1 | |
| File | Open | filename = STD_ERROR_HANDLE |
|
1 | |
| File | Write | filename = STD_ERROR_HANDLE, size = 95 |
|
1 | |
| File | Open | filename = STD_OUTPUT_HANDLE |
|
1 | |
| File | Get Info | filename = STD_OUTPUT_HANDLE, type = file_type |
|
1 | |
| File | Open | filename = STD_OUTPUT_HANDLE |
|
1 | |
| File | Write | filename = STD_OUTPUT_HANDLE, size = 24 |
|
1 | |
| File | Open | filename = STD_OUTPUT_HANDLE |
|
2 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Open | filename = STD_OUTPUT_HANDLE |
|
1 | |
| File | Get Info | filename = STD_OUTPUT_HANDLE, type = file_type |
|
1 | |
| File | Open | filename = STD_OUTPUT_HANDLE |
|
1 | |
| File | Write | filename = STD_OUTPUT_HANDLE, size = 2 |
|
1 | |
| File | Open | filename = STD_OUTPUT_HANDLE |
|
1 | |
| File | Get Info | filename = STD_OUTPUT_HANDLE, type = file_type |
|
1 | |
| File | Open | filename = STD_OUTPUT_HANDLE |
|
1 | |
| File | Write | filename = STD_OUTPUT_HANDLE, size = 25 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = STD_INPUT_HANDLE, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 0 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = STD_INPUT_HANDLE, type = file_type |
|
1 | |
| File | Open | filename = STD_OUTPUT_HANDLE |
|
2 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 |
Process #14: cmd.exe
374
0
| Information | Value |
|---|---|
| ID | #14 |
| File Name | c:\windows\system32\cmd.exe |
| Command Line | cmd.exe |
| Initial Working Directory | C:\Users\EEBsYm5\Desktop\ |
| Monitor | Start Time: 00:01:34, Reason: Child Process |
| Unmonitor | End Time: 00:02:41, Reason: Terminated by Timeout |
| Monitor Duration | 00:01:07 |
OS Process Information
| Information | Value |
|---|---|
| PID | 0xc74 |
| Parent PID | 0xa14 (c:\program files\java\jre7\bin\java.exe) |
| Is Created or Modified Executable |
|
| Integrity Level | High (Elevated) |
| Username | CRH2YWU7\EEBsYm5 |
| Enabled Privileges | SeChangeNotifyPrivilege, SeImpersonatePrivilege, SeCreateGlobalPrivilege |
| Thread IDs |
0x
C78
|
Region
| Name | Start VA | End VA | Type | Permissions | Monitored | Dumped | YARA | Actions |
|---|---|---|---|---|---|---|---|---|
| private_0x0000000000010000 | 0x00010000 | 0x0002ffff | Private Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x0000000000010000 | 0x00010000 | 0x0001ffff | Pagefile Backed Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x0000000000020000 | 0x00020000 | 0x0002ffff | Pagefile Backed Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x0000000000030000 | 0x00030000 | 0x00033fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| pagefile_0x0000000000040000 | 0x00040000 | 0x00040fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| locale.nls | 0x00050000 | 0x000b6fff | Memory Mapped File | Readable |
|
|
|
- |
| pagefile_0x00000000000c0000 | 0x000c0000 | 0x000c6fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| private_0x00000000000d0000 | 0x000d0000 | 0x001cffff | Private Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x00000000001d0000 | 0x001d0000 | 0x001d1fff | Pagefile Backed Memory | Readable, Writable |
|
|
|
- |
| private_0x00000000001e0000 | 0x001e0000 | 0x002dffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x00000000002e0000 | 0x002e0000 | 0x002e0fff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x00000000002f0000 | 0x002f0000 | 0x002f0fff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x00000000003a0000 | 0x003a0000 | 0x003affff | Private Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x00000000003b0000 | 0x003b0000 | 0x00477fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| pagefile_0x0000000000480000 | 0x00480000 | 0x00580fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| pagefile_0x0000000000590000 | 0x00590000 | 0x0118ffff | Pagefile Backed Memory | Readable |
|
|
|
- |
| pagefile_0x0000000001190000 | 0x01190000 | 0x012f2fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| basebrd.dll | 0x01300000 | 0x013c7fff | Memory Mapped File | Readable |
|
|
|
- |
| pagefile_0x00000000013d0000 | 0x013d0000 | 0x017c2fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| sortdefault.nls | 0x017d0000 | 0x01a9efff | Memory Mapped File | Readable |
|
|
|
- |
| cmd.exe | 0x4a090000 | 0x4a0dbfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| winbrand.dll | 0x6f540000 | 0x6f546fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| kernelbase.dll | 0x75490000 | 0x754d9fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| imm32.dll | 0x76920000 | 0x7693efff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| gdi32.dll | 0x76970000 | 0x769bdfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| user32.dll | 0x769c0000 | 0x76a88fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| usp10.dll | 0x76bd0000 | 0x76c6cfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| kernel32.dll | 0x76ed0000 | 0x76fa3fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| msctf.dll | 0x77050000 | 0x7711bfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| ntdll.dll | 0x77120000 | 0x7725bfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| lpk.dll | 0x77290000 | 0x77299fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| msvcrt.dll | 0x772a0000 | 0x7734bfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| apisetschema.dll | 0x77360000 | 0x77360fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| pagefile_0x000000007f6f0000 | 0x7f6f0000 | 0x7f7effff | Pagefile Backed Memory | Readable |
|
|
|
- |
| pagefile_0x000000007ffb0000 | 0x7ffb0000 | 0x7ffd2fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| private_0x000000007ffdd000 | 0x7ffdd000 | 0x7ffddfff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x000000007ffdf000 | 0x7ffdf000 | 0x7ffdffff | Private Memory | Readable, Writable |
|
|
|
- |
Threads
Thread 0xc78
374
0
| Category | Operation | Information | Success | Count | Logfile |
|---|---|---|---|---|---|
| System | Get Time | type = System Time, time = 2018-02-24 20:29:55 (UTC) |
|
1 | |
| System | Get Time | type = Ticks, time = 154815 |
|
1 | |
| Module | Get Handle | module_name = c:\windows\system32\cmd.exe, base_address = 0x4a090000 |
|
1 | |
| Module | Get Handle | module_name = c:\windows\system32\kernel32.dll, base_address = 0x76ed0000 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\kernel32.dll, function = SetThreadUILanguage, address_out = 0x76f224c2 |
|
1 | |
| Registry | Open Key | reg_name = HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\System |
|
1 | |
| File | Open | filename = STD_OUTPUT_HANDLE |
|
2 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| Environment | Get Environment String | - |
|
2 | |
| Registry | Open Key | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DisableUNCCheck, data = 224, type = REG_NONE |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = EnableExtensions, data = 1, type = REG_DWORD_LITTLE_ENDIAN |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DelayedExpansion, data = 1, type = REG_NONE |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = DefaultColor, data = 0, type = REG_DWORD_LITTLE_ENDIAN |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = CompletionChar, data = 64, type = REG_DWORD_LITTLE_ENDIAN |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = PathCompletionChar, data = 64, type = REG_DWORD_LITTLE_ENDIAN |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor, value_name = AutoRun, data = 64, type = REG_NONE |
|
1 | |
| Registry | Open Key | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor |
|
1 | |
| Registry | Read Value | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DisableUNCCheck, data = 64, type = REG_NONE |
|
1 | |
| Registry | Read Value | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = EnableExtensions, data = 1, type = REG_DWORD_LITTLE_ENDIAN |
|
1 | |
| Registry | Read Value | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DelayedExpansion, data = 1, type = REG_NONE |
|
1 | |
| Registry | Read Value | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = DefaultColor, data = 0, type = REG_DWORD_LITTLE_ENDIAN |
|
1 | |
| Registry | Read Value | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = CompletionChar, data = 9, type = REG_DWORD_LITTLE_ENDIAN |
|
1 | |
| Registry | Read Value | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = PathCompletionChar, data = 9, type = REG_DWORD_LITTLE_ENDIAN |
|
1 | |
| Registry | Read Value | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Command Processor, value_name = AutoRun, data = 9, type = REG_NONE |
|
1 | |
| Module | Get Filename | process_name = c:\windows\system32\cmd.exe, file_name_orig = C:\Windows\system32\cmd.exe, size = 260 |
|
1 | |
| Environment | Get Environment String | name = PATH, result_out = C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ |
|
1 | |
| Environment | Get Environment String | name = PATHEXT, result_out = .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC |
|
1 | |
| Environment | Get Environment String | name = PROMPT |
|
1 | |
| Environment | Set Environment String | name = PROMPT, value = $P$G |
|
1 | |
| Environment | Get Environment String | - |
|
1 | |
| Environment | Get Environment String | name = COMSPEC, result_out = C:\Windows\system32\cmd.exe |
|
1 | |
| Environment | Get Environment String | name = KEYS |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\Desktop, type = file_attributes |
|
2 | |
| Environment | Set Environment String | name = =C:, value = C:\Users\EEBsYm5\Desktop |
|
1 | |
| Environment | Get Environment String | - |
|
1 | |
| File | Open | filename = STD_OUTPUT_HANDLE |
|
1 | |
| File | Get Info | filename = STD_OUTPUT_HANDLE, type = file_type |
|
1 | |
| System | Get Info | type = Operating System |
|
1 | |
| File | Open | filename = STD_OUTPUT_HANDLE |
|
1 | |
| File | Get Info | filename = STD_OUTPUT_HANDLE, type = file_type |
|
1 | |
| File | Open | filename = STD_OUTPUT_HANDLE |
|
1 | |
| File | Write | filename = STD_OUTPUT_HANDLE, size = 36 |
|
1 | |
| File | Open | filename = STD_OUTPUT_HANDLE |
|
1 | |
| File | Get Info | filename = STD_OUTPUT_HANDLE, type = file_type |
|
1 | |
| File | Open | filename = STD_OUTPUT_HANDLE |
|
1 | |
| File | Write | filename = STD_OUTPUT_HANDLE, size = 2 |
|
1 | |
| File | Open | filename = STD_OUTPUT_HANDLE |
|
1 | |
| File | Get Info | filename = STD_OUTPUT_HANDLE, type = file_type |
|
1 | |
| File | Open | filename = STD_OUTPUT_HANDLE |
|
1 | |
| File | Write | filename = STD_OUTPUT_HANDLE, size = 63 |
|
1 | |
| File | Open | filename = STD_OUTPUT_HANDLE |
|
1 | |
| File | Get Info | filename = STD_OUTPUT_HANDLE, type = file_type |
|
1 | |
| File | Open | filename = STD_OUTPUT_HANDLE |
|
1 | |
| File | Write | filename = STD_OUTPUT_HANDLE, size = 2 |
|
1 | |
| Module | Get Handle | module_name = c:\windows\system32\kernel32.dll, base_address = 0x76ed0000 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\kernel32.dll, function = CopyFileExW, address_out = 0x76f0ac6c |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\kernel32.dll, function = IsDebuggerPresent, address_out = 0x76f13ea8 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\kernel32.dll, function = SetConsoleInputExeNameW, address_out = 0x76f22732 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = STD_INPUT_HANDLE, type = file_type |
|
1 | |
| File | Open | filename = STD_OUTPUT_HANDLE |
|
1 | |
| File | Get Info | filename = STD_OUTPUT_HANDLE, type = file_type |
|
1 | |
| File | Open | filename = STD_OUTPUT_HANDLE |
|
1 | |
| File | Write | filename = STD_OUTPUT_HANDLE, size = 2 |
|
1 | |
| Environment | Get Environment String | name = PROMPT, result_out = $P$G |
|
1 | |
| File | Open | filename = STD_OUTPUT_HANDLE |
|
1 | |
| File | Get Info | filename = STD_OUTPUT_HANDLE, type = file_type |
|
1 | |
| File | Open | filename = STD_OUTPUT_HANDLE |
|
1 | |
| File | Write | filename = STD_OUTPUT_HANDLE, size = 25 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = STD_INPUT_HANDLE, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 1 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = STD_INPUT_HANDLE, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Open | filename = STD_OUTPUT_HANDLE |
|
1 | |
| File | Get Info | filename = STD_OUTPUT_HANDLE, type = file_type |
|
1 | |
| File | Open | filename = STD_OUTPUT_HANDLE |
|
1 | |
| File | Write | filename = STD_OUTPUT_HANDLE, size = 131 |
|
1 | |
| Environment | Get Environment String | name = PATH, result_out = C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\ |
|
1 | |
| Environment | Get Environment String | name = PATHEXT, result_out = .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC |
|
1 | |
| File | Open | filename = STD_ERROR_HANDLE |
|
1 | |
| File | Get Info | filename = STD_ERROR_HANDLE, type = file_type |
|
1 | |
| File | Open | filename = STD_ERROR_HANDLE |
|
1 | |
| File | Write | filename = STD_ERROR_HANDLE, size = 95 |
|
1 | |
| File | Open | filename = STD_OUTPUT_HANDLE |
|
1 | |
| File | Get Info | filename = STD_OUTPUT_HANDLE, type = file_type |
|
1 | |
| File | Open | filename = STD_OUTPUT_HANDLE |
|
1 | |
| File | Write | filename = STD_OUTPUT_HANDLE, size = 24 |
|
1 | |
| File | Open | filename = STD_OUTPUT_HANDLE |
|
2 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Open | filename = STD_OUTPUT_HANDLE |
|
1 | |
| File | Get Info | filename = STD_OUTPUT_HANDLE, type = file_type |
|
1 | |
| File | Open | filename = STD_OUTPUT_HANDLE |
|
1 | |
| File | Write | filename = STD_OUTPUT_HANDLE, size = 2 |
|
1 | |
| File | Open | filename = STD_OUTPUT_HANDLE |
|
1 | |
| File | Get Info | filename = STD_OUTPUT_HANDLE, type = file_type |
|
1 | |
| File | Open | filename = STD_OUTPUT_HANDLE |
|
1 | |
| File | Write | filename = STD_OUTPUT_HANDLE, size = 25 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = STD_INPUT_HANDLE, type = file_type |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Read | filename = STD_INPUT_HANDLE, size = 1, size_out = 0 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = STD_INPUT_HANDLE, type = file_type |
|
1 | |
| File | Open | filename = STD_OUTPUT_HANDLE |
|
2 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 |
Process #15: reg.exe
9
0
| Information | Value |
|---|---|
| ID | #15 |
| File Name | c:\windows\system32\reg.exe |
| Command Line | reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v eUOfVMeBSPH /t REG_EXPAND_SZ /d "\"C:\Users\EEBsYm5\AppData\Roaming\Oracle\bin\javaw.exe\" -jar \"C:\Users\EEBsYm5\PKcVbKSqerl\ZpEbztPLUfw.BnNKgj\"" /f |
| Initial Working Directory | C:\Users\EEBsYm5\Desktop\ |
| Monitor | Start Time: 00:01:37, Reason: Child Process |
| Unmonitor | End Time: 00:02:41, Reason: Terminated by Timeout |
| Monitor Duration | 00:01:04 |
OS Process Information
| Information | Value |
|---|---|
| PID | 0xcec |
| Parent PID | 0xa14 (c:\program files\java\jre7\bin\java.exe) |
| Is Created or Modified Executable |
|
| Integrity Level | High (Elevated) |
| Username | CRH2YWU7\EEBsYm5 |
| Enabled Privileges | SeChangeNotifyPrivilege, SeImpersonatePrivilege, SeCreateGlobalPrivilege |
| Thread IDs |
0x
CF0
|
Region
| Name | Start VA | End VA | Type | Permissions | Monitored | Dumped | YARA | Actions |
|---|---|---|---|---|---|---|---|---|
| private_0x0000000000010000 | 0x00010000 | 0x0002ffff | Private Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x0000000000010000 | 0x00010000 | 0x0001ffff | Pagefile Backed Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x0000000000020000 | 0x00020000 | 0x0002ffff | Pagefile Backed Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x0000000000030000 | 0x00030000 | 0x00033fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| pagefile_0x0000000000040000 | 0x00040000 | 0x00040fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| locale.nls | 0x00050000 | 0x000b6fff | Memory Mapped File | Readable |
|
|
|
- |
| pagefile_0x00000000000c0000 | 0x000c0000 | 0x000c6fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| pagefile_0x00000000000d0000 | 0x000d0000 | 0x000d1fff | Pagefile Backed Memory | Readable, Writable |
|
|
|
- |
| reg.exe.mui | 0x000e0000 | 0x000e8fff | Memory Mapped File | Readable, Writable |
|
|
|
- |
| private_0x00000000000f0000 | 0x000f0000 | 0x000f0fff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000000100000 | 0x00100000 | 0x00100fff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000000110000 | 0x00110000 | 0x0014ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x00000000001f0000 | 0x001f0000 | 0x002effff | Private Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x00000000002f0000 | 0x002f0000 | 0x003b7fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| kernelbase.dll.mui | 0x003c0000 | 0x0047ffff | Memory Mapped File | Readable, Writable |
|
|
|
- |
| private_0x0000000000490000 | 0x00490000 | 0x0049ffff | Private Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x00000000004a0000 | 0x004a0000 | 0x005a0fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| sortdefault.nls | 0x005b0000 | 0x0087efff | Memory Mapped File | Readable |
|
|
|
- |
| reg.exe | 0x00e00000 | 0x00e51fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| pagefile_0x0000000000e60000 | 0x00e60000 | 0x01a5ffff | Pagefile Backed Memory | Readable |
|
|
|
- |
| kernelbase.dll | 0x75490000 | 0x754d9fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| rpcrt4.dll | 0x761c0000 | 0x76260fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| sechost.dll | 0x76470000 | 0x76488fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| ws2_32.dll | 0x76630000 | 0x76664fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| imm32.dll | 0x76920000 | 0x7693efff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| gdi32.dll | 0x76970000 | 0x769bdfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| user32.dll | 0x769c0000 | 0x76a88fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| shlwapi.dll | 0x76a90000 | 0x76ae6fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| usp10.dll | 0x76bd0000 | 0x76c6cfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| kernel32.dll | 0x76ed0000 | 0x76fa3fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| advapi32.dll | 0x76fb0000 | 0x7704ffff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| msctf.dll | 0x77050000 | 0x7711bfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| ntdll.dll | 0x77120000 | 0x7725bfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| nsi.dll | 0x77270000 | 0x77275fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| lpk.dll | 0x77290000 | 0x77299fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| msvcrt.dll | 0x772a0000 | 0x7734bfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| apisetschema.dll | 0x77360000 | 0x77360fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| pagefile_0x000000007f6f0000 | 0x7f6f0000 | 0x7f7effff | Pagefile Backed Memory | Readable |
|
|
|
- |
| pagefile_0x000000007ffb0000 | 0x7ffb0000 | 0x7ffd2fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| private_0x000000007ffde000 | 0x7ffde000 | 0x7ffdefff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x000000007ffdf000 | 0x7ffdf000 | 0x7ffdffff | Private Memory | Readable, Writable |
|
|
|
- |
Threads
Thread 0xcf0
9
0
| Category | Operation | Information | Success | Count | Logfile |
|---|---|---|---|---|---|
| System | Get Time | type = System Time, time = 2018-02-24 20:29:58 (UTC) |
|
1 | |
| System | Get Time | type = Ticks, time = 158075 |
|
1 | |
| Module | Get Handle | module_name = c:\windows\system32\reg.exe, base_address = 0xe00000 |
|
1 | |
| Registry | Open Key | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System |
|
1 | |
| Registry | Create Key | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run |
|
1 | |
| Registry | Read Value | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, value_name = eUOfVMeBSPH |
|
1 | |
| Registry | Write Value | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, value_name = eUOfVMeBSPH, data = "C:\Users\EEBsYm5\AppData\Roaming\Oracle\bin\javaw.exe" -jar "C:\Users\EEBsYm5\PKcVbKSqerl\ZpEbztPLUfw.BnNKgj", size = 222, type = REG_EXPAND_SZ |
|
1 | |
| File | Open | filename = STD_OUTPUT_HANDLE |
|
1 | |
| File | Get Info | filename = STD_OUTPUT_HANDLE, type = file_type |
|
1 |
Process #16: attrib.exe
0
0
| Information | Value |
|---|---|
| ID | #16 |
| File Name | c:\windows\system32\attrib.exe |
| Command Line | attrib +h "C:\Users\EEBsYm5\PKcVbKSqerl\*.*" |
| Initial Working Directory | C:\Users\EEBsYm5\Desktop\ |
| Monitor | Start Time: 00:01:37, Reason: Child Process |
| Unmonitor | End Time: 00:02:41, Reason: Terminated by Timeout |
| Monitor Duration | 00:01:04 |
| Remarks | No high level activity detected in monitored regions |
OS Process Information
| Information | Value |
|---|---|
| PID | 0xcf4 |
| Parent PID | 0xa14 (c:\program files\java\jre7\bin\java.exe) |
| Is Created or Modified Executable |
|
| Integrity Level | High (Elevated) |
| Username | CRH2YWU7\EEBsYm5 |
| Enabled Privileges | SeChangeNotifyPrivilege, SeImpersonatePrivilege, SeCreateGlobalPrivilege |
| Thread IDs |
0x
CF8
|
Region
| Name | Start VA | End VA | Type | Permissions | Monitored | Dumped | YARA | Actions |
|---|---|---|---|---|---|---|---|---|
| private_0x0000000000010000 | 0x00010000 | 0x0002ffff | Private Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x0000000000010000 | 0x00010000 | 0x0001ffff | Pagefile Backed Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x0000000000020000 | 0x00020000 | 0x0002ffff | Pagefile Backed Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x0000000000030000 | 0x00030000 | 0x00033fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| pagefile_0x0000000000040000 | 0x00040000 | 0x00040fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| locale.nls | 0x00050000 | 0x000b6fff | Memory Mapped File | Readable |
|
|
|
- |
| private_0x00000000000f0000 | 0x000f0000 | 0x0012ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000000160000 | 0x00160000 | 0x0025ffff | Private Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x0000000000260000 | 0x00260000 | 0x00327fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| private_0x00000000003d0000 | 0x003d0000 | 0x003dffff | Private Memory | Readable, Writable |
|
|
|
- |
| attrib.exe | 0x00a80000 | 0x00a86fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| ulib.dll | 0x6f4e0000 | 0x6f4fcfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| kernelbase.dll | 0x75490000 | 0x754d9fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| rpcrt4.dll | 0x761c0000 | 0x76260fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| sechost.dll | 0x76470000 | 0x76488fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| imm32.dll | 0x76920000 | 0x7693efff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| gdi32.dll | 0x76970000 | 0x769bdfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| user32.dll | 0x769c0000 | 0x76a88fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| usp10.dll | 0x76bd0000 | 0x76c6cfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| kernel32.dll | 0x76ed0000 | 0x76fa3fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| advapi32.dll | 0x76fb0000 | 0x7704ffff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| msctf.dll | 0x77050000 | 0x7711bfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| ntdll.dll | 0x77120000 | 0x7725bfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| lpk.dll | 0x77290000 | 0x77299fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| msvcrt.dll | 0x772a0000 | 0x7734bfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| apisetschema.dll | 0x77360000 | 0x77360fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| pagefile_0x000000007f6f0000 | 0x7f6f0000 | 0x7f7effff | Pagefile Backed Memory | Readable |
|
|
|
- |
| pagefile_0x000000007ffb0000 | 0x7ffb0000 | 0x7ffd2fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| private_0x000000007ffde000 | 0x7ffde000 | 0x7ffdefff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x000000007ffdf000 | 0x7ffdf000 | 0x7ffdffff | Private Memory | Readable, Writable |
|
|
|
- |
Process #17: attrib.exe
0
0
| Information | Value |
|---|---|
| ID | #17 |
| File Name | c:\windows\system32\attrib.exe |
| Command Line | attrib +h "C:\Users\EEBsYm5\PKcVbKSqerl" |
| Initial Working Directory | C:\Users\EEBsYm5\Desktop\ |
| Monitor | Start Time: 00:01:37, Reason: Child Process |
| Unmonitor | End Time: 00:02:41, Reason: Terminated by Timeout |
| Monitor Duration | 00:01:04 |
| Remarks | No high level activity detected in monitored regions |
OS Process Information
| Information | Value |
|---|---|
| PID | 0xcfc |
| Parent PID | 0xa14 (c:\program files\java\jre7\bin\java.exe) |
| Is Created or Modified Executable |
|
| Integrity Level | High (Elevated) |
| Username | CRH2YWU7\EEBsYm5 |
| Enabled Privileges | SeChangeNotifyPrivilege, SeImpersonatePrivilege, SeCreateGlobalPrivilege |
| Thread IDs |
0x
D00
|
Region
| Name | Start VA | End VA | Type | Permissions | Monitored | Dumped | YARA | Actions |
|---|---|---|---|---|---|---|---|---|
| private_0x0000000000010000 | 0x00010000 | 0x0002ffff | Private Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x0000000000010000 | 0x00010000 | 0x0001ffff | Pagefile Backed Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x0000000000020000 | 0x00020000 | 0x0002ffff | Pagefile Backed Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x0000000000030000 | 0x00030000 | 0x00033fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| pagefile_0x0000000000040000 | 0x00040000 | 0x00040fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| locale.nls | 0x00050000 | 0x000b6fff | Memory Mapped File | Readable |
|
|
|
- |
| private_0x00000000000f0000 | 0x000f0000 | 0x000fffff | Private Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x0000000000100000 | 0x00100000 | 0x001c7fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| private_0x00000000001f0000 | 0x001f0000 | 0x0022ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000000310000 | 0x00310000 | 0x0040ffff | Private Memory | Readable, Writable |
|
|
|
- |
| attrib.exe | 0x00a80000 | 0x00a86fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| ulib.dll | 0x6ea40000 | 0x6ea5cfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| kernelbase.dll | 0x75490000 | 0x754d9fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| rpcrt4.dll | 0x761c0000 | 0x76260fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| sechost.dll | 0x76470000 | 0x76488fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| imm32.dll | 0x76920000 | 0x7693efff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| gdi32.dll | 0x76970000 | 0x769bdfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| user32.dll | 0x769c0000 | 0x76a88fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| usp10.dll | 0x76bd0000 | 0x76c6cfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| kernel32.dll | 0x76ed0000 | 0x76fa3fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| advapi32.dll | 0x76fb0000 | 0x7704ffff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| msctf.dll | 0x77050000 | 0x7711bfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| ntdll.dll | 0x77120000 | 0x7725bfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| lpk.dll | 0x77290000 | 0x77299fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| msvcrt.dll | 0x772a0000 | 0x7734bfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| apisetschema.dll | 0x77360000 | 0x77360fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| pagefile_0x000000007f6f0000 | 0x7f6f0000 | 0x7f7effff | Pagefile Backed Memory | Readable |
|
|
|
- |
| pagefile_0x000000007ffb0000 | 0x7ffb0000 | 0x7ffd2fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| private_0x000000007ffd9000 | 0x7ffd9000 | 0x7ffd9fff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x000000007ffdf000 | 0x7ffdf000 | 0x7ffdffff | Private Memory | Readable, Writable |
|
|
|
- |
Process #18: javaw.exe
1481
8
| Information | Value |
|---|---|
| ID | #18 |
| File Name | c:\users\eebsym5\appdata\roaming\oracle\bin\javaw.exe |
| Command Line | C:\Users\EEBsYm5\AppData\Roaming\Oracle\bin\javaw.exe -jar C:\Users\EEBsYm5\PKcVbKSqerl\ZpEbztPLUfw.BnNKgj |
| Initial Working Directory | C:\Users\EEBsYm5\AppData\Local\Temp\ |
| Monitor | Start Time: 00:01:37, Reason: Child Process |
| Unmonitor | End Time: 00:02:41, Reason: Terminated by Timeout |
| Monitor Duration | 00:01:04 |
OS Process Information
| Information | Value |
|---|---|
| PID | 0xd04 |
| Parent PID | 0xa14 (c:\program files\java\jre7\bin\java.exe) |
| Is Created or Modified Executable |
|
| Integrity Level | High (Elevated) |
| Username | CRH2YWU7\EEBsYm5 |
| Enabled Privileges | SeChangeNotifyPrivilege, SeImpersonatePrivilege, SeCreateGlobalPrivilege |
| Thread IDs |
0x
D08
0x
D40
0x
D44
0x
D48
0x
D4C
0x
D50
0x
D58
0x
D54
0x
D60
0x
D5C
0x
D68
|
Region
| Name | Start VA | End VA | Type | Permissions | Monitored | Dumped | YARA | Actions |
|---|---|---|---|---|---|---|---|---|
| private_0x0000000000010000 | 0x00010000 | 0x0002ffff | Private Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x0000000000010000 | 0x00010000 | 0x0001ffff | Pagefile Backed Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000000020000 | 0x00020000 | 0x00020fff | Private Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x0000000000030000 | 0x00030000 | 0x00033fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| pagefile_0x0000000000040000 | 0x00040000 | 0x00042fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| private_0x0000000000050000 | 0x00050000 | 0x00050fff | Private Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x0000000000060000 | 0x00060000 | 0x00060fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| pagefile_0x0000000000070000 | 0x00070000 | 0x00071fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| pagefile_0x0000000000080000 | 0x00080000 | 0x00086fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| pagefile_0x0000000000090000 | 0x00090000 | 0x00091fff | Pagefile Backed Memory | Readable, Writable |
|
|
|
- |
| private_0x00000000000a0000 | 0x000a0000 | 0x000a0fff | Private Memory | Readable |
|
|
|
- |
| private_0x00000000000b0000 | 0x000b0000 | 0x001affff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x00000000001b0000 | 0x001b0000 | 0x001fffff | Private Memory | Readable, Writable |
|
|
|
- |
| locale.nls | 0x00200000 | 0x00266fff | Memory Mapped File | Readable |
|
|
|
- |
| pagefile_0x0000000000270000 | 0x00270000 | 0x00337fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| private_0x0000000000340000 | 0x00340000 | 0x00340fff | Private Memory | Readable, Writable |
|
|
|
- |
| 3332 | 0x00350000 | 0x0035ffff | Memory Mapped File | Readable, Writable |
|
|
|
|
| private_0x0000000000360000 | 0x00360000 | 0x0036ffff | Private Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x0000000000370000 | 0x00370000 | 0x00470fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| private_0x0000000000480000 | 0x00480000 | 0x0058ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000000480000 | 0x00480000 | 0x0057ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000000580000 | 0x00580000 | 0x0058ffff | Private Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x0000000000590000 | 0x00590000 | 0x00982fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| private_0x0000000000990000 | 0x00990000 | 0x009effff | Private Memory | Readable, Writable |
|
|
|
- |
| javaw.exe | 0x009f0000 | 0x00a1efff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| pagefile_0x0000000000a20000 | 0x00a20000 | 0x0161ffff | Pagefile Backed Memory | Readable |
|
|
|
- |
| private_0x0000000001620000 | 0x01620000 | 0x0178ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000001620000 | 0x01620000 | 0x0175ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000001620000 | 0x01620000 | 0x0171ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000001720000 | 0x01720000 | 0x0175ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000001760000 | 0x01760000 | 0x0176ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000001770000 | 0x01770000 | 0x0177ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000001780000 | 0x01780000 | 0x0178ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000001790000 | 0x01790000 | 0x017bffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x00000000017d0000 | 0x017d0000 | 0x0181ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000001820000 | 0x01820000 | 0x0381ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000003820000 | 0x03820000 | 0x0389ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x00000000038a0000 | 0x038a0000 | 0x0394ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000003950000 | 0x03950000 | 0x0399ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x00000000039d0000 | 0x039d0000 | 0x03a1ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000003a50000 | 0x03a50000 | 0x03a9ffff | Private Memory | Readable, Writable |
|
|
|
- |
| rsaenh.dll | 0x03aa0000 | 0x03adbfff | Memory Mapped File | Readable |
|
|
|
- |
| private_0x0000000003ae0000 | 0x03ae0000 | 0x03b2ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000003b30000 | 0x03b30000 | 0x03b7ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000003b90000 | 0x03b90000 | 0x03bdffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000003c00000 | 0x03c00000 | 0x03c4ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000003c50000 | 0x03c50000 | 0x03caffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000003c50000 | 0x03c50000 | 0x03c9ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000003ca0000 | 0x03ca0000 | 0x03caffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000003ce0000 | 0x03ce0000 | 0x03d2ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000003d50000 | 0x03d50000 | 0x03d9ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000003da0000 | 0x03da0000 | 0x03f9ffff | Private Memory | Readable, Writable |
|
|
|
- |
| sortdefault.nls | 0x03fa0000 | 0x0426efff | Memory Mapped File | Readable |
|
|
|
- |
| private_0x0000000004270000 | 0x04270000 | 0x0466ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000004670000 | 0x04670000 | 0x0476ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000004770000 | 0x04770000 | 0x0494ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000004770000 | 0x04770000 | 0x048fffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000004770000 | 0x04770000 | 0x0486ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x00000000048c0000 | 0x048c0000 | 0x048fffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000004910000 | 0x04910000 | 0x0494ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000023860000 | 0x23860000 | 0x28daffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000028db0000 | 0x28db0000 | 0x3385ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000033860000 | 0x33860000 | 0x3785ffff | Private Memory | Readable, Writable |
|
|
|
- |
| classes.jsa | 0x37860000 | 0x37c9ffff | Memory Mapped File | Readable |
|
|
|
- |
| private_0x0000000037ca0000 | 0x37ca0000 | 0x3825ffff | Private Memory | Readable, Writable |
|
|
|
- |
| classes.jsa | 0x38260000 | 0x388affff | Memory Mapped File | Readable, Writable |
|
|
|
- |
| private_0x00000000388b0000 | 0x388b0000 | 0x38e5ffff | Private Memory | Readable, Writable |
|
|
|
- |
| classes.jsa | 0x38e60000 | 0x390cffff | Memory Mapped File | Readable, Writable |
|
|
|
- |
| private_0x00000000390d0000 | 0x390d0000 | 0x3925ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000039260000 | 0x39260000 | 0x3926ffff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000039270000 | 0x39270000 | 0x3965ffff | Private Memory | Readable, Writable |
|
|
|
- |
| jvm.dll | 0x6c3e0000 | 0x6c75ffff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| msvcr100.dll | 0x6d350000 | 0x6d40efff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| sunec.dll | 0x6d750000 | 0x6d76ffff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| sunmscapi.dll | 0x6dad0000 | 0x6dad8fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| net.dll | 0x6dae0000 | 0x6daf3fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| zip.dll | 0x6ea40000 | 0x6ea52fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| winmm.dll | 0x6eae0000 | 0x6eb11fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| rasadhlp.dll | 0x6eb20000 | 0x6eb25fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| nio.dll | 0x6f3c0000 | 0x6f3cefff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| java.dll | 0x6f4e0000 | 0x6f4fffff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| verify.dll | 0x6f540000 | 0x6f54bfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| wsock32.dll | 0x71ce0000 | 0x71ce6fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| fwpuclnt.dll | 0x73380000 | 0x733b7fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| winnsi.dll | 0x734c0000 | 0x734c6fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| iphlpapi.dll | 0x734d0000 | 0x734ebfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| nlaapi.dll | 0x735e0000 | 0x735effff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| winrnr.dll | 0x73c20000 | 0x73c27fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| pnrpnsp.dll | 0x73c30000 | 0x73c41fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| napinsp.dll | 0x73c60000 | 0x73c6ffff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| comctl32.dll | 0x74250000 | 0x743edfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| wshtcpip.dll | 0x74850000 | 0x74854fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| userenv.dll | 0x74920000 | 0x74936fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| rsaenh.dll | 0x74ae0000 | 0x74b1afff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| dnsapi.dll | 0x74bc0000 | 0x74c03fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| wship6.dll | 0x74cf0000 | 0x74cf5fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| mswsock.dll | 0x74d00000 | 0x74d3bfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| cryptsp.dll | 0x74d40000 | 0x74d55fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| cryptbase.dll | 0x751c0000 | 0x751cbfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| profapi.dll | 0x75270000 | 0x7527afff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| msasn1.dll | 0x752e0000 | 0x752ebfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| crypt32.dll | 0x75320000 | 0x7543cfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| kernelbase.dll | 0x75490000 | 0x754d9fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| rpcrt4.dll | 0x761c0000 | 0x76260fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| sechost.dll | 0x76470000 | 0x76488fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| ws2_32.dll | 0x76630000 | 0x76664fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| imm32.dll | 0x76920000 | 0x7693efff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| gdi32.dll | 0x76970000 | 0x769bdfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| user32.dll | 0x769c0000 | 0x76a88fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| shlwapi.dll | 0x76a90000 | 0x76ae6fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| usp10.dll | 0x76bd0000 | 0x76c6cfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| kernel32.dll | 0x76ed0000 | 0x76fa3fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| advapi32.dll | 0x76fb0000 | 0x7704ffff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| msctf.dll | 0x77050000 | 0x7711bfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| ntdll.dll | 0x77120000 | 0x7725bfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| psapi.dll | 0x77260000 | 0x77264fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| nsi.dll | 0x77270000 | 0x77275fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| lpk.dll | 0x77290000 | 0x77299fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| msvcrt.dll | 0x772a0000 | 0x7734bfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| apisetschema.dll | 0x77360000 | 0x77360fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| pagefile_0x000000007f6f0000 | 0x7f6f0000 | 0x7f7effff | Pagefile Backed Memory | Readable |
|
|
|
- |
| pagefile_0x000000007ffb0000 | 0x7ffb0000 | 0x7ffd2fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| private_0x000000007ffd4000 | 0x7ffd4000 | 0x7ffd4fff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x000000007ffd5000 | 0x7ffd5000 | 0x7ffd5fff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x000000007ffd6000 | 0x7ffd6000 | 0x7ffd6fff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x000000007ffd7000 | 0x7ffd7000 | 0x7ffd7fff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x000000007ffd8000 | 0x7ffd8000 | 0x7ffd8fff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x000000007ffd9000 | 0x7ffd9000 | 0x7ffd9fff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x000000007ffda000 | 0x7ffda000 | 0x7ffdafff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x000000007ffdb000 | 0x7ffdb000 | 0x7ffdbfff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x000000007ffdc000 | 0x7ffdc000 | 0x7ffdcfff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x000000007ffdd000 | 0x7ffdd000 | 0x7ffddfff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x000000007ffde000 | 0x7ffde000 | 0x7ffdefff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x000000007ffdf000 | 0x7ffdf000 | 0x7ffdffff | Private Memory | Readable, Writable |
|
|
|
- |
Threads
Thread 0xd08
41
0
| Category | Operation | Information | Success | Count | Logfile |
|---|---|---|---|---|---|
| System | Get Time | type = System Time, time = 2018-02-24 20:29:58 (UTC) |
|
1 | |
| System | Get Time | type = Ticks, time = 157826 |
|
1 | |
| Module | Get Handle | module_name = c:\windows\system32\kernel32.dll, base_address = 0x76ed0000 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\kernel32.dll, function = FlsAlloc, address_out = 0x76f2418d |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\kernel32.dll, function = FlsGetValue, address_out = 0x76f21e16 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\kernel32.dll, function = FlsSetValue, address_out = 0x76f276e6 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\kernel32.dll, function = FlsFree, address_out = 0x76f21f61 |
|
1 | |
| Module | Get Handle | module_name = c:\windows\system32\kernel32.dll, base_address = 0x76ed0000 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = STD_INPUT_HANDLE, type = file_type |
|
1 | |
| File | Open | filename = STD_OUTPUT_HANDLE |
|
1 | |
| File | Get Info | filename = STD_OUTPUT_HANDLE, type = file_type |
|
1 | |
| File | Open | filename = STD_ERROR_HANDLE |
|
1 | |
| File | Get Info | filename = STD_ERROR_HANDLE, type = file_type |
|
1 | |
| Environment | Get Environment String | - |
|
1 | |
| Module | Get Filename | process_name = c:\users\eebsym5\appdata\roaming\oracle\bin\javaw.exe, file_name_orig = C:\Users\EEBsYm5\AppData\Roaming\Oracle\bin\javaw.exe, size = 260 |
|
1 | |
| File | Get Info | type = file_type |
|
1 | |
| File | Read | size = 22, size_out = 22 |
|
1 | |
| File | Read | size = 1024, size_out = 1024 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 173, size_out = 173 |
|
1 | |
| Module | Get Filename | process_name = c:\users\eebsym5\appdata\roaming\oracle\bin\javaw.exe, file_name_orig = C:\Users\EEBsYm5\AppData\Roaming\Oracle\bin\javaw.exe, size = 260 |
|
1 | |
| File | Get Info | type = file_type |
|
1 | |
| File | Read | size = 4096, size_out = 686 |
|
1 | |
| File | Read | size = 4096, size_out = 0 |
|
1 | |
| Module | Get Handle | module_name = c:\windows\system32\kernel32.dll, base_address = 0x76ed0000 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\kernel32.dll, function = FlsAlloc, address_out = 0x76f2418d |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\kernel32.dll, function = FlsGetValue, address_out = 0x76f21e16 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\kernel32.dll, function = FlsSetValue, address_out = 0x76f276e6 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\kernel32.dll, function = FlsFree, address_out = 0x76f21f61 |
|
1 | |
| Module | Get Handle | module_name = c:\windows\system32\kernel32.dll, base_address = 0x76ed0000 |
|
1 | |
| File | Open | filename = STD_INPUT_HANDLE |
|
1 | |
| File | Get Info | filename = STD_INPUT_HANDLE, type = file_type |
|
1 | |
| File | Open | filename = STD_OUTPUT_HANDLE |
|
1 | |
| File | Get Info | filename = STD_OUTPUT_HANDLE, type = file_type |
|
1 | |
| File | Open | filename = STD_ERROR_HANDLE |
|
1 | |
| File | Get Info | filename = STD_ERROR_HANDLE, type = file_type |
|
1 | |
| Environment | Get Environment String | - |
|
1 | |
| Module | Load | module_name = C:\Users\EEBsYm5\AppData\Roaming\Oracle\bin\client\jvm.dll, base_address = 0x6c3e0000 |
|
1 | |
| Module | Get Address | module_name = c:\users\eebsym5\appdata\roaming\oracle\bin\client\jvm.dll, function = JNI_CreateJavaVM, address_out = 0x6c4a8e70 |
|
1 | |
| Module | Get Address | module_name = c:\users\eebsym5\appdata\roaming\oracle\bin\client\jvm.dll, function = JNI_GetDefaultJavaVMInitArgs, address_out = 0x6c49e340 |
|
1 |
Thread 0xd40
1426
8
| Category | Operation | Information | Success | Count | Logfile |
|---|---|---|---|---|---|
| Module | Get Handle | module_name = c:\windows\system32\kernel32.dll, base_address = 0x76ed0000 |
|
1 | |
| System | Get Info | type = Hardware Information |
|
1 | |
| System | Get Info | type = Operating System |
|
1 | |
| Environment | Get Environment String | name = _ALT_JAVA_HOME_DIR |
|
1 | |
| Module | Get Filename | module_name = c:\users\eebsym5\appdata\roaming\oracle\bin\client\jvm.dll, process_name = c:\users\eebsym5\appdata\roaming\oracle\bin\javaw.exe, file_name_orig = C:\Users\EEBsYm5\AppData\Roaming\Oracle\bin\client\jvm.dll, size = 260 |
|
1 | |
| Module | Get Filename | process_name = c:\users\eebsym5\appdata\roaming\oracle\bin\javaw.exe, file_name_orig = C:\Users\EEBsYm5\AppData\Roaming\Oracle\bin\javaw.exe, size = 260 |
|
1 | |
| System | Get Info | type = Windows Directory, result_out = C:\Windows |
|
1 | |
| System | Get Info | type = System Directory, result_out = C:\Windows\system32 |
|
1 | |
| System | Get Info | type = Windows Directory, result_out = C:\Windows |
|
2 | |
| Module | Load | module_name = C:\Users\EEBsYm5\AppData\Roaming\Oracle\bin\verify.dll, base_address = 0x6f540000 |
|
1 | |
| Module | Load | module_name = C:\Users\EEBsYm5\AppData\Roaming\Oracle\bin\java.dll, base_address = 0x6f4e0000 |
|
1 | |
| Module | Get Address | module_name = c:\users\eebsym5\appdata\roaming\oracle\bin\java.dll, address_out = 0x6f4e6fcf |
|
1 | |
| Environment | Get Environment String | name = JAVA_TOOL_OPTIONS |
|
1 | |
| Environment | Get Environment String | name = _JAVA_OPTIONS |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Roaming\Oracle\lib\endorsed, type = file_attributes |
|
1 | |
| System | Get Time | type = System Time, time = 2018-02-24 20:29:59 (UTC) |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\\hsperfdata_EEBsYm5, type = file_attributes |
|
2 | |
| Process | Open | desired_access = PROCESS_QUERY_INFORMATION |
|
1 | |
| Module | Get Handle | module_name = c:\windows\system32\advapi32.dll, base_address = 0x76fb0000 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\advapi32.dll, function = SetSecurityDescriptorControl, address_out = 0x76fd7a8b |
|
1 | |
| Module | Get Handle | module_name = c:\windows\system32\advapi32.dll, base_address = 0x76fb0000 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\advapi32.dll, function = SetSecurityDescriptorControl, address_out = 0x76fd7a8b |
|
1 | |
| Module | Get Handle | module_name = c:\windows\system32\advapi32.dll, base_address = 0x76fb0000 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\advapi32.dll, function = SetSecurityDescriptorControl, address_out = 0x76fd7a8b |
|
1 | |
| File | Create Directory | C:\Users\EEBsYm5\AppData\Local\Temp\\hsperfdata_EEBsYm5 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Local\Temp\\hsperfdata_EEBsYm5, type = file_attributes |
|
1 | |
| File | Create | filename = C:\Users\EEBsYm5\AppData\Local\Temp\\hsperfdata_EEBsYm5\3332, desired_access = GENERIC_WRITE, GENERIC_READ, file_attributes = FILE_FLAG_DELETE_ON_CLOSE, share_mode = FILE_SHARE_READ, FILE_SHARE_DELETE |
|
1 | |
| Module | Create Mapping | module_name = C:\Users\EEBsYm5\AppData\Local\Temp\\hsperfdata_EEBsYm5\3332, filename = C:\Users\EEBsYm5\AppData\Local\Temp\\hsperfdata_EEBsYm5\3332, protection = PAGE_READWRITE, maximum_size = 65536 |
|
1 | |
| Module | Map | C:\Users\EEBsYm5\AppData\Local\Temp\\hsperfdata_EEBsYm5\3332, process_name = c:\users\eebsym5\appdata\roaming\oracle\bin\javaw.exe, desired_access = FILE_MAP_ALL_ACCESS |
|
1 | |
| File | Get Info | type = file_type |
|
2 | |
| File | Read | size = 2416, size_out = 2416 |
|
1 | |
| System | Get Info | type = Hardware Information |
|
1 | |
| Registry | Open Key | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders |
|
1 | |
| Registry | Read Value | reg_name = HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders, value_name = Desktop, data = C:\Users\EEBsYm5\Desktop, type = REG_SZ |
|
1 | |
| File | Read | size = 128, size_out = 128 |
|
1 | |
| File | Read | size = 7, size_out = 7 |
|
1 | |
| File | Read | size = 1781193, size_out = 1781193 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 709, size_out = 709 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 277, size_out = 277 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 2305, size_out = 2305 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 1022, size_out = 1022 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 2882, size_out = 2882 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 104, size_out = 104 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 728, size_out = 728 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 345, size_out = 345 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 815, size_out = 815 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 1105, size_out = 1105 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 1761, size_out = 1761 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 514, size_out = 514 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 970, size_out = 970 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 2589, size_out = 2589 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 1008, size_out = 1008 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 2004, size_out = 2004 |
|
1 | |
| System | Get Time | type = System Time, time = 2018-02-24 20:29:59 (UTC) |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 669, size_out = 669 |
|
1 | |
| File | Get Info | type = file_type |
|
1 | |
| File | Get Info | type = size, size_out = 829 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 962, size_out = 962 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 934, size_out = 934 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 1720, size_out = 1720 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 1012, size_out = 1012 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 3028, size_out = 3028 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 1111, size_out = 1111 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 2976, size_out = 2976 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 672, size_out = 672 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 1189, size_out = 1189 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 2646, size_out = 2646 |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Roaming\Oracle\lib\ext, type = file_attributes |
|
1 | |
| System | Get Time | type = System Time, time = 2018-02-24 20:29:59 (UTC) |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 966, size_out = 966 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 800, size_out = 800 |
|
1 | |
| System | Get Time | type = System Time, time = 2018-02-24 20:29:59 (UTC) |
|
8 | |
| File | Get Info | filename = C:\Windows\Sun\Java\lib\ext, type = file_attributes |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 1280, size_out = 1280 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 609, size_out = 609 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 628, size_out = 628 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 328, size_out = 328 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 327, size_out = 327 |
|
1 | |
| System | Get Time | type = System Time, time = 2018-02-24 20:29:59 (UTC) |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 12212, size_out = 12212 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 748, size_out = 748 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 6630, size_out = 6630 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 3392, size_out = 3392 |
|
1 | |
| File | Read | size = 128, size_out = 128 |
|
1 | |
| File | Read | size = 13079, size_out = 13079 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 2563, size_out = 2563 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 476, size_out = 476 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 2703, size_out = 2703 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 753, size_out = 753 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 3690, size_out = 3690 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 3361, size_out = 3361 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 3599, size_out = 3599 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
2 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 260, size_out = 260 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 1899, size_out = 1899 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 678, size_out = 678 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 173, size_out = 173 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 1909, size_out = 1909 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 670, size_out = 670 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 762, size_out = 762 |
|
1 | |
| File | Read | size = 128, size_out = 128 |
|
1 | |
| File | Read | size = 13079, size_out = 13079 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 173, size_out = 173 |
|
2 | |
| File | Read | size = 160, size_out = 160 |
|
2 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 173, size_out = 173 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 269, size_out = 269 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 480, size_out = 480 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 645, size_out = 645 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 573, size_out = 573 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 535, size_out = 535 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 546, size_out = 546 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 5358, size_out = 5358 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 2540, size_out = 2540 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 486, size_out = 486 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 703, size_out = 703 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 740, size_out = 740 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 802, size_out = 802 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 1127, size_out = 1127 |
|
1 | |
| System | Get Time | type = System Time, time = 2018-02-24 20:29:59 (UTC) |
|
1 | |
| File | Get Info | type = file_type |
|
1 | |
| File | Get Info | type = size, size_out = 2190 |
|
1 | |
| System | Get Time | type = System Time, time = 2018-02-24 20:29:59 (UTC) |
|
8 | |
| File | Read | size = 128, size_out = 128 |
|
1 | |
| File | Read | size = 33985, size_out = 33985 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 92, size_out = 92 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 1663, size_out = 1663 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 1453, size_out = 1453 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 3061, size_out = 3061 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 716, size_out = 716 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 214, size_out = 214 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 545, size_out = 545 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 718, size_out = 718 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 10050, size_out = 10050 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 647, size_out = 647 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 270, size_out = 270 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 2524, size_out = 2524 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 1399, size_out = 1399 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 2750, size_out = 2750 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 6082, size_out = 6082 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 34919, size_out = 34919 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 959, size_out = 959 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 737, size_out = 737 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 62696, size_out = 62696 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 4963, size_out = 4963 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 585, size_out = 585 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 1385, size_out = 1385 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 294, size_out = 294 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 33801, size_out = 33801 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 154, size_out = 154 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 348, size_out = 348 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 1695, size_out = 1695 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 1902, size_out = 1902 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 302, size_out = 302 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 45824, size_out = 45824 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 1188, size_out = 1188 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 3195, size_out = 3195 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 3099, size_out = 3099 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 851, size_out = 851 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 2563, size_out = 2563 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 1462, size_out = 1462 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 3589, size_out = 3589 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 402, size_out = 402 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 1366, size_out = 1366 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 151, size_out = 151 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 2327, size_out = 2327 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 2682, size_out = 2682 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 3211, size_out = 3211 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 6372, size_out = 6372 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 8606, size_out = 8606 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 360, size_out = 360 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 4102, size_out = 4102 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 2132, size_out = 2132 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 12227, size_out = 12227 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 1230, size_out = 1230 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 4933, size_out = 4933 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 4365, size_out = 4365 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 890, size_out = 890 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 12321, size_out = 12321 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 5865, size_out = 5865 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 11499, size_out = 11499 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 330, size_out = 330 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 27736, size_out = 27736 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 12797, size_out = 12797 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 2945, size_out = 2945 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 4616, size_out = 4616 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 21515, size_out = 21515 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 1396, size_out = 1396 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 582, size_out = 582 |
|
1 | |
| Registry | Open Key | reg_name = HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\TimeZoneInformation |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\TimeZoneInformation, value_name = DisableAutoDaylightTimeSet, data = 100, type = REG_NONE |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\TimeZoneInformation, value_name = DynamicDaylightTimeDisabled, data = 0, type = REG_DWORD_LITTLE_ENDIAN |
|
1 | |
| Registry | Read Value | reg_name = HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\TimeZoneInformation, value_name = TimeZoneKeyName, data = Greenland Standard Time, type = REG_SZ |
|
1 | |
| File | Create | filename = C:\Users\EEBsYm5\AppData\Roaming\Oracle\lib\tzmappings, desired_access = GENERIC_READ, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| File | Get Info | filename = C:\Users\EEBsYm5\AppData\Roaming\Oracle\lib\tzmappings, type = file_type |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 2709, size_out = 2709 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 2124, size_out = 2124 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 718, size_out = 718 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 284, size_out = 284 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 14716, size_out = 14716 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 2111, size_out = 2111 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 8292, size_out = 8292 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 6007, size_out = 6007 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 1012, size_out = 1012 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 2905, size_out = 2905 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 937, size_out = 937 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 585, size_out = 585 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 1544, size_out = 1544 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 12572, size_out = 12572 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 1904, size_out = 1904 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 2008, size_out = 2008 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 783, size_out = 783 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 832, size_out = 832 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 76, size_out = 76 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 76, size_out = 76 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 6363, size_out = 6363 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 9943, size_out = 9943 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 596, size_out = 596 |
|
1 | |
| System | Get Time | type = System Time, time = 2018-02-24 20:29:59 (UTC) |
|
1 | |
| Module | Get Address | module_name = c:\users\eebsym5\appdata\roaming\oracle\bin\net.dll, function = _JNI_OnLoad@8, address_out = 0x6dae3379 |
|
1 | |
| Socket | Create | protocol = IPPROTO_IP, address_family = AF_INET6, type = SOCK_STREAM |
|
1 | |
| Socket | Close | type = SOCK_STREAM |
|
1 | |
| System | Get Time | type = System Time, time = 2018-02-24 20:29:59 (UTC) |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 612, size_out = 612 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 544, size_out = 544 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 697, size_out = 697 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 604, size_out = 604 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 591, size_out = 591 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 452, size_out = 452 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 586, size_out = 586 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 525, size_out = 525 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 1974, size_out = 1974 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 1159, size_out = 1159 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 426, size_out = 426 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 7100, size_out = 7100 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 229, size_out = 229 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 366, size_out = 366 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 1120, size_out = 1120 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 3241, size_out = 3241 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 784, size_out = 784 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 1886, size_out = 1886 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 2962, size_out = 2962 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 632, size_out = 632 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 5472, size_out = 5472 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 10775, size_out = 10775 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 6736, size_out = 6736 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 11754, size_out = 11754 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 4772, size_out = 4772 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 3581, size_out = 3581 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 5154, size_out = 5154 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 6596, size_out = 6596 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 6452, size_out = 6452 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 483, size_out = 483 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 375, size_out = 375 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 549, size_out = 549 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 598, size_out = 598 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 3389, size_out = 3389 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 2486, size_out = 2486 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 8998, size_out = 8998 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 4936, size_out = 4936 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 2439, size_out = 2439 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 2652, size_out = 2652 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 213, size_out = 213 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 550, size_out = 550 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 164, size_out = 164 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 186, size_out = 186 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 551, size_out = 551 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 613, size_out = 613 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 7508, size_out = 7508 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 135, size_out = 135 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 4419, size_out = 4419 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 1640, size_out = 1640 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 337, size_out = 337 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 54044, size_out = 54044 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 243, size_out = 243 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 15023, size_out = 15023 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 3685, size_out = 3685 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 2898, size_out = 2898 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 6136, size_out = 6136 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 5326, size_out = 5326 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 2173, size_out = 2173 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 6819, size_out = 6819 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 11034, size_out = 11034 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 2040, size_out = 2040 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 1920, size_out = 1920 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 6611, size_out = 6611 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 1102, size_out = 1102 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 2218, size_out = 2218 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 1308, size_out = 1308 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 544, size_out = 544 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 2347, size_out = 2347 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 1558, size_out = 1558 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 7623, size_out = 7623 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 2853, size_out = 2853 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 1485, size_out = 1485 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 755, size_out = 755 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 177, size_out = 177 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 1737, size_out = 1737 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 1663, size_out = 1663 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 2251, size_out = 2251 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 2801, size_out = 2801 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 1075, size_out = 1075 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 2301, size_out = 2301 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 2770, size_out = 2770 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 1827, size_out = 1827 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 1966, size_out = 1966 |
|
1 | |
| File | Get Info | type = file_type |
|
1 | |
| System | Get Time | type = System Time, time = 2018-02-24 20:30:00 (UTC) |
|
1 | |
| Module | Get Address | module_name = c:\users\eebsym5\appdata\roaming\oracle\bin\sunec.dll, function = _JNI_OnLoad@8, address_out = 0x0 |
|
1 | |
| Module | Get Address | module_name = c:\users\eebsym5\appdata\roaming\oracle\bin\sunec.dll, function = JNI_OnLoad, address_out = 0x0 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 1434, size_out = 1434 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 454, size_out = 454 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 5439, size_out = 5439 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 619, size_out = 619 |
|
1 | |
| File | Read | size = 128, size_out = 128 |
|
1 | |
| File | Read | size = 10470, size_out = 10470 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
2 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 3596, size_out = 3596 |
|
2 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 3529, size_out = 3529 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 1320, size_out = 1320 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
2 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 735, size_out = 735 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 817, size_out = 817 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 331, size_out = 331 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 2357, size_out = 2357 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 187, size_out = 187 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 3665, size_out = 3665 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 3856, size_out = 3856 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 333, size_out = 333 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
2 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 2915, size_out = 2915 |
|
1 | |
| File | Read | size = 128, size_out = 128 |
|
1 | |
| File | Read | size = 328, size_out = 328 |
|
1 | |
| File | Read | size = 350, size_out = 350 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
3 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 213, size_out = 213 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 1319, size_out = 1319 |
|
1 | |
| File | Read | size = 151, size_out = 151 |
|
1 | |
| File | Read | size = 92, size_out = 92 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 4096, size_out = 4096 |
|
1 | |
| File | Read | size = 47, size_out = 47 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 115, size_out = 115 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 502, size_out = 502 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 807, size_out = 807 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 530, size_out = 530 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 1987, size_out = 1987 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 706, size_out = 706 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 4096, size_out = 4096 |
|
1 | |
| File | Read | size = 3777, size_out = 3777 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 3082, size_out = 3082 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 4270, size_out = 4270 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 8559, size_out = 8559 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 6031, size_out = 6031 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 671, size_out = 671 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 1961, size_out = 1961 |
|
1 | |
| DNS | Get Hostname | name_out = cRh2YWu7 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 3287, size_out = 3287 |
|
1 | |
| DNS | Resolve Name | host = cRh2YWu7, address_out = fe80:0000:0000:0000:48d9:542c:fc57:360f, 192.168.0.222 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 383, size_out = 383 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 3661, size_out = 3661 |
|
1 | |
| File | Read | size = 128, size_out = 128 |
|
1 | |
| File | Read | size = 389, size_out = 389 |
|
1 | |
| File | Read | size = 411, size_out = 411 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 194, size_out = 194 |
|
2 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 242, size_out = 242 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 1318, size_out = 1318 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 153, size_out = 153 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 209, size_out = 209 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 883, size_out = 883 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 994, size_out = 994 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 780, size_out = 780 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 206, size_out = 206 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 533, size_out = 533 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 775, size_out = 775 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 301, size_out = 301 |
|
1 | |
| File | Read | size = 8192, size_out = 8192 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 3596, size_out = 3596 |
|
2 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 3529, size_out = 3529 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 1320, size_out = 1320 |
|
1 | |
| File | Read | size = 160, size_out = 160 |
|
2 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 3596, size_out = 3596 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 3529, size_out = 3529 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 1320, size_out = 1320 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 1137, size_out = 1137 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 1486, size_out = 1486 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 1009, size_out = 1009 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 1052, size_out = 1052 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 269, size_out = 269 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 1438, size_out = 1438 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 2684, size_out = 2684 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 157, size_out = 157 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 902, size_out = 902 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 1516, size_out = 1516 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 925, size_out = 925 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 1403, size_out = 1403 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 684, size_out = 684 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 2171, size_out = 2171 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 1421, size_out = 1421 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 694, size_out = 694 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 171, size_out = 171 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 1111, size_out = 1111 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 814, size_out = 814 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 608, size_out = 608 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 677, size_out = 677 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 274, size_out = 274 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 1343, size_out = 1343 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 541, size_out = 541 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
| File | Read | size = 2912, size_out = 2912 |
|
1 | |
| File | Read | size = 30, size_out = 30 |
|
1 | |
|
For performance reasons, the remaining 400 entries are omitted.
The remaining entries can be found in glog.xml. |
|||||
Thread 0xd44
5
0
| Category | Operation | Information | Success | Count | Logfile |
|---|---|---|---|---|---|
| Module | Get Handle | module_name = c:\windows\system32\kernel32.dll, base_address = 0x76ed0000 |
|
1 | |
| System | Get Time | type = System Time, time = 2018-02-24 20:30:00 (UTC) |
|
4 |
Thread 0xd48
1
0
| Category | Operation | Information | Success | Count | Logfile |
|---|---|---|---|---|---|
| Module | Get Handle | module_name = c:\windows\system32\kernel32.dll, base_address = 0x76ed0000 |
|
1 |
Thread 0xd4c
2
0
| Category | Operation | Information | Success | Count | Logfile |
|---|---|---|---|---|---|
| Module | Get Handle | module_name = c:\windows\system32\kernel32.dll, base_address = 0x76ed0000 |
|
1 | |
| Module | Get Address | module_name = c:\users\eebsym5\appdata\roaming\oracle\bin\java.dll, function = _Java_java_lang_ref_Finalizer_invokeFinalizeMethod@12, address_out = 0x6f4e207c |
|
1 |
Thread 0xd50
1
0
| Category | Operation | Information | Success | Count | Logfile |
|---|---|---|---|---|---|
| Module | Get Handle | module_name = c:\windows\system32\kernel32.dll, base_address = 0x76ed0000 |
|
1 |
Thread 0xd58
1
0
| Category | Operation | Information | Success | Count | Logfile |
|---|---|---|---|---|---|
| Module | Get Handle | module_name = c:\windows\system32\kernel32.dll, base_address = 0x76ed0000 |
|
1 |
Thread 0xd54
2
0
| Category | Operation | Information | Success | Count | Logfile |
|---|---|---|---|---|---|
| Module | Get Handle | module_name = c:\windows\system32\kernel32.dll, base_address = 0x76ed0000 |
|
1 | |
| Mutex | Create | - |
|
1 |
Thread 0xd60
1
0
| Category | Operation | Information | Success | Count | Logfile |
|---|---|---|---|---|---|
| Module | Get Handle | module_name = c:\windows\system32\kernel32.dll, base_address = 0x76ed0000 |
|
1 |
Thread 0xd5c
1
0
| Category | Operation | Information | Success | Count | Logfile |
|---|---|---|---|---|---|
| Module | Get Handle | module_name = c:\windows\system32\kernel32.dll, base_address = 0x76ed0000 |
|
1 |
Process #21: javaw.exe
0
0
| Information | Value |
|---|---|
| ID | #21 |
| File Name | c:\users\eebsym5\appdata\roaming\oracle\bin\javaw.exe |
| Command Line | "C:\Users\EEBsYm5\AppData\Roaming\Oracle\bin\javaw.exe" -jar "C:\Users\EEBsYm5\PKcVbKSqerl\ZpEbztPLUfw.BnNKgj" |
| Initial Working Directory | C:\Windows\system32\ |
| Monitor | Start Time: 00:02:39, Reason: Autostart |
| Unmonitor | End Time: 00:02:41, Reason: Terminated by Timeout |
| Monitor Duration | 00:00:02 |
| Remarks | No high level activity detected in monitored regions |
OS Process Information
| Information | Value |
|---|---|
| PID | 0x6b4 |
| Parent PID | 0x548 (c:\windows\explorer.exe) |
| Is Created or Modified Executable |
|
| Integrity Level | Medium |
| Username | CRH2YWU7\EEBsYm5 |
| Enabled Privileges | SeChangeNotifyPrivilege |
| Thread IDs |
0x
6B8
|
Region
| Name | Start VA | End VA | Type | Permissions | Monitored | Dumped | YARA | Actions |
|---|---|---|---|---|---|---|---|---|
| private_0x0000000000010000 | 0x00010000 | 0x0002ffff | Private Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x0000000000010000 | 0x00010000 | 0x0001ffff | Pagefile Backed Memory | Readable, Writable |
|
|
|
- |
| private_0x0000000000020000 | 0x00020000 | 0x0002ffff | Private Memory | Readable, Writable |
|
|
|
- |
| pagefile_0x0000000000030000 | 0x00030000 | 0x00033fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| pagefile_0x0000000000040000 | 0x00040000 | 0x00042fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| private_0x0000000000050000 | 0x00050000 | 0x0009ffff | Private Memory | Readable, Writable |
|
|
|
- |
| locale.nls | 0x000a0000 | 0x00106fff | Memory Mapped File | Readable |
|
|
|
- |
| pagefile_0x0000000000110000 | 0x00110000 | 0x001d7fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| private_0x0000000000280000 | 0x00280000 | 0x0037ffff | Private Memory | Readable, Writable |
|
|
|
- |
| javaw.exe | 0x010f0000 | 0x0111efff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| comctl32.dll | 0x74080000 | 0x7421dfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| kernelbase.dll | 0x75260000 | 0x752a9fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| lpk.dll | 0x753a0000 | 0x753a9fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| advapi32.dll | 0x75550000 | 0x755effff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| msvcrt.dll | 0x755f0000 | 0x7569bfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| user32.dll | 0x756a0000 | 0x75768fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| kernel32.dll | 0x75770000 | 0x75843fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| shlwapi.dll | 0x75850000 | 0x758a6fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| sechost.dll | 0x75b70000 | 0x75b88fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| rpcrt4.dll | 0x75e30000 | 0x75ed0fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| gdi32.dll | 0x76b30000 | 0x76b7dfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| msctf.dll | 0x76d40000 | 0x76e0bfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| ntdll.dll | 0x76f50000 | 0x7708bfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| imm32.dll | 0x77090000 | 0x770aefff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| usp10.dll | 0x770e0000 | 0x7717cfff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| apisetschema.dll | 0x77190000 | 0x77190fff | Memory Mapped File | Readable, Writable, Executable |
|
|
|
- |
| pagefile_0x000000007f6f0000 | 0x7f6f0000 | 0x7f7effff | Pagefile Backed Memory | Readable |
|
|
|
- |
| pagefile_0x000000007ffb0000 | 0x7ffb0000 | 0x7ffd2fff | Pagefile Backed Memory | Readable |
|
|
|
- |
| private_0x000000007ffde000 | 0x7ffde000 | 0x7ffdefff | Private Memory | Readable, Writable |
|
|
|
- |
| private_0x000000007ffdf000 | 0x7ffdf000 | 0x7ffdffff | Private Memory | Readable, Writable |
|
|
|
- |
