Obfuscated AutoIt Malware Injects Executables to Steal Passwords and Browser Data | Sequential Behavior
Try VMRay Analyzer
| Hostname | IP Addresses | Country | City | Protocols | Has Blacklisted URL |
|---|---|---|---|---|---|
| jluxi.dynu.com | 185.62.188.68 | NL | DNS, TCP |
|
| Information | Value |
|---|---|
| ID | #1 |
| File Name | c:\users\eebsym5\desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe |
| Command Line | "C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe" |
| Initial Working Directory | C:\Users\EEBsYm5\Desktop\ |
| Monitor | Start Time: 00:00:10, Reason: Analysis Target |
| Unmonitor | End Time: 00:02:11, Reason: Terminated by Timeout |
| Monitor Duration | 00:02:01 |
| Information | Value |
|---|---|
| PID | 0xa00 |
| Parent PID | 0x658 (c:\windows\explorer.exe) |
| Is Created or Modified Executable |
|
| Integrity Level | High (Elevated) |
| Username | CRH2YWU7\EEBsYm5 |
| Groups |
|
| Enabled Privileges | SeChangeNotifyPrivilege, SeImpersonatePrivilege, SeCreateGlobalPrivilege |
| Thread IDs |
0x
A04
0x
A0C
0x
A14
0x
A18
|
| Filename | File Size | Hash Values | YARA Match | Actions |
|---|---|---|---|---|
| c:\users\eebsym5\appdata\local\temp\60484525\__tmp_rar_sfx_access_check_18052931 | 0.00 KB (0 bytes) |
MD5:
d41d8cd98f00b204e9800998ecf8427e
SHA1: da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
|
|
| c:\users\eebsym5\appdata\local\temp\60484525\hin.ppt | 753.11 KB (771181 bytes) |
MD5:
b4069d0c0e00f8266018f1263d28314a
SHA1: da9e1711e225aa694f28ac81677f0a8840acbd56 SHA256: 017a11f2c47b3329116d74da098437fef15a0283fd7df5b5cf16e167a74bf4bf |
|
|
| c:\users\eebsym5\appdata\local\temp\60484525\cvn-nhc | 2.88 MB (3022508 bytes) |
MD5:
de1a6fbf02c16cacd54d414ed4e6f73e
SHA1: 645a49fb10d04c18348e6614c3640cb2d732d7e2 SHA256: f0b7de110217d22b745eb45ad6c808974c667bb77dabdf824c7a439bb254d49d |
|
|
| c:\users\eebsym5\appdata\local\temp\60484525\cih.exe | 732.73 KB (750320 bytes) |
MD5:
71d8f6d5dc35517275bc38ebcc815f9f
SHA1: cae4e8c730de5a01d30aabeb3e5cb2136090ed8d SHA256: fb73a819b37523126c7708a1d06f3b8825fa60c926154ab2d511ba668f49dc4b |
|
|
| c:\users\eebsym5\appdata\local\temp\60484525\jdl.jpg | 0.58 KB (593 bytes) |
MD5:
4cf50661adbe97e9144a1ae14e0cc2d4
SHA1: 6cfecd4625e5cac62f73cd766c0695545615a80e SHA256: 01da59d2d9a62cc31d8a28f02e58762f775783d072dc92cd4882472991c6c489 |
|
|
| c:\users\eebsym5\appdata\local\temp\60484525\vqm.xl | 0.51 KB (525 bytes) |
MD5:
39f5c28a7805e6993c878e2445b6de4f
SHA1: b1a4702db810d76ca9dab4a40b464161447a8485 SHA256: 2fb689a6de68f133a7baab6c6f6458fae38c6dae4d90f62da2b90641a048fc2a |
|
|
| c:\users\eebsym5\appdata\local\temp\60484525\bcu.mp4 | 0.51 KB (521 bytes) |
MD5:
e800b240b278b15f7e04a9aa5aad5a94
SHA1: 5c57cfd08c138ecb8aaf08638ff708ed0fc11e9c SHA256: d4c33eed67247dbddc3dcd7400bd24fd7209a597f468978f014568c2ee0a7fd1 |
|
|
| c:\users\eebsym5\appdata\local\temp\60484525\rnr.mp3 | 0.54 KB (556 bytes) |
MD5:
a1c50816b65f30e2260479114d0bcab6
SHA1: 74c73a920cbd9ef1057d4d8d7589363d14e4a55b SHA256: c18f5a54575e9b56f95bbeb353318cba41fefbadc7f101589d5fc0df3fd56141 |
|
|
| c:\users\eebsym5\appdata\local\temp\60484525\cvg.mp4 | 0.49 KB (505 bytes) |
MD5:
da230cfbc8a80e350c87d894eebb76b9
SHA1: ea6d7ae1dc826a9344c00a01d47e92ee60bd6d61 SHA256: bdfc89fb5460d262442882b76f31f9853370abd79e86be034afb53e2be694118 |
|
|
| c:\users\eebsym5\appdata\local\temp\60484525\chm.docx | 0.60 KB (614 bytes) |
MD5:
84d55a12fc2416df5c1553ee17ad0992
SHA1: b402fc11ff5ef3552be26235e9fd016c7fe912b2 SHA256: 918778adbeba224f4b9dd8910b717cf706563c35e06fbe0d04dfb00ced8678ee |
|
|
| c:\users\eebsym5\appdata\local\temp\60484525\vua.jpg | 0.50 KB (509 bytes) |
MD5:
6dd73a9654139bb6529a72207ddfde0f
SHA1: bd67f636d12ed1c4cff28f6a9a84e28b97d7f1a5 SHA256: 42220eec08a393cd359ec79cb610d2a845926b8d8119eb505276564aa25698c9 |
|
|
| c:\users\eebsym5\appdata\local\temp\60484525\oxl.ico | 0.51 KB (520 bytes) |
MD5:
22c528e901375639d3a014f6fe12ed43
SHA1: 74f6a3c188759980c3e7dc9de94642f86a18fb59 SHA256: 1af85ae13aa9aa6114ec4c03cfd840fb8222eeceb611aac530411979bd9bede9 |
|
|
| c:\users\eebsym5\appdata\local\temp\60484525\fun.mp4 | 0.62 KB (633 bytes) |
MD5:
41db425bddeb6edff3829ede53e4b059
SHA1: 8355713e8ff5b27cc72f2a784d597be7d02e3c26 SHA256: 668dff85c71ac5142e3105426be365b7834e1dd8e3e0043674a272af26138f35 |
|
|
| c:\users\eebsym5\appdata\local\temp\60484525\fqv.xl | 0.55 KB (567 bytes) |
MD5:
2a8d81d0726edc11e6e4f75207fee58c
SHA1: 041b9554b7a23b86240e82c0c18e0c34cfdd4ae1 SHA256: bc2d0c9ff398b2883465e9c5963d0a8933b034ae43f6002481f674b5ade6c839 |
|
|
| c:\users\eebsym5\appdata\local\temp\60484525\hgu.ico | 0.56 KB (569 bytes) |
MD5:
e9a2566e0a5296cf122c7089e0558baf
SHA1: e7d3001b6b6ebf6928e942f4c8343f4f551e0284 SHA256: 418946d3f5ab5a04d537045108c4e8db6dcb48bb465e2d0a01f91723b7948e49 |
|
|
| c:\users\eebsym5\appdata\local\temp\60484525\brh.ppt | 0.58 KB (597 bytes) |
MD5:
fda5e079dbe06cc05c59ba4e27fa48c2
SHA1: 88181205ec8323e457d5bcd4e7a03cea28ad47c7 SHA256: 75cfe292e1d9d6bd3bdadfe1ce6bef7a57bfc2a6bb7ce6fecd497bf4ec583c37 |
|
|
| c:\users\eebsym5\appdata\local\temp\60484525\xqa.mp4 | 0.54 KB (551 bytes) |
MD5:
d46dd879f8205faa467df9c9a0019a9d
SHA1: 25631b0a07e69d1dc8e93e5e51946a27f98d2b17 SHA256: aa93b72e74034ed72878672e776fbe7fa55e93f78e485a337cbeae4bd18f4917 |
|
|
| c:\users\eebsym5\appdata\local\temp\60484525\jub.bmp | 0.56 KB (574 bytes) |
MD5:
81932b74d719d9feaee98fd12634ac5b
SHA1: a7283637bc88dacb689b39cebfc28a91e32f1e03 SHA256: 1c9ccc3a409e293eadbb70410de3c3405da55ceb47d36a639054b6f5c10a3c91 |
|
|
| c:\users\eebsym5\appdata\local\temp\60484525\jgu.bmp | 0.52 KB (532 bytes) |
MD5:
2a84b8aefabec88301c0f50f7cfb46f6
SHA1: e4b2c15448b6dace8cfa8227784b3f9396a2f498 SHA256: ef754e4a3efc638823684023ef2ddbbcdaf1354c290e4c33ef394df4c2a8d2ca |
|
|
| c:\users\eebsym5\appdata\local\temp\60484525\tik.icm | 0.54 KB (550 bytes) |
MD5:
74efb6a98e74a829daafef9945004dca
SHA1: c5102cd3b0d7602f51099a27657b37a3bf787561 SHA256: bf1ab35f7bd5d5fc365d2c176bb5c5374e578b8424ed0fde82f55d1eae1d350d |
|
|
| c:\users\eebsym5\appdata\local\temp\60484525\wjv.pdf | 0.53 KB (539 bytes) |
MD5:
1474405a725bc37f9fea9479c11a78bf
SHA1: b57f9f373b5323f3b701bf350fd98cf8a827b3ff SHA256: d83ec42f0ff63cf14851f789e85f2dc33d76cb4c2409e1488f7474df2086033f |
|
|
| c:\users\eebsym5\appdata\local\temp\60484525\nvl.xl | 0.51 KB (526 bytes) |
MD5:
90ca387ad342c41ae796173d560ccf84
SHA1: eb03b500bbf683a889c4758d228b55cedddd4c30 SHA256: 0ecf3eb5d0f794e7e32a941580da8641bff3bf248a68df43a35ae16d77eda192 |
|
|
| c:\users\eebsym5\appdata\local\temp\60484525\xfg.dat | 0.51 KB (520 bytes) |
MD5:
c82da2a4e862c90a2d961098b1d64956
SHA1: 7edf516e6c807d8fa5aa912e23d9460721769207 SHA256: db7f2a223fef17affd13a518ac21c7675942bd475bc416dd78c7c6c186548b64 |
|
|
| c:\users\eebsym5\appdata\local\temp\60484525\aqa.bmp | 0.54 KB (557 bytes) |
MD5:
f8b9deca33aba33d64623f47e7c88855
SHA1: a70b7a6327133486d04d4d3c57bd8930a3e3a698 SHA256: 449952af1c2bd2a2e1878b3a81044793305185a7d27f0066521645906a5040c7 |
|
|
| c:\users\eebsym5\appdata\local\temp\60484525\rnj.mp3 | 0.53 KB (547 bytes) |
MD5:
6effc77853a885dd155870e04545880b
SHA1: 98ebfdb5b3ef2c2db538a290a0a26bc6cf885916 SHA256: 89b82044c02980606c7d6b39aa2cf08b66ca0db7e1b5ad23a7c0d64e056340d2 |
|
|
| c:\users\eebsym5\appdata\local\temp\60484525\eff.icm | 0.51 KB (522 bytes) |
MD5:
c2f588f89c85d3c2c97e128f27234f2c
SHA1: b2b64e8b77e831f3a16fdd1da61f8f64f514b19e SHA256: 1e8e0cc104f8c880f3a6d312f6bdc99c5f3f4fd3ee081eee7e2534ed511209fd |
|
|
| c:\users\eebsym5\appdata\local\temp\60484525\isi.xl | 0.50 KB (507 bytes) |
MD5:
469067bf5a94e9002cf154a81f397c6a
SHA1: 737b86b50e3998052920f02bde3ad487743f1a6a SHA256: 6b418ce9673895fb76b32b67faf05073e577444d82bf42ff21733e1f057c3d60 |
|
|
| c:\users\eebsym5\appdata\local\temp\60484525\upe.mp3 | 0.56 KB (578 bytes) |
MD5:
62bd082578b0e38bc2b6b731b4a5ec49
SHA1: 3f6c8024888bf3caa19e6ad7db4a8f29859bdaa9 SHA256: 00a79f22f8ed82f6ea362254d04578bfa498dfed0d2ab8f733e6fbace1c2c078 |
|
|
| c:\users\eebsym5\appdata\local\temp\60484525\fpo.xl | 0.57 KB (581 bytes) |
MD5:
ff594e995d9f6268a047cc2e269eb2b9
SHA1: a0a8692e4560d122d0dd359157544b32fdc57cd0 SHA256: 6cc6a2d2a8196b938e5e332df30d025374d6c98a18c5e707021141966203d7e1 |
|
|
| c:\users\eebsym5\appdata\local\temp\60484525\wlk.pdf | 0.52 KB (536 bytes) |
MD5:
747d40f9300dbb3ba36d7310b5ee40da
SHA1: 90d715455eb32004107a92bf810df71371ed4047 SHA256: cef051d14bcbc14e12f9d130f71e8b285b37117cd20c23678419b9ab8659300d |
|
|
| c:\users\eebsym5\appdata\local\temp\60484525\nlb.pdf | 0.53 KB (541 bytes) |
MD5:
a49efa6c9f872faad2232a4b6a2394a7
SHA1: c8dff7972de40ab025314a8c74b5bb8e1552170e SHA256: 97b1b6f6884f0f92342576a9667c5cb3c1b61fabc8a0b1b23d1f57582b0624d3 |
|
|
| c:\users\eebsym5\appdata\local\temp\60484525\emv.bmp | 0.50 KB (511 bytes) |
MD5:
04f1e686525064abfdb4bfd7ff29a0b5
SHA1: 47748ea5978245b49c8136d9e147059afeb06ffe SHA256: 8e3de8ce80c00091cb1aaa93f590226c7ac53a509926cdd815301237dd8e9e1b |
|
|
| c:\users\eebsym5\appdata\local\temp\60484525\raq.jpg | 0.50 KB (514 bytes) |
MD5:
e5d188010c3203e2d37d4225d6cae53b
SHA1: 430d4c308efdb225a74e10d3facefa8e44252be1 SHA256: 93846c06cef1c5515a1f78e95c040be5c75d3b6c78bf6438cf12fd7345d3c1c8 |
|
|
| c:\users\eebsym5\appdata\local\temp\60484525\nep.mp4 | 0.58 KB (589 bytes) |
MD5:
498138dfbfbe52214e73e9c1141aa981
SHA1: bc7166b6abe72bb216d77d48185330668186bb88 SHA256: b1b69fb21d93d6bae3fbcf8338aa66ee2791362ec5f918bd9dc45c1c14d4749c |
|
|
| c:\users\eebsym5\appdata\local\temp\60484525\neo.ico | 0.54 KB (551 bytes) |
MD5:
a128399da3f11bda3f2164a97cb2b531
SHA1: 0d00f9e17e6445805ef34c8fdb68fe8e38ab4868 SHA256: dcf09d4181263a2a3b0787085f7b8dc8913245c0d6ac535e16f8a77ba17ecc91 |
|
|
| c:\users\eebsym5\appdata\local\temp\60484525\wxv.mp4 | 0.51 KB (526 bytes) |
MD5:
924bdfca849290fd510d72a39da75d43
SHA1: b5c18c00e3596b8a87d068f67e59f46aba6509da SHA256: b32f0a65698effe8c62e482bf9b6aec6f5fd496d52da525dca2078988956d3d9 |
|
|
| c:\users\eebsym5\appdata\local\temp\60484525\beb.ppt | 0.52 KB (530 bytes) |
MD5:
afcc6587b4839826588ae54512851ef8
SHA1: e55525356075eba71766e12d7db9d67ef4cdd8cc SHA256: 5fdfa5c8afbda02553bbf95969ca4434c57456b4e51a56330fddd770d9f84277 |
|
|
| c:\users\eebsym5\appdata\local\temp\60484525\als.txt | 0.50 KB (512 bytes) |
MD5:
a81eeaae706a9e8ab123d3ed140d837e
SHA1: 3f0feac929dd6f1f5776298da84a14298f12cb10 SHA256: 169b9a0889e98c8e239c472e3041fccb2433c668f269782b28c74648c5135ba7 |
|
|
| c:\users\eebsym5\appdata\local\temp\60484525\jkg.txt | 0.57 KB (588 bytes) |
MD5:
0f7278aeb0c194405013a9963334e38c
SHA1: 2b7dab89793af056f56e84b9a1040c2c3e01f5a9 SHA256: 0c9293277fd0325971a2cf297d88460ad8df83d40f09f947fb36a50c59ad9c31 |
|
|
| c:\users\eebsym5\appdata\local\temp\60484525\idv.xl | 0.54 KB (550 bytes) |
MD5:
307fe5bd3f52c0aefb503401e2b08505
SHA1: 67ef51104877c6e6ca67e868b2a5d589e415a255 SHA256: 79bb5d0d7e6e403335b863935f832da481a550f7174e77f56a112d5a1f7bff8f |
|
|
| c:\users\eebsym5\appdata\local\temp\60484525\erk.ico | 0.56 KB (576 bytes) |
MD5:
0a5b38cbc77ff6bfd9ca434eb372e88e
SHA1: a093894e555294518d98937f61e1eac26298539b SHA256: a3cc42516891627a6ff9dcc5dcca3a4deaefbbf2f9a5411a644a34242b57f6f7 |
|
|
| c:\users\eebsym5\appdata\local\temp\60484525\jfo.dat | 0.54 KB (556 bytes) |
MD5:
faf4d8efca05d9b305d0970a8417274c
SHA1: 847aff73ea3889518231b2a8e5aa2befd843f48b SHA256: 4f081e6dfab65d9c1910303f41fafac0e3652e2af3713140d8cc30d79aed912e |
|
|
| c:\users\eebsym5\appdata\local\temp\60484525\pac.ppt | 0.55 KB (564 bytes) |
MD5:
bc062df0b1cf65138efbd74028d417ee
SHA1: 4e3254580fc0eea7fcd2daa270b5e94e7fca7560 SHA256: b007b3703bec0526df06de06a88e97f706f09554ac2eb930cad38a80a3c663f7 |
|
|
| c:\users\eebsym5\appdata\local\temp\60484525\okk.pdf | 0.53 KB (538 bytes) |
MD5:
7c65637227835e997638cdbbdda237db
SHA1: ddd80c708a202210df0c6bab2d53fad31510c77a SHA256: 26f1259b8d53d6b4a43da7ebf431f4aff6617bbad13a188e9b4f534e21fd94b5 |
|
|
| c:\users\eebsym5\appdata\local\temp\60484525\dxj.docx | 0.64 KB (651 bytes) |
MD5:
1690024ca4904bc8664deb3b5c046a09
SHA1: d78d488168c4a91dfb4883107bb0b344e47f6103 SHA256: dc2a1291b72a6b56d6acf1a4d52278ff82a9ac18d20f650d7bf1c1527a0675d1 |
|
|
| c:\users\eebsym5\appdata\local\temp\60484525\tob.ico | 0.56 KB (575 bytes) |
MD5:
5d4a58ea600887506e113f87226108a7
SHA1: 6fd6c6d7b08df98858f8cd8bab2a8ddbaef39b78 SHA256: f6b0188a75c7fa2bcc06eb7d5de15a84facab9b2e2cc8d54aa7708833888d49b |
|
|
| c:\users\eebsym5\appdata\local\temp\60484525\guv.xl | 0.54 KB (550 bytes) |
MD5:
df21088736f29414e1aeacbea6dd4adb
SHA1: 2444bd270127ae12148eaf048fe82021f5580952 SHA256: 0bb6caa082e474fd47bdb620aa88536820e95f84cef92dcbda4fb686f29b3c3a |
|
|
| c:\users\eebsym5\appdata\local\temp\60484525\hjd.mp4 | 0.53 KB (543 bytes) |
MD5:
ce4596068d05d9436fa2512cfe90a81a
SHA1: 4e209aede4adcee82bb4a8008291069a3a558f5c SHA256: 54f750492edac60c64348bf5131e7ec5c2e60aa796d80194b673b9e632c9c9cd |
|
|
| c:\users\eebsym5\appdata\local\temp\60484525\ain.icm | 0.52 KB (532 bytes) |
MD5:
d997ac87e2adca0fe86fb0ba4a628299
SHA1: 14cae556c130ac9c5fa65168e9680893a4c73899 SHA256: c4a221aabd4c8dbc1ba62bd28e79af98b2e7a2c5d624c5f5c889352499bb47af |
|
|
| c:\users\eebsym5\appdata\local\temp\60484525\ugv.icm | 0.54 KB (549 bytes) |
MD5:
a8ca3dd1e20cbeba4c51df819b7bb68e
SHA1: 36d2b3b494d42d9958553cad17fa04819dfa2883 SHA256: d7820ee70bff4ff3f6922ab56d97c88aa79eb8591311d3a6c58b33c1c289d14a |
|
|
| Category | Operation | Information | Success | Count | Logfile |
|---|---|---|---|---|---|
| Module | Get Handle | module_name = c:\windows\system32\kernel32.dll, base_address = 0x769e0000 |
|
1 | |
| Module | Get Address | module_name = c:\windows\system32\kernel32.dll, function = SetDllDirectoryW, address_out = 0x76a6c7cf |
|
1 | |
| File | Add Search Path |
|
1 | ||
| Environment | Set Environment String | name = sfxcmd, value = "C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe" |
|
1 | |
| Module | Get Filename | process_name = c:\users\eebsym5\desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, file_name_orig = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 1024 |
|
1 | |
| Environment | Set Environment String | name = sfxname, value = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe |
|
1 | |
| Module | Get Handle | module_name = c:\users\eebsym5\desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, base_address = 0x400000 |
|
1 | |
| Module | Load | module_name = riched32.dll, base_address = 0x72980000 |
|
1 | |
| Module | Load | module_name = riched20.dll, base_address = 0x6d740000 |
|
1 | |
| System | Get Info | type = Operating System |
|
1 | |
| File | Create | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, desired_access = GENERIC_READ, file_attributes = FILE_FLAG_SEQUENTIAL_SCAN, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 8192, size_out = 8192 |
|
12 | |
| Module | Get Handle | module_name = c:\users\eebsym5\desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, base_address = 0x400000 |
|
1 | |
| Window | Find | window_name = 0, class_name = EDIT |
|
1 | |
| File | Create | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, desired_access = GENERIC_READ, file_attributes = FILE_FLAG_SEQUENTIAL_SCAN, share_mode = FILE_SHARE_READ |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 7, size_out = 7 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 1048560, size_out = 934137 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 7, size_out = 7 |
|
2 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 6, size_out = 6 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 7, size_out = 7 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 28, size_out = 28 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 7, size_out = 7 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 37, size_out = 37 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 7, size_out = 7 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 28, size_out = 28 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 2708, size_out = 2708 |
|
1 | |
| System | Get Time | type = Ticks, time = 52868 |
|
2 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 52868 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 52868 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 52868 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 52868 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 52868 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 52868 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 52868 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 52868 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 52868 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 52868 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 52868 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 52868 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 52868 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 52868 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 52868 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 52868 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 52868 |
|
2 | |
| File | Create Directory | C: |
|
1 | |
| File | Create Directory | C:\Users |
|
1 | |
| File | Create Directory | C:\Users\EEBsYm5 |
|
1 | |
| File | Create Directory | C:\Users\EEBsYm5\AppData |
|
1 | |
| File | Create Directory | C:\Users\EEBsYm5\AppData\Local |
|
1 | |
| File | Create Directory | C:\Users\EEBsYm5\AppData\Local\Temp |
|
1 | |
| File | Create Directory | C:\Users\EEBsYm5\AppData\Local\Temp\60484525 |
|
1 | |
| System | Get Time | type = Ticks, time = 52931 |
|
1 | |
| File | Create | filename = __tmp_rar_sfx_access_check_18052931, desired_access = GENERIC_WRITE, GENERIC_READ, share_mode = FILE_SHARE_READ |
|
1 | |
| File | Delete | filename = __tmp_rar_sfx_access_check_18052931 |
|
1 | |
| Window | Set Attribute | index = 18446744073709551600, new_long = 1342341248 |
|
1 | |
| File | Create | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, desired_access = GENERIC_READ, file_attributes = FILE_FLAG_SEQUENTIAL_SCAN, share_mode = FILE_SHARE_READ |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 7, size_out = 7 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 1048560, size_out = 934137 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 7, size_out = 7 |
|
2 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 6, size_out = 6 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 7, size_out = 7 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 28, size_out = 28 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 7, size_out = 7 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 37, size_out = 37 |
|
1 | |
| System | Get Time | type = System Time, time = 2017-10-04 02:23:35 (UTC) |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 7, size_out = 7 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 28, size_out = 28 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 7, size_out = 7 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 37, size_out = 37 |
|
1 | |
| File | Get Info | filename = hin.ppt, type = file_attributes |
|
1 | |
| File | Create | filename = hin.ppt, desired_access = GENERIC_WRITE, share_mode = FILE_SHARE_READ |
|
1 | |
| File | Get Info | filename = hin.ppt, type = file_type |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 32768, size_out = 32768 |
|
1 | |
| System | Get Time | type = Ticks, time = 53024 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 32736, size_out = 32736 |
|
1 | |
| System | Get Time | type = Ticks, time = 53024 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 32736, size_out = 32736 |
|
1 | |
| System | Get Time | type = Ticks, time = 53024 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 32736, size_out = 32736 |
|
1 | |
| System | Get Time | type = Ticks, time = 53024 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 32736, size_out = 32736 |
|
1 | |
| System | Get Time | type = Ticks, time = 53040 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 32736, size_out = 32736 |
|
1 | |
| System | Get Time | type = Ticks, time = 53040 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 32736, size_out = 32736 |
|
1 | |
| System | Get Time | type = Ticks, time = 53040 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 32736, size_out = 32736 |
|
1 | |
| System | Get Time | type = Ticks, time = 53040 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 32736, size_out = 32736 |
|
1 | |
| System | Get Time | type = Ticks, time = 53040 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 32736, size_out = 32736 |
|
1 | |
| System | Get Time | type = Ticks, time = 53040 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 32736, size_out = 32736 |
|
1 | |
| System | Get Time | type = Ticks, time = 53040 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 32736, size_out = 32736 |
|
1 | |
| System | Get Time | type = Ticks, time = 53040 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 32736, size_out = 32736 |
|
1 | |
| System | Get Time | type = Ticks, time = 53040 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 10894, size_out = 10894 |
|
1 | |
| System | Get Time | type = Ticks, time = 53040 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53040 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53040 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53040 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53040 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53040 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53040 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53040 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53040 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53040 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53040 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53040 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53040 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53040 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53040 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53040 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53040 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53040 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53040 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53040 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53040 |
|
1 | |
| File | Write | filename = hin.ppt, size = 771181 |
|
1 | |
| System | Get Time | type = Ticks, time = 53055 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 7, size_out = 7 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 37, size_out = 37 |
|
1 | |
| File | Get Info | filename = cvn-nhc, type = file_attributes |
|
1 | |
| File | Create | filename = cvn-nhc, desired_access = GENERIC_WRITE, share_mode = FILE_SHARE_READ |
|
1 | |
| File | Get Info | filename = cvn-nhc, type = file_type |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 9115, size_out = 9115 |
|
1 | |
| System | Get Time | type = Ticks, time = 53071 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53071 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53071 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53071 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53071 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53071 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53071 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53071 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53071 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53071 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53071 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53071 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53071 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53071 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53071 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53071 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53071 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53071 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53071 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53071 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53071 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53071 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53071 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53071 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53071 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53071 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53071 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53071 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53071 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53071 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53071 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53071 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53071 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53071 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53071 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53071 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53071 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53071 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53071 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53071 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53071 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53071 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53071 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53071 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53071 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53071 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53071 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53071 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53071 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53071 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53071 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53071 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53071 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53071 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53071 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53071 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53071 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53071 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53071 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53071 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53071 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53071 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53071 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53087 |
|
1 | |
| File | Write | filename = cvn-nhc, size = 3022508 |
|
1 | |
| System | Get Time | type = Ticks, time = 53149 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 7, size_out = 7 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 32, size_out = 32 |
|
1 | |
| File | Get Info | filename = cih.exe, type = file_attributes |
|
1 | |
| File | Create | filename = cih.exe, desired_access = GENERIC_WRITE, share_mode = FILE_SHARE_READ |
|
1 | |
| File | Get Info | filename = cih.exe, type = file_type |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 32768, size_out = 32768 |
|
1 | |
| System | Get Time | type = Ticks, time = 53196 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 32736, size_out = 32736 |
|
1 | |
| System | Get Time | type = Ticks, time = 53196 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 32736, size_out = 32736 |
|
1 | |
| System | Get Time | type = Ticks, time = 53196 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 32736, size_out = 32736 |
|
1 | |
| System | Get Time | type = Ticks, time = 53196 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 32736, size_out = 32736 |
|
1 | |
| System | Get Time | type = Ticks, time = 53211 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 32736, size_out = 32736 |
|
1 | |
| System | Get Time | type = Ticks, time = 53211 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 32736, size_out = 32736 |
|
1 | |
| System | Get Time | type = Ticks, time = 53211 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 32736, size_out = 32736 |
|
1 | |
| System | Get Time | type = Ticks, time = 53211 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 32736, size_out = 32736 |
|
1 | |
| System | Get Time | type = Ticks, time = 53211 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 32736, size_out = 32736 |
|
1 | |
| System | Get Time | type = Ticks, time = 53211 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 32736, size_out = 32736 |
|
1 | |
| System | Get Time | type = Ticks, time = 53211 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 5087, size_out = 5087 |
|
1 | |
| System | Get Time | type = Ticks, time = 53211 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53211 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53211 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53211 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53211 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53211 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53211 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53211 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53211 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53211 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53211 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53211 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53211 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53211 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53211 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53211 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53211 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53211 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53211 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53211 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53211 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53211 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53211 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53211 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53211 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53211 |
|
1 | |
| File | Write | filename = cih.exe, size = 65536 |
|
1 | |
| System | Get Time | type = Ticks, time = 53211 |
|
1 | |
| File | Write | filename = cih.exe, size = 65536 |
|
1 | |
| System | Get Time | type = Ticks, time = 53211 |
|
1 | |
| File | Write | filename = cih.exe, size = 65536 |
|
1 | |
| System | Get Time | type = Ticks, time = 53211 |
|
1 | |
| File | Write | filename = cih.exe, size = 65536 |
|
1 | |
| System | Get Time | type = Ticks, time = 53211 |
|
1 | |
| File | Write | filename = cih.exe, size = 65536 |
|
1 | |
| System | Get Time | type = Ticks, time = 53227 |
|
1 | |
| File | Write | filename = cih.exe, size = 65536 |
|
1 | |
| System | Get Time | type = Ticks, time = 53227 |
|
1 | |
| File | Write | filename = cih.exe, size = 65536 |
|
1 | |
| System | Get Time | type = Ticks, time = 53227 |
|
1 | |
| File | Write | filename = cih.exe, size = 65536 |
|
1 | |
| System | Get Time | type = Ticks, time = 53227 |
|
1 | |
| File | Write | filename = cih.exe, size = 2560 |
|
1 | |
| System | Get Time | type = Ticks, time = 53227 |
|
1 | |
| File | Write | filename = cih.exe, size = 1792 |
|
1 | |
| System | Get Time | type = Ticks, time = 53227 |
|
1 | |
| File | Write | filename = cih.exe, size = 5888 |
|
1 | |
| System | Get Time | type = Ticks, time = 53227 |
|
1 | |
| File | Write | filename = cih.exe, size = 768 |
|
1 | |
| System | Get Time | type = Ticks, time = 53227 |
|
1 | |
| File | Write | filename = cih.exe, size = 37632 |
|
1 | |
| System | Get Time | type = Ticks, time = 53227 |
|
1 | |
| File | Write | filename = cih.exe, size = 2560 |
|
1 | |
| System | Get Time | type = Ticks, time = 53227 |
|
1 | |
| File | Write | filename = cih.exe, size = 8960 |
|
1 | |
| System | Get Time | type = Ticks, time = 53227 |
|
1 | |
| File | Write | filename = cih.exe, size = 1536 |
|
1 | |
| System | Get Time | type = Ticks, time = 53227 |
|
1 | |
| File | Write | filename = cih.exe, size = 256 |
|
1 | |
| System | Get Time | type = Ticks, time = 53227 |
|
1 | |
| File | Write | filename = cih.exe, size = 1024 |
|
1 | |
| System | Get Time | type = Ticks, time = 53227 |
|
1 | |
| File | Write | filename = cih.exe, size = 28672 |
|
1 | |
| System | Get Time | type = Ticks, time = 53227 |
|
1 | |
| File | Write | filename = cih.exe, size = 1024 |
|
1 | |
| System | Get Time | type = Ticks, time = 53227 |
|
1 | |
| File | Write | filename = cih.exe, size = 95232 |
|
1 | |
| System | Get Time | type = Ticks, time = 53227 |
|
1 | |
| File | Write | filename = cih.exe, size = 1024 |
|
1 | |
| System | Get Time | type = Ticks, time = 53227 |
|
1 | |
| File | Write | filename = cih.exe, size = 512 |
|
1 | |
| System | Get Time | type = Ticks, time = 53227 |
|
1 | |
| File | Write | filename = cih.exe, size = 7168 |
|
1 | |
| System | Get Time | type = Ticks, time = 53243 |
|
1 | |
| File | Write | filename = cih.exe, size = 16896 |
|
1 | |
| System | Get Time | type = Ticks, time = 53243 |
|
1 | |
| File | Write | filename = cih.exe, size = 4864 |
|
1 | |
| System | Get Time | type = Ticks, time = 53243 |
|
1 | |
| File | Write | filename = cih.exe, size = 7664 |
|
1 | |
| System | Get Time | type = Ticks, time = 53243 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 7, size_out = 7 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 37, size_out = 37 |
|
1 | |
| File | Get Info | filename = jdl.jpg, type = file_attributes |
|
1 | |
| File | Create | filename = jdl.jpg, desired_access = GENERIC_WRITE, share_mode = FILE_SHARE_READ |
|
1 | |
| File | Get Info | filename = jdl.jpg, type = file_type |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 476, size_out = 476 |
|
1 | |
| System | Get Time | type = Ticks, time = 53243 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53243 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53243 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53243 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53243 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53243 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53243 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53243 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53243 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53243 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53243 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53243 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53243 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53243 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53243 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53243 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53243 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53243 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53243 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53243 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53243 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53243 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53243 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53243 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53243 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53243 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53243 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53243 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53243 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53243 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53243 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53243 |
|
1 | |
| File | Write | filename = jdl.jpg, size = 593 |
|
1 | |
| System | Get Time | type = Ticks, time = 53243 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 7, size_out = 7 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 36, size_out = 36 |
|
1 | |
| File | Get Info | filename = vqm.xl, type = file_attributes |
|
1 | |
| File | Create | filename = vqm.xl, desired_access = GENERIC_WRITE, share_mode = FILE_SHARE_READ |
|
1 | |
| File | Get Info | filename = vqm.xl, type = file_type |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 427, size_out = 427 |
|
1 | |
| System | Get Time | type = Ticks, time = 53258 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53258 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53258 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53258 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53258 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53258 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53258 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53258 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53258 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53258 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53258 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53258 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53258 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53258 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53258 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53258 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53258 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53258 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53258 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53258 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53258 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53258 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53258 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53258 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53258 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53258 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53258 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53258 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53258 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53258 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53258 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53258 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53258 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53258 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53258 |
|
1 | |
| File | Write | filename = vqm.xl, size = 525 |
|
1 | |
| System | Get Time | type = Ticks, time = 53258 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 7, size_out = 7 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 37, size_out = 37 |
|
1 | |
| File | Get Info | filename = bcu.mp4, type = file_attributes |
|
1 | |
| File | Create | filename = bcu.mp4, desired_access = GENERIC_WRITE, share_mode = FILE_SHARE_READ |
|
1 | |
| File | Get Info | filename = bcu.mp4, type = file_type |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 425, size_out = 425 |
|
1 | |
| System | Get Time | type = Ticks, time = 53258 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53258 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53258 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53258 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53258 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53258 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53258 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53258 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53258 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53258 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53258 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53258 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53258 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53258 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53258 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53258 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53258 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53258 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53258 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53258 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53258 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53258 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53258 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53258 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53258 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53258 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53258 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53258 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53258 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53258 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53258 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53258 |
|
1 | |
| File | Write | filename = bcu.mp4, size = 521 |
|
1 | |
| System | Get Time | type = Ticks, time = 53258 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 7, size_out = 7 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 37, size_out = 37 |
|
1 | |
| File | Get Info | filename = rnr.mp3, type = file_attributes |
|
1 | |
| File | Create | filename = rnr.mp3, desired_access = GENERIC_WRITE, share_mode = FILE_SHARE_READ |
|
1 | |
| File | Get Info | filename = rnr.mp3, type = file_type |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 452, size_out = 452 |
|
1 | |
| System | Get Time | type = Ticks, time = 53258 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53258 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53258 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53274 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53274 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53274 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53274 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53274 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53274 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53274 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53274 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53274 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53274 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53274 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53274 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53274 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53274 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53274 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53274 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53274 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53274 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53274 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53274 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53274 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53274 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53274 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53274 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53274 |
|
1 | |
| File | Write | filename = rnr.mp3, size = 556 |
|
1 | |
| System | Get Time | type = Ticks, time = 53274 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 7, size_out = 7 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 37, size_out = 37 |
|
1 | |
| File | Get Info | filename = cvg.mp4, type = file_attributes |
|
1 | |
| File | Create | filename = cvg.mp4, desired_access = GENERIC_WRITE, share_mode = FILE_SHARE_READ |
|
1 | |
| File | Get Info | filename = cvg.mp4, type = file_type |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 411, size_out = 411 |
|
1 | |
| System | Get Time | type = Ticks, time = 53274 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53274 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53274 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53274 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53274 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53274 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53274 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53274 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53274 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53274 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53274 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53274 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53274 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53274 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53274 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53274 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53274 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53274 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53274 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53274 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53274 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53274 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53274 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53274 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53274 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53274 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53274 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53274 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53274 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53274 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53274 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53274 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53274 |
|
1 | |
| File | Read | filename = C:\Users\EEBsYm5\Desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe, size = 0, size_out = 0 |
|
1 | |
| System | Get Time | type = Ticks, time = 53274 |
|
1 | |
| File | Write | filename = cvg.mp4, size = 505 |
|
1 | |
| System | Get Time | type = Ticks, time = 53274 |
|
1 | |
|
For performance reasons, the remaining 3040 entries are omitted.
The remaining entries can be found in glog.xml. |
|||||
| Information | Value |
|---|---|
| ID | #2 |
| File Name | c:\users\eebsym5\appdata\local\temp\60484525\cih.exe |
| Command Line | "C:\Users\EEBsYm5\AppData\Local\Temp\60484525\cih.exe" cvn-nhc |
| Initial Working Directory | C:\Users\EEBsYm5\AppData\Local\Temp\60484525\ |
| Monitor | Start Time: 00:00:16, Reason: Child Process |
| Unmonitor | End Time: 00:02:11, Reason: Terminated by Timeout |
| Monitor Duration | 00:01:55 |
| Information | Value |
|---|---|
| PID | 0xa20 |
| Parent PID | 0xa00 (c:\users\eebsym5\desktop\9c3648e343b57ebf1fb3fe567deceb0da3499989dd56d4e82dd8911c3adf239d.exe) |
| Is Created or Modified Executable |
|
| Integrity Level | High (Elevated) |
| Username | CRH2YWU7\EEBsYm5 |
| Groups |
|
| Enabled Privileges | SeChangeNotifyPrivilege, SeImpersonatePrivilege, SeCreateGlobalPrivilege |
| Thread IDs |
0x
A24
0x
A28
0x
A2C
|
