Malicious Word Doc. Uses Multiple Sandbox Evasion Techniques | IOCs
Try VMRay Analyzer
| File Count | 173 |
| Registry Count | 161 |
| Mutex Count | 18 |
| URL Count | 27 |
| IP Count | 3 |
| Filename | Normalized Filename | Operations | Hash Values |
|---|---|---|---|
| \??\C:\Users\aETAdzjz\AppData\Local\Temp\upde25b4796.exe | \??\c:\users\aetadzjz\appdata\local\temp\upde25b4796.exe | Access | - |
| \??\C:\Users\aETAdzjz\AppData\Roaming\iuoldw.exe | \??\c:\users\aetadzjz\appdata\roaming\iuoldw.exe | Access | - |
| \??\C:\Users\aETAdzjz\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\roottools.exe | \??\c:\users\aetadzjz\appdata\roaming\macromedia\flash player\macromedia.com\support\flashplayer\sys\roottools.exe | Access | - |
| \\.\pipe\D3B6C4DE8CF79A854B549EE232F08C89 | \device\namedpipe\d3b6c4de8cf79a854b549ee232f08c89 | Access, Read, Write | - |
| C:\popupkiller.exe | c:\popupkiller.exe | Access | - |
| C:\Program Files (x86)\CuteFTP\sm.dat | c:\program files (x86)\cuteftp\sm.dat | Access | - |
| C:\Program Files (x86)\GlobalSCAPE\CuteFTP Lite\sm.dat | c:\program files (x86)\globalscape\cuteftp lite\sm.dat | Access | - |
| C:\Program Files (x86)\GlobalSCAPE\CuteFTP Pro\sm.dat | c:\program files (x86)\globalscape\cuteftp pro\sm.dat | Access | - |
| C:\Program Files (x86)\GlobalSCAPE\CuteFTP\sm.dat | c:\program files (x86)\globalscape\cuteftp\sm.dat | Access | - |
| C:\Program Files (x86)\Mozilla Firefox | c:\program files (x86)\mozilla firefox | Access | - |
| C:\ProgramData\CuteFTP\sm.dat | c:\programdata\cuteftp\sm.dat | Access | - |
| C:\ProgramData\FileZilla\filezilla.xml | c:\programdata\filezilla\filezilla.xml | Access | - |
| C:\ProgramData\FileZilla\recentservers.xml | c:\programdata\filezilla\recentservers.xml | Access | - |
| C:\ProgramData\FileZilla\sitemanager.xml | c:\programdata\filezilla\sitemanager.xml | Access | - |
| C:\ProgramData\GHISLER\wcx_ftp.ini | c:\programdata\ghisler\wcx_ftp.ini | Access | - |
| C:\ProgramData\GlobalSCAPE\CuteFTP Lite\sm.dat | c:\programdata\globalscape\cuteftp lite\sm.dat | Access | - |
| C:\ProgramData\GlobalSCAPE\CuteFTP Pro\sm.dat | c:\programdata\globalscape\cuteftp pro\sm.dat | Access | - |
| C:\ProgramData\GlobalSCAPE\CuteFTP\sm.dat | c:\programdata\globalscape\cuteftp\sm.dat | Access | - |
| C:\stimulator.exe | c:\stimulator.exe | Access | - |
| C:\TOOLS\execute.exe | c:\tools\execute.exe | Access | - |
| C:\Users\aETAdzjz\AppData\Local\CuteFTP\sm.dat | c:\users\aetadzjz\appdata\local\cuteftp\sm.dat | Access | - |
| C:\Users\aETAdzjz\AppData\Local\FileZilla\filezilla.xml | c:\users\aetadzjz\appdata\local\filezilla\filezilla.xml | Access | - |
| C:\Users\aETAdzjz\AppData\Local\FileZilla\recentservers.xml | c:\users\aetadzjz\appdata\local\filezilla\recentservers.xml | Access | - |
| C:\Users\aETAdzjz\AppData\Local\FileZilla\sitemanager.xml | c:\users\aetadzjz\appdata\local\filezilla\sitemanager.xml | Access | - |
| C:\Users\aETAdzjz\AppData\Local\GHISLER\wcx_ftp.ini | c:\users\aetadzjz\appdata\local\ghisler\wcx_ftp.ini | Access | - |
| C:\Users\aETAdzjz\AppData\Local\GlobalSCAPE\CuteFTP Lite\sm.dat | c:\users\aetadzjz\appdata\local\globalscape\cuteftp lite\sm.dat | Access | - |
| C:\Users\aETAdzjz\AppData\Local\GlobalSCAPE\CuteFTP Pro\sm.dat | c:\users\aetadzjz\appdata\local\globalscape\cuteftp pro\sm.dat | Access | - |
| C:\Users\aETAdzjz\AppData\Local\GlobalSCAPE\CuteFTP\sm.dat | c:\users\aetadzjz\appdata\local\globalscape\cuteftp\sm.dat | Access | - |
| C:\Users\aETAdzjz\AppData\Local\Google\Chrome\User Data\Default\Cookies | c:\users\aetadzjz\appdata\local\google\chrome\user data\default\cookies | Access, Read | - |
| C:\Users\aETAdzjz\AppData\Local\Google\Chrome\User Data\Default\Login Data | c:\users\aetadzjz\appdata\local\google\chrome\user data\default\login data | Access, Read | - |
| C:\Users\aETAdzjz\AppData\Local\Google\Chrome\User Data\Default\Login Data-journal | c:\users\aetadzjz\appdata\local\google\chrome\user data\default\login data-journal | Access, Read | - |
| C:\Users\aETAdzjz\AppData\Local\Google\Chrome\User Data\Default\Web Data | c:\users\aetadzjz\appdata\local\google\chrome\user data\default\web data | Access, Read | - |
| C:\Users\aETAdzjz\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal | c:\users\aetadzjz\appdata\local\google\chrome\user data\default\web data-journal | Access, Read | - |
| C:\Users\aETAdzjz\AppData\Local\Temp | c:\users\aetadzjz\appdata\local\temp | Access | - |
| C:\Users\aETAdzjz\AppData\Local\Temp\azuqkihi | c:\users\aetadzjz\appdata\local\temp\azuqkihi | Access | - |
| C:\Users\aETAdzjz\AppData\Local\Temp\cabB08D.tmp | c:\users\aetadzjz\appdata\local\temp\cabb08d.tmp | Access, Read, Write |
MD5: d41d8cd98f00b204e9800998ecf8427e
SHA1: da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| C:\Users\aETAdzjz\AppData\Local\Temp\cabB08E.tmp | c:\users\aetadzjz\appdata\local\temp\cabb08e.tmp | Access, Read, Write |
MD5: d41d8cd98f00b204e9800998ecf8427e
SHA1: da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| C:\Users\aETAdzjz\AppData\Local\Temp\cabB08F.tmp | c:\users\aetadzjz\appdata\local\temp\cabb08f.tmp | Access, Read, Write |
MD5: d41d8cd98f00b204e9800998ecf8427e
SHA1: da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| C:\Users\aETAdzjz\AppData\Local\Temp\cabB090.tmp | c:\users\aetadzjz\appdata\local\temp\cabb090.tmp | Access, Read, Write |
MD5: d41d8cd98f00b204e9800998ecf8427e
SHA1: da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| C:\Users\aETAdzjz\AppData\Local\Temp\cabB091.tmp | c:\users\aetadzjz\appdata\local\temp\cabb091.tmp | Access, Read, Write |
MD5: d41d8cd98f00b204e9800998ecf8427e
SHA1: da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| C:\Users\aETAdzjz\AppData\Local\Temp\cabB092.tmp | c:\users\aetadzjz\appdata\local\temp\cabb092.tmp | Access |
MD5: d41d8cd98f00b204e9800998ecf8427e
SHA1: da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| C:\Users\aETAdzjz\AppData\Local\Temp\cabB0A3.tmp | c:\users\aetadzjz\appdata\local\temp\cabb0a3.tmp | Access |
MD5: d41d8cd98f00b204e9800998ecf8427e
SHA1: da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| C:\Users\aETAdzjz\AppData\Local\Temp\cabB0A4.tmp | c:\users\aetadzjz\appdata\local\temp\cabb0a4.tmp | Access |
MD5: d41d8cd98f00b204e9800998ecf8427e
SHA1: da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| C:\Users\aETAdzjz\AppData\Local\Temp\cabB0A5.tmp | c:\users\aetadzjz\appdata\local\temp\cabb0a5.tmp | Access |
MD5: d41d8cd98f00b204e9800998ecf8427e
SHA1: da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| C:\Users\aETAdzjz\AppData\Local\Temp\cabB0A6.tmp | c:\users\aetadzjz\appdata\local\temp\cabb0a6.tmp | Access |
MD5: d41d8cd98f00b204e9800998ecf8427e
SHA1: da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| C:\Users\aETAdzjz\AppData\Local\Temp\cooB07B.tmp | c:\users\aetadzjz\appdata\local\temp\coob07b.tmp | Access, Read, Write |
MD5: d41d8cd98f00b204e9800998ecf8427e
SHA1: da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| C:\Users\aETAdzjz\AppData\Local\Temp\flaB08C.tmp | c:\users\aetadzjz\appdata\local\temp\flab08c.tmp | Access, Read, Write |
MD5: d41d8cd98f00b204e9800998ecf8427e
SHA1: da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| C:\Users\aETAdzjz\AppData\Local\Temp\giilemz | c:\users\aetadzjz\appdata\local\temp\giilemz | Access | - |
| C:\Users\aETAdzjz\AppData\Local\Temp\pyidom | c:\users\aetadzjz\appdata\local\temp\pyidom | Access | - |
| C:\Users\aETAdzjz\AppData\Local\Temp\sofB0D5.tmp | c:\users\aetadzjz\appdata\local\temp\sofb0d5.tmp | Access, Read, Write |
MD5: d41d8cd98f00b204e9800998ecf8427e
SHA1: da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| C:\Users\aETAdzjz\AppData\Local\Temp\upd9dba1b78.bat | c:\users\aetadzjz\appdata\local\temp\upd9dba1b78.bat | Access, Write |
MD5: d41d8cd98f00b204e9800998ecf8427e
SHA1: da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| C:\Users\aETAdzjz\AppData\Local\Temp\updaa5900b0.bat | c:\users\aetadzjz\appdata\local\temp\updaa5900b0.bat | Access, Write |
MD5: d41d8cd98f00b204e9800998ecf8427e
SHA1: da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| C:\Users\aETAdzjz\AppData\Local\Temp\upde25b4796.exe | c:\users\aetadzjz\appdata\local\temp\upde25b4796.exe | Access, Read, Write |
MD5: d41d8cd98f00b204e9800998ecf8427e
SHA1: da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| C:\Users\aETAdzjz\AppData\Local\Temp\usontoi | c:\users\aetadzjz\appdata\local\temp\usontoi | Access | - |
| C:\Users\aETAdzjz\AppData\Local\Temp\xekeov | c:\users\aetadzjz\appdata\local\temp\xekeov | Access | - |
| C:\Users\aETAdzjz\AppData\Local\Temp\xeyzlap | c:\users\aetadzjz\appdata\local\temp\xeyzlap | Access | - |
| C:\Users\aETAdzjz\AppData\Local\VirtualStore\Windows\wcx_ftp.ini | c:\users\aetadzjz\appdata\local\virtualstore\windows\wcx_ftp.ini | Access | - |
| C:\Users\aETAdzjz\AppData\Roaming | c:\users\aetadzjz\appdata\roaming | Access | - |
| C:\Users\aETAdzjz\AppData\Roaming\CuteFTP\sm.dat | c:\users\aetadzjz\appdata\roaming\cuteftp\sm.dat | Access | - |
| C:\Users\aETAdzjz\AppData\Roaming\FileZilla\filezilla.xml | c:\users\aetadzjz\appdata\roaming\filezilla\filezilla.xml | Access | - |
| C:\Users\aETAdzjz\AppData\Roaming\FileZilla\recentservers.xml | c:\users\aetadzjz\appdata\roaming\filezilla\recentservers.xml | Access | - |
| C:\Users\aETAdzjz\AppData\Roaming\FileZilla\sitemanager.xml | c:\users\aetadzjz\appdata\roaming\filezilla\sitemanager.xml | Access | - |
| C:\Users\aETAdzjz\AppData\Roaming\GHISLER\wcx_ftp.ini | c:\users\aetadzjz\appdata\roaming\ghisler\wcx_ftp.ini | Access | - |
| C:\Users\aETAdzjz\AppData\Roaming\GlobalSCAPE\CuteFTP Lite\sm.dat | c:\users\aetadzjz\appdata\roaming\globalscape\cuteftp lite\sm.dat | Access | - |
| C:\Users\aETAdzjz\AppData\Roaming\GlobalSCAPE\CuteFTP Pro\sm.dat | c:\users\aetadzjz\appdata\roaming\globalscape\cuteftp pro\sm.dat | Access | - |
| C:\Users\aETAdzjz\AppData\Roaming\GlobalSCAPE\CuteFTP\sm.dat | c:\users\aetadzjz\appdata\roaming\globalscape\cuteftp\sm.dat | Access | - |
| C:\Users\aETAdzjz\AppData\Roaming\iuoldw.exe | c:\users\aetadzjz\appdata\roaming\iuoldw.exe | Access, Read | - |
| C:\Users\aETAdzjz\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys | c:\users\aetadzjz\appdata\roaming\macromedia\flash player\macromedia.com\support\flashplayer\sys | Access | - |
| C:\Users\aETAdzjz\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\Microsoft OneDrive.rig | c:\users\aetadzjz\appdata\roaming\macromedia\flash player\macromedia.com\support\flashplayer\sys\microsoft onedrive.rig | Access, Write |
MD5: d41d8cd98f00b204e9800998ecf8427e
SHA1: da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| C:\Users\aETAdzjz\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\rO4p00rRfog3ie0eV3.ecv | c:\users\aetadzjz\appdata\roaming\macromedia\flash player\macromedia.com\support\flashplayer\sys\ro4p00rrfog3ie0ev3.ecv | Access, Read, Write |
MD5: d41d8cd98f00b204e9800998ecf8427e
SHA1: da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| C:\Users\aETAdzjz\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\roottools.exe | c:\users\aetadzjz\appdata\roaming\macromedia\flash player\macromedia.com\support\flashplayer\sys\roottools.exe | Access, Read, Write |
MD5: d41d8cd98f00b204e9800998ecf8427e
SHA1: da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| C:\Users\aETAdzjz\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\settings.sol | c:\users\aetadzjz\appdata\roaming\macromedia\flash player\macromedia.com\support\flashplayer\sys\settings.sol | Access, Read | - |
| C:\Users\aETAdzjz\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\SJpF7mOw3gFdA.hin | c:\users\aetadzjz\appdata\roaming\macromedia\flash player\macromedia.com\support\flashplayer\sys\sjpf7mow3gfda.hin | Access, Read, Write |
MD5: d41d8cd98f00b204e9800998ecf8427e
SHA1: da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| C:\Users\aETAdzjz\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\SJpF7mOw3gFdA.tmp | c:\users\aetadzjz\appdata\roaming\macromedia\flash player\macromedia.com\support\flashplayer\sys\sjpf7mow3gfda.tmp | Access, Read |
MD5: d41d8cd98f00b204e9800998ecf8427e
SHA1: da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| C:\Users\aETAdzjz\AppData\Roaming\Microsoft\Windows\Cookies\aetadzjz@g.live[1].txt | c:\users\aetadzjz\appdata\roaming\microsoft\windows\cookies\aetadzjz@g.live[1].txt | Access, Read | - |
| C:\Users\aETAdzjz\AppData\Roaming\Microsoft\Windows\Cookies\aetadzjz@google[1].txt | c:\users\aetadzjz\appdata\roaming\microsoft\windows\cookies\aetadzjz@google[1].txt | Access, Read |
MD5: d41d8cd98f00b204e9800998ecf8427e
SHA1: da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| C:\Users\aETAdzjz\AppData\Roaming\Microsoft\Windows\Cookies\aetadzjz@live[1].txt | c:\users\aetadzjz\appdata\roaming\microsoft\windows\cookies\aetadzjz@live[1].txt | Access, Read | - |
| C:\Users\aETAdzjz\AppData\Roaming\Microsoft\Windows\Cookies\Low\aetadzjz@ad.360yield[2].txt | c:\users\aetadzjz\appdata\roaming\microsoft\windows\cookies\low\aetadzjz@ad.360yield[2].txt | Access, Read | - |
| C:\Users\aETAdzjz\AppData\Roaming\Microsoft\Windows\Cookies\Low\aetadzjz@ad13.adfarm1.adition[2].txt | c:\users\aetadzjz\appdata\roaming\microsoft\windows\cookies\low\aetadzjz@ad13.adfarm1.adition[2].txt | Access, Read | - |
| C:\Users\aETAdzjz\AppData\Roaming\Microsoft\Windows\Cookies\Low\aetadzjz@addthis[2].txt | c:\users\aetadzjz\appdata\roaming\microsoft\windows\cookies\low\aetadzjz@addthis[2].txt | Access, Read | - |
| C:\Users\aETAdzjz\AppData\Roaming\Microsoft\Windows\Cookies\Low\aetadzjz@adfarm1.adition[2].txt | c:\users\aetadzjz\appdata\roaming\microsoft\windows\cookies\low\aetadzjz@adfarm1.adition[2].txt | Access, Read | - |
| C:\Users\aETAdzjz\AppData\Roaming\Microsoft\Windows\Cookies\Low\aetadzjz@adform[2].txt | c:\users\aetadzjz\appdata\roaming\microsoft\windows\cookies\low\aetadzjz@adform[2].txt | Access, Read | - |
| C:\Users\aETAdzjz\AppData\Roaming\Microsoft\Windows\Cookies\Low\aetadzjz@adformdsp[2].txt | c:\users\aetadzjz\appdata\roaming\microsoft\windows\cookies\low\aetadzjz@adformdsp[2].txt | Access, Read | - |
| C:\Users\aETAdzjz\AppData\Roaming\Microsoft\Windows\Cookies\Low\aetadzjz@adnxs[2].txt | c:\users\aetadzjz\appdata\roaming\microsoft\windows\cookies\low\aetadzjz@adnxs[2].txt | Access, Read | - |
| C:\Users\aETAdzjz\AppData\Roaming\Microsoft\Windows\Cookies\Low\aetadzjz@adscale[1].txt | c:\users\aetadzjz\appdata\roaming\microsoft\windows\cookies\low\aetadzjz@adscale[1].txt | Access, Read | - |
| C:\Users\aETAdzjz\AppData\Roaming\Microsoft\Windows\Cookies\Low\aetadzjz@adserving.ancoraplatform[2].txt | c:\users\aetadzjz\appdata\roaming\microsoft\windows\cookies\low\aetadzjz@adserving.ancoraplatform[2].txt | Access, Read | - |
| C:\Users\aETAdzjz\AppData\Roaming\Microsoft\Windows\Cookies\Low\aetadzjz@adsrvr[1].txt | c:\users\aetadzjz\appdata\roaming\microsoft\windows\cookies\low\aetadzjz@adsrvr[1].txt | Access, Read | - |
| C:\Users\aETAdzjz\AppData\Roaming\Microsoft\Windows\Cookies\Low\aetadzjz@adtech[2].txt | c:\users\aetadzjz\appdata\roaming\microsoft\windows\cookies\low\aetadzjz@adtech[2].txt | Access, Read | - |
| C:\Users\aETAdzjz\AppData\Roaming\Microsoft\Windows\Cookies\Low\aetadzjz@advertising[1].txt | c:\users\aetadzjz\appdata\roaming\microsoft\windows\cookies\low\aetadzjz@advertising[1].txt | Access, Read | - |
| C:\Users\aETAdzjz\AppData\Roaming\Microsoft\Windows\Cookies\Low\aetadzjz@angsrvr[2].txt | c:\users\aetadzjz\appdata\roaming\microsoft\windows\cookies\low\aetadzjz@angsrvr[2].txt | Access, Read | - |
| C:\Users\aETAdzjz\AppData\Roaming\Microsoft\Windows\Cookies\Low\aetadzjz@api.bing[2].txt | c:\users\aetadzjz\appdata\roaming\microsoft\windows\cookies\low\aetadzjz@api.bing[2].txt | Access, Read | - |
| C:\Users\aETAdzjz\AppData\Roaming\Microsoft\Windows\Cookies\Low\aetadzjz@at.atwola[2].txt | c:\users\aetadzjz\appdata\roaming\microsoft\windows\cookies\low\aetadzjz@at.atwola[2].txt | Access, Read | - |
| C:\Users\aETAdzjz\AppData\Roaming\Microsoft\Windows\Cookies\Low\aetadzjz@bidswitch[1].txt | c:\users\aetadzjz\appdata\roaming\microsoft\windows\cookies\low\aetadzjz@bidswitch[1].txt | Access, Read | - |
| C:\Users\aETAdzjz\AppData\Roaming\Microsoft\Windows\Cookies\Low\aetadzjz@bing[1].txt | c:\users\aetadzjz\appdata\roaming\microsoft\windows\cookies\low\aetadzjz@bing[1].txt | Access, Read | - |
| C:\Users\aETAdzjz\AppData\Roaming\Microsoft\Windows\Cookies\Low\aetadzjz@bluekai[1].txt | c:\users\aetadzjz\appdata\roaming\microsoft\windows\cookies\low\aetadzjz@bluekai[1].txt | Access, Read | - |
| C:\Users\aETAdzjz\AppData\Roaming\Microsoft\Windows\Cookies\Low\aetadzjz@bs.serving-sys[1].txt | c:\users\aetadzjz\appdata\roaming\microsoft\windows\cookies\low\aetadzjz@bs.serving-sys[1].txt | Access, Read | - |
| C:\Users\aETAdzjz\AppData\Roaming\Microsoft\Windows\Cookies\Low\aetadzjz@bs.serving-sys[3].txt | c:\users\aetadzjz\appdata\roaming\microsoft\windows\cookies\low\aetadzjz@bs.serving-sys[3].txt | Access, Read | - |
| C:\Users\aETAdzjz\AppData\Roaming\Microsoft\Windows\Cookies\Low\aetadzjz@c.bing[1].txt | c:\users\aetadzjz\appdata\roaming\microsoft\windows\cookies\low\aetadzjz@c.bing[1].txt | Access, Read | - |
| C:\Users\aETAdzjz\AppData\Roaming\Microsoft\Windows\Cookies\Low\aetadzjz@c.msn[2].txt | c:\users\aetadzjz\appdata\roaming\microsoft\windows\cookies\low\aetadzjz@c.msn[2].txt | Access, Read | - |
| C:\Users\aETAdzjz\AppData\Roaming\Microsoft\Windows\Cookies\Low\aetadzjz@c1.microsoft[2].txt | c:\users\aetadzjz\appdata\roaming\microsoft\windows\cookies\low\aetadzjz@c1.microsoft[2].txt | Access, Read | - |
| C:\Users\aETAdzjz\AppData\Roaming\Microsoft\Windows\Cookies\Low\aetadzjz@casalemedia[2].txt | c:\users\aetadzjz\appdata\roaming\microsoft\windows\cookies\low\aetadzjz@casalemedia[2].txt | Access, Read | - |
| C:\Users\aETAdzjz\AppData\Roaming\Microsoft\Windows\Cookies\Low\aetadzjz@connextra[2].txt | c:\users\aetadzjz\appdata\roaming\microsoft\windows\cookies\low\aetadzjz@connextra[2].txt | Access, Read | - |
| C:\Users\aETAdzjz\AppData\Roaming\Microsoft\Windows\Cookies\Low\aetadzjz@crwdcntrl[1].txt | c:\users\aetadzjz\appdata\roaming\microsoft\windows\cookies\low\aetadzjz@crwdcntrl[1].txt | Access, Read | - |
| C:\Users\aETAdzjz\AppData\Roaming\Microsoft\Windows\Cookies\Low\aetadzjz@demdex[1].txt | c:\users\aetadzjz\appdata\roaming\microsoft\windows\cookies\low\aetadzjz@demdex[1].txt | Access, Read | - |
| C:\Users\aETAdzjz\AppData\Roaming\Microsoft\Windows\Cookies\Low\aetadzjz@doubleclick[2].txt | c:\users\aetadzjz\appdata\roaming\microsoft\windows\cookies\low\aetadzjz@doubleclick[2].txt | Access, Read | - |
| C:\Users\aETAdzjz\AppData\Roaming\Microsoft\Windows\Cookies\Low\aetadzjz@dpm.demdex[1].txt | c:\users\aetadzjz\appdata\roaming\microsoft\windows\cookies\low\aetadzjz@dpm.demdex[1].txt | Access, Read | - |
| C:\Users\aETAdzjz\AppData\Roaming\Microsoft\Windows\Cookies\Low\aetadzjz@exelator[1].txt | c:\users\aetadzjz\appdata\roaming\microsoft\windows\cookies\low\aetadzjz@exelator[1].txt | Access, Read | - |
| C:\Users\aETAdzjz\AppData\Roaming\Microsoft\Windows\Cookies\Low\aetadzjz@eyeota[1].txt | c:\users\aetadzjz\appdata\roaming\microsoft\windows\cookies\low\aetadzjz@eyeota[1].txt | Access, Read | - |
| C:\Users\aETAdzjz\AppData\Roaming\Microsoft\Windows\Cookies\Low\aetadzjz@google[2].txt | c:\users\aetadzjz\appdata\roaming\microsoft\windows\cookies\low\aetadzjz@google[2].txt | Access, Read | - |
| C:\Users\aETAdzjz\AppData\Roaming\Microsoft\Windows\Cookies\Low\aetadzjz@ibeu2.mookie1[2].txt | c:\users\aetadzjz\appdata\roaming\microsoft\windows\cookies\low\aetadzjz@ibeu2.mookie1[2].txt | Access, Read | - |
| C:\Users\aETAdzjz\AppData\Roaming\Microsoft\Windows\Cookies\Low\aetadzjz@ih.adscale[1].txt | c:\users\aetadzjz\appdata\roaming\microsoft\windows\cookies\low\aetadzjz@ih.adscale[1].txt | Access, Read | - |
| C:\Users\aETAdzjz\AppData\Roaming\Microsoft\Windows\Cookies\Low\aetadzjz@linkedin[2].txt | c:\users\aetadzjz\appdata\roaming\microsoft\windows\cookies\low\aetadzjz@linkedin[2].txt | Access, Read | - |
| C:\Users\aETAdzjz\AppData\Roaming\Microsoft\Windows\Cookies\Low\aetadzjz@m.exactag[2].txt | c:\users\aetadzjz\appdata\roaming\microsoft\windows\cookies\low\aetadzjz@m.exactag[2].txt | Access, Read | - |
| C:\Users\aETAdzjz\AppData\Roaming\Microsoft\Windows\Cookies\Low\aetadzjz@mathtag[2].txt | c:\users\aetadzjz\appdata\roaming\microsoft\windows\cookies\low\aetadzjz@mathtag[2].txt | Access, Read | - |
| C:\Users\aETAdzjz\AppData\Roaming\Microsoft\Windows\Cookies\Low\aetadzjz@microsoft[1].txt | c:\users\aetadzjz\appdata\roaming\microsoft\windows\cookies\low\aetadzjz@microsoft[1].txt | Access, Read | - |
| C:\Users\aETAdzjz\AppData\Roaming\Microsoft\Windows\Cookies\Low\aetadzjz@msn[2].txt | c:\users\aetadzjz\appdata\roaming\microsoft\windows\cookies\low\aetadzjz@msn[2].txt | Access, Read | - |
| C:\Users\aETAdzjz\AppData\Roaming\Microsoft\Windows\Cookies\Low\aetadzjz@openx[1].txt | c:\users\aetadzjz\appdata\roaming\microsoft\windows\cookies\low\aetadzjz@openx[1].txt | Access, Read | - |
| C:\Users\aETAdzjz\AppData\Roaming\Microsoft\Windows\Cookies\Low\aetadzjz@pixel.rubiconproject[1].txt | c:\users\aetadzjz\appdata\roaming\microsoft\windows\cookies\low\aetadzjz@pixel.rubiconproject[1].txt | Access, Read | - |
| C:\Users\aETAdzjz\AppData\Roaming\Microsoft\Windows\Cookies\Low\aetadzjz@pubmatic[2].txt | c:\users\aetadzjz\appdata\roaming\microsoft\windows\cookies\low\aetadzjz@pubmatic[2].txt | Access, Read | - |
| C:\Users\aETAdzjz\AppData\Roaming\Microsoft\Windows\Cookies\Low\aetadzjz@rubiconproject[1].txt | c:\users\aetadzjz\appdata\roaming\microsoft\windows\cookies\low\aetadzjz@rubiconproject[1].txt | Access, Read | - |
| C:\Users\aETAdzjz\AppData\Roaming\Microsoft\Windows\Cookies\Low\aetadzjz@scorecardresearch[2].txt | c:\users\aetadzjz\appdata\roaming\microsoft\windows\cookies\low\aetadzjz@scorecardresearch[2].txt | Access, Read | - |
| C:\Users\aETAdzjz\AppData\Roaming\Microsoft\Windows\Cookies\Low\aetadzjz@semasio[1].txt | c:\users\aetadzjz\appdata\roaming\microsoft\windows\cookies\low\aetadzjz@semasio[1].txt | Access, Read | - |
| C:\Users\aETAdzjz\AppData\Roaming\Microsoft\Windows\Cookies\Low\aetadzjz@server.adformdsp[2].txt | c:\users\aetadzjz\appdata\roaming\microsoft\windows\cookies\low\aetadzjz@server.adformdsp[2].txt | Access, Read | - |
| C:\Users\aETAdzjz\AppData\Roaming\Microsoft\Windows\Cookies\Low\aetadzjz@serving-sys[2].txt | c:\users\aetadzjz\appdata\roaming\microsoft\windows\cookies\low\aetadzjz@serving-sys[2].txt | Access, Read | - |
| C:\Users\aETAdzjz\AppData\Roaming\Microsoft\Windows\Cookies\Low\aetadzjz@serving.experianmarketingservices[1].txt | c:\users\aetadzjz\appdata\roaming\microsoft\windows\cookies\low\aetadzjz@serving.experianmarketingservices[1].txt | Access, Read | - |
| C:\Users\aETAdzjz\AppData\Roaming\Microsoft\Windows\Cookies\Low\aetadzjz@smartadserver[1].txt | c:\users\aetadzjz\appdata\roaming\microsoft\windows\cookies\low\aetadzjz@smartadserver[1].txt | Access, Read | - |
| C:\Users\aETAdzjz\AppData\Roaming\Microsoft\Windows\Cookies\Low\aetadzjz@tapad[2].txt | c:\users\aetadzjz\appdata\roaming\microsoft\windows\cookies\low\aetadzjz@tapad[2].txt | Access, Read | - |
| C:\Users\aETAdzjz\AppData\Roaming\Microsoft\Windows\Cookies\Low\aetadzjz@track.adform[2].txt | c:\users\aetadzjz\appdata\roaming\microsoft\windows\cookies\low\aetadzjz@track.adform[2].txt | Access, Read | - |
| C:\Users\aETAdzjz\AppData\Roaming\Microsoft\Windows\Cookies\Low\aetadzjz@turn[1].txt | c:\users\aetadzjz\appdata\roaming\microsoft\windows\cookies\low\aetadzjz@turn[1].txt | Access, Read | - |
| C:\Users\aETAdzjz\AppData\Roaming\Microsoft\Windows\Cookies\Low\aetadzjz@w55c[2].txt | c:\users\aetadzjz\appdata\roaming\microsoft\windows\cookies\low\aetadzjz@w55c[2].txt | Access, Read | - |
| C:\Users\aETAdzjz\AppData\Roaming\Microsoft\Windows\Cookies\Low\aetadzjz@www.bing[1].txt | c:\users\aetadzjz\appdata\roaming\microsoft\windows\cookies\low\aetadzjz@www.bing[1].txt | Access, Read | - |
| C:\Users\aETAdzjz\AppData\Roaming\Microsoft\Windows\Cookies\Low\aetadzjz@www.linkedin[1].txt | c:\users\aetadzjz\appdata\roaming\microsoft\windows\cookies\low\aetadzjz@www.linkedin[1].txt | Access, Read | - |
| C:\Users\aETAdzjz\AppData\Roaming\Microsoft\Windows\Cookies\Low\aetadzjz@www.msn[2].txt | c:\users\aetadzjz\appdata\roaming\microsoft\windows\cookies\low\aetadzjz@www.msn[2].txt | Access, Read | - |
| C:\Users\aETAdzjz\AppData\Roaming\Mozilla\Firefox\ | c:\users\aetadzjz\appdata\roaming\mozilla\firefox | Access | - |
| C:\Users\aETAdzjz\AppData\Roaming\Mozilla\Firefox\Crash Reports\InstallTime20131025151332 | c:\users\aetadzjz\appdata\roaming\mozilla\firefox\crash reports\installtime20131025151332 | Access | - |
| C:\Users\aETAdzjz\AppData\Roaming\Mozilla\Firefox\profiles.ini | c:\users\aetadzjz\appdata\roaming\mozilla\firefox\profiles.ini | Access | - |
| C:\Users\aETAdzjz\AppData\Roaming\Mozilla\Firefox\Profiles\3y2joh8o.default\addons.json | c:\users\aetadzjz\appdata\roaming\mozilla\firefox\profiles\3y2joh8o.default\addons.json | Access | - |
| C:\Users\aETAdzjz\AppData\Roaming\Mozilla\Firefox\Profiles\3y2joh8o.default\bookmarkbackups\bookmarks-2017-06-30_5.json | c:\users\aetadzjz\appdata\roaming\mozilla\firefox\profiles\3y2joh8o.default\bookmarkbackups\bookmarks-2017-06-30_5.json | Access | - |
| C:\Users\aETAdzjz\AppData\Roaming\Mozilla\Firefox\Profiles\3y2joh8o.default\bookmarkbackups\bookmarks-2017-07-26_5.json | c:\users\aetadzjz\appdata\roaming\mozilla\firefox\profiles\3y2joh8o.default\bookmarkbackups\bookmarks-2017-07-26_5.json | Access | - |
| C:\Users\aETAdzjz\AppData\Roaming\Mozilla\Firefox\Profiles\3y2joh8o.default\cert8.db | c:\users\aetadzjz\appdata\roaming\mozilla\firefox\profiles\3y2joh8o.default\cert8.db | Access | - |
| C:\Users\aETAdzjz\AppData\Roaming\Mozilla\Firefox\Profiles\3y2joh8o.default\compatibility.ini | c:\users\aetadzjz\appdata\roaming\mozilla\firefox\profiles\3y2joh8o.default\compatibility.ini | Access | - |
| C:\Users\aETAdzjz\AppData\Roaming\Mozilla\Firefox\Profiles\3y2joh8o.default\content-prefs.sqlite | c:\users\aetadzjz\appdata\roaming\mozilla\firefox\profiles\3y2joh8o.default\content-prefs.sqlite | Access | - |
| C:\Users\aETAdzjz\AppData\Roaming\Mozilla\Firefox\Profiles\3y2joh8o.default\cookies.sqlite | c:\users\aetadzjz\appdata\roaming\mozilla\firefox\profiles\3y2joh8o.default\cookies.sqlite | Access, Read | - |
| C:\Users\aETAdzjz\AppData\Roaming\Mozilla\Firefox\Profiles\3y2joh8o.default\downloads.sqlite | c:\users\aetadzjz\appdata\roaming\mozilla\firefox\profiles\3y2joh8o.default\downloads.sqlite | Access | - |
| C:\Users\aETAdzjz\AppData\Roaming\Mozilla\Firefox\Profiles\3y2joh8o.default\extensions.ini | c:\users\aetadzjz\appdata\roaming\mozilla\firefox\profiles\3y2joh8o.default\extensions.ini | Access | - |
| C:\Users\aETAdzjz\AppData\Roaming\Mozilla\Firefox\Profiles\3y2joh8o.default\extensions.sqlite | c:\users\aetadzjz\appdata\roaming\mozilla\firefox\profiles\3y2joh8o.default\extensions.sqlite | Access | - |
| C:\Users\aETAdzjz\AppData\Roaming\Mozilla\Firefox\Profiles\3y2joh8o.default\formhistory.sqlite | c:\users\aetadzjz\appdata\roaming\mozilla\firefox\profiles\3y2joh8o.default\formhistory.sqlite | Access, Read | - |
| C:\Users\aETAdzjz\AppData\Roaming\Mozilla\Firefox\Profiles\3y2joh8o.default\healthreport.sqlite | c:\users\aetadzjz\appdata\roaming\mozilla\firefox\profiles\3y2joh8o.default\healthreport.sqlite | Access | - |
| C:\Users\aETAdzjz\AppData\Roaming\Mozilla\Firefox\Profiles\3y2joh8o.default\indexedDB\moz-safe-about+home\.metadata | c:\users\aetadzjz\appdata\roaming\mozilla\firefox\profiles\3y2joh8o.default\indexeddb\moz-safe-about+home\.metadata | Access | - |
| C:\Users\aETAdzjz\AppData\Roaming\Mozilla\Firefox\Profiles\3y2joh8o.default\indexedDB\moz-safe-about+home\idb\818200132aebmoouht.sqlite | c:\users\aetadzjz\appdata\roaming\mozilla\firefox\profiles\3y2joh8o.default\indexeddb\moz-safe-about+home\idb\818200132aebmoouht.sqlite | Access | - |
| C:\Users\aETAdzjz\AppData\Roaming\Mozilla\Firefox\Profiles\3y2joh8o.default\key3.db | c:\users\aetadzjz\appdata\roaming\mozilla\firefox\profiles\3y2joh8o.default\key3.db | Access | - |
| C:\Users\aETAdzjz\AppData\Roaming\Mozilla\Firefox\Profiles\3y2joh8o.default\localstore.rdf | c:\users\aetadzjz\appdata\roaming\mozilla\firefox\profiles\3y2joh8o.default\localstore.rdf | Access | - |
| C:\Users\aETAdzjz\AppData\Roaming\Mozilla\Firefox\Profiles\3y2joh8o.default\marionette.log | c:\users\aetadzjz\appdata\roaming\mozilla\firefox\profiles\3y2joh8o.default\marionette.log | Access | - |
| C:\Users\aETAdzjz\AppData\Roaming\Mozilla\Firefox\Profiles\3y2joh8o.default\mimeTypes.rdf | c:\users\aetadzjz\appdata\roaming\mozilla\firefox\profiles\3y2joh8o.default\mimetypes.rdf | Access | - |
| C:\Users\aETAdzjz\AppData\Roaming\Mozilla\Firefox\Profiles\3y2joh8o.default\parent.lock | c:\users\aetadzjz\appdata\roaming\mozilla\firefox\profiles\3y2joh8o.default\parent.lock | Access | - |
| C:\Users\aETAdzjz\AppData\Roaming\Mozilla\Firefox\Profiles\3y2joh8o.default\permissions.sqlite | c:\users\aetadzjz\appdata\roaming\mozilla\firefox\profiles\3y2joh8o.default\permissions.sqlite | Access | - |
| C:\Users\aETAdzjz\AppData\Roaming\Mozilla\Firefox\Profiles\3y2joh8o.default\places.sqlite | c:\users\aetadzjz\appdata\roaming\mozilla\firefox\profiles\3y2joh8o.default\places.sqlite | Access | - |
| C:\Users\aETAdzjz\AppData\Roaming\Mozilla\Firefox\Profiles\3y2joh8o.default\pluginreg.dat | c:\users\aetadzjz\appdata\roaming\mozilla\firefox\profiles\3y2joh8o.default\pluginreg.dat | Access | - |
| C:\Users\aETAdzjz\AppData\Roaming\Mozilla\Firefox\Profiles\3y2joh8o.default\prefs.js | c:\users\aetadzjz\appdata\roaming\mozilla\firefox\profiles\3y2joh8o.default\prefs.js | Access | - |
| C:\Users\aETAdzjz\AppData\Roaming\Mozilla\Firefox\Profiles\3y2joh8o.default\search.json | c:\users\aetadzjz\appdata\roaming\mozilla\firefox\profiles\3y2joh8o.default\search.json | Access | - |
| C:\Users\aETAdzjz\AppData\Roaming\Mozilla\Firefox\Profiles\3y2joh8o.default\secmod.db | c:\users\aetadzjz\appdata\roaming\mozilla\firefox\profiles\3y2joh8o.default\secmod.db | Access | - |
| C:\Users\aETAdzjz\AppData\Roaming\Mozilla\Firefox\Profiles\3y2joh8o.default\sessionstore.bak | c:\users\aetadzjz\appdata\roaming\mozilla\firefox\profiles\3y2joh8o.default\sessionstore.bak | Access | - |
| C:\Users\aETAdzjz\AppData\Roaming\Mozilla\Firefox\Profiles\3y2joh8o.default\sessionstore.js | c:\users\aetadzjz\appdata\roaming\mozilla\firefox\profiles\3y2joh8o.default\sessionstore.js | Access | - |
| C:\Users\aETAdzjz\AppData\Roaming\Mozilla\Firefox\Profiles\3y2joh8o.default\signons.sqlite | c:\users\aetadzjz\appdata\roaming\mozilla\firefox\profiles\3y2joh8o.default\signons.sqlite | Access, Read | - |
| C:\Users\aETAdzjz\AppData\Roaming\Mozilla\Firefox\Profiles\3y2joh8o.default\times.json | c:\users\aetadzjz\appdata\roaming\mozilla\firefox\profiles\3y2joh8o.default\times.json | Access | - |
| C:\Users\aETAdzjz\AppData\Roaming\Mozilla\Firefox\Profiles\3y2joh8o.default\urlclassifierkey3.txt | c:\users\aetadzjz\appdata\roaming\mozilla\firefox\profiles\3y2joh8o.default\urlclassifierkey3.txt | Access | - |
| C:\Users\aETAdzjz\AppData\Roaming\Mozilla\Firefox\Profiles\3y2joh8o.default\webapps\webapps.json | c:\users\aetadzjz\appdata\roaming\mozilla\firefox\profiles\3y2joh8o.default\webapps\webapps.json | Access | - |
| C:\Users\aETAdzjz\AppData\Roaming\Mozilla\Firefox\Profiles\3y2joh8o.default\webappsstore.sqlite | c:\users\aetadzjz\appdata\roaming\mozilla\firefox\profiles\3y2joh8o.default\webappsstore.sqlite | Access | - |
| C:\Users\aETAdzjz\Desktop | c:\users\aetadzjz\desktop | Access | - |
| C:\Users\aETAdzjz\wcx_ftp.ini | c:\users\aetadzjz\wcx_ftp.ini | Access | - |
| C:\Windows\system32 | c:\windows\system32 | Access | - |
| C:\Windows\wcx_ftp.ini | c:\windows\wcx_ftp.ini | Access | - |
| \\.\NPF_NdisWanIp | npf_ndiswanip | Access | - |
| Registry Key Name | Operations |
|---|---|
| HKEY_CLASSES_ROOT\Licenses | Access |
| HKEY_CLASSES_ROOT\Licenses\8804558B-B773-11d1-BC3E-0000F87552E7 | Read |
| HKEY_CLASSES_ROOT\TypeLib | Access |
| HKEY_CLASSES_ROOT\TypeLib\{00020430-0000-0000-C000-000000000046} | Access |
| HKEY_CLASSES_ROOT\TypeLib\{00020430-0000-0000-C000-000000000046}\2.0 | Access |
| HKEY_CLASSES_ROOT\TypeLib\{00020430-0000-0000-C000-000000000046}\2.0\0 | Access |
| HKEY_CLASSES_ROOT\TypeLib\{00020430-0000-0000-C000-000000000046}\2.0\0\win64 | Access, Read |
| HKEY_CLASSES_ROOT\TypeLib\{00020905-0000-0000-C000-000000000046} | Access |
| HKEY_CLASSES_ROOT\TypeLib\{00020905-0000-0000-C000-000000000046}\8.7 | Access |
| HKEY_CLASSES_ROOT\TypeLib\{00020905-0000-0000-C000-000000000046}\8.7\0 | Access |
| HKEY_CLASSES_ROOT\TypeLib\{00020905-0000-0000-C000-000000000046}\8.7\0\win64 | Read |
| HKEY_CLASSES_ROOT\TypeLib\{00020905-0000-0000-C000-000000000046}\8.7\409 | Access |
| HKEY_CLASSES_ROOT\TypeLib\{2DF8D04C-5BFA-101B-BDE5-00AA0044DE52} | Access |
| HKEY_CLASSES_ROOT\TypeLib\{2DF8D04C-5BFA-101B-BDE5-00AA0044DE52}\2.8 | Access |
| HKEY_CLASSES_ROOT\TypeLib\{2DF8D04C-5BFA-101B-BDE5-00AA0044DE52}\2.8\0 | Access |
| HKEY_CLASSES_ROOT\TypeLib\{2DF8D04C-5BFA-101B-BDE5-00AA0044DE52}\2.8\0\win64 | Access, Read |
| HKEY_CLASSES_ROOT\TypeLib\{2DF8D04C-5BFA-101B-BDE5-00AA0044DE52}\2.8\0\win64\win64 | Access |
| HKEY_CURRENT_USER\Identities | Access |
| HKEY_CURRENT_USER\Identities\{31810C36-5D23-4CCE-A3B4-316DED195C38}\Software\Microsoft\Internet Account Manager\Accounts | Access |
| HKEY_CURRENT_USER\SOFTWARE\Microsoft | Access |
| HKEY_CURRENT_USER\SOFTWARE\Microsoft\Acuhci | Access, Read, Write |
| HKEY_CURRENT_USER\SOFTWARE\Microsoft\Boteun | Access |
| HKEY_CURRENT_USER\SOFTWARE\Microsoft\Direct3D | Access |
| HKEY_CURRENT_USER\SOFTWARE\Microsoft\Exchange | Access |
| HKEY_CURRENT_USER\SOFTWARE\Microsoft\FTP | Access |
| HKEY_CURRENT_USER\SOFTWARE\Microsoft\Fax | Access |
| HKEY_CURRENT_USER\SOFTWARE\Microsoft\Feeds | Access |
| HKEY_CURRENT_USER\SOFTWARE\Microsoft\GDIPlus | Access |
| HKEY_CURRENT_USER\SOFTWARE\Microsoft\IAM | Access |
| HKEY_CURRENT_USER\SOFTWARE\Microsoft\IMEJP | Access |
| HKEY_CURRENT_USER\SOFTWARE\Microsoft\Kaev | Access |
| HKEY_CURRENT_USER\SOFTWARE\Microsoft\Keyboard | Access |
| HKEY_CURRENT_USER\SOFTWARE\Microsoft\Lukuip | Access |
| HKEY_CURRENT_USER\SOFTWARE\Microsoft\MSDAIPP | Access |
| HKEY_CURRENT_USER\SOFTWARE\Microsoft\Notepad | Access |
| HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office | Access |
| HKEY_CURRENT_USER\SOFTWARE\Microsoft\OneDrive | Access |
| HKEY_CURRENT_USER\SOFTWARE\Microsoft\SQMClient | Access |
| HKEY_CURRENT_USER\SOFTWARE\Microsoft\Shared | Access |
| HKEY_CURRENT_USER\SOFTWARE\Microsoft\SkyDrive | Access |
| HKEY_CURRENT_USER\SOFTWARE\Microsoft\Speech | Access |
| HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows | Access |
| HKEY_CURRENT_USER\SOFTWARE\Microsoft\Wisp | Access |
| HKEY_CURRENT_USER\SOFTWARE\Microsoft\wfs | Access |
| HKEY_CURRENT_USER\Software\FileZilla | Access |
| HKEY_CURRENT_USER\Software\FileZilla Client | Access |
| HKEY_CURRENT_USER\Software\Ghisler\Total Commander | Access |
| HKEY_CURRENT_USER\Software\Ghisler\Windows Commander | Access |
| HKEY_CURRENT_USER\Software\GlobalSCAPE\CuteFTP 6 Home\QCToolbar | Access |
| HKEY_CURRENT_USER\Software\GlobalSCAPE\CuteFTP 6 Professional\QCToolbar | Access |
| HKEY_CURRENT_USER\Software\GlobalSCAPE\CuteFTP 7 Home\QCToolbar | Access |
| HKEY_CURRENT_USER\Software\GlobalSCAPE\CuteFTP 7 Professional\QCToolbar | Access |
| HKEY_CURRENT_USER\Software\GlobalSCAPE\CuteFTP 8 Home\QCToolbar | Access |
| HKEY_CURRENT_USER\Software\GlobalSCAPE\CuteFTP 8 Professional\QCToolbar | Access |
| HKEY_CURRENT_USER\Software\GlobalSCAPE\CuteFTP 9\QCToolbar | Access |
| HKEY_CURRENT_USER\Software\Martin Prikryl | Access |
| HKEY_CURRENT_USER\Software\Microsoft\Command Processor | Access, Read |
| HKEY_CURRENT_USER\Software\Microsoft\Internet Account Manager\Accounts | Access |
| HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\IntelliForms\FormData | Access |
| HKEY_CURRENT_USER\Software\Microsoft\Office\15.0\Outlook\Profiles\Outlook | Access |
| HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook | Access |
| HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\0a0d020000000000c000000000000046 | Access |
| HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\13dbb0c8aa05101a9bb000aa002fc45a | Access |
| HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\189cba75c69c634996739bac92103ebb | Access |
| HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\1a8bd43e654f65418fbafadeef063a57 | Access |
| HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\1cfb96c6c96b454ebff73da2e9f63f51 | Access |
| HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\3517490d76624c419a828607e2a54604 | Access |
| HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\467888fc50a6c6448d6cc0cf7b5307d6 | Access |
| HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\48dea081c9634a43a6861907855add5c | Access |
| HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\55aad8d134512d438564aa678cb92d66 | Access |
| HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\71b0295bef58e344911262b243f005ac | Access |
| HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\8503020000000000c000000000000046 | Access |
| HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9207f3e0a3b11019908b08002b2a56c2 | Access |
| HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676 | Access |
| HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000001 | Access, Read |
| HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000002 | Access, Read |
| HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000003 | Access, Read |
| HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\f86ed2903a4a11cfb57e524153480001 | Access |
| HKEY_CURRENT_USER\Software\Microsoft\Office\Outlook\OMI Account Manager\Accounts | Access |
| HKEY_CURRENT_USER\Software\Microsoft\VBA\7.1\Common | Access, Read |
| HKEY_CURRENT_USER\Software\Microsoft\Windows Live Mail | Access |
| HKEY_CURRENT_USER\Software\Microsoft\Windows Mail | Access, Read |
| HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Microsoft Outlook Internet Settings | Access |
| HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook | Access |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\Currentversion\Run | Access, Write |
| HKEY_CURRENT_USER\Software\Mozilla | Access |
| HKEY_CURRENT_USER\Software\Mozilla\Firefox | Access, Read |
| HKEY_CURRENT_USER\Software\Mozilla\Firefox\Crash Reporter | Access, Read |
| HKEY_CURRENT_USER\Software\Mozilla\Firefox\TaskBarIDs | Access, Read |
| HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\System | Access |
| HKEY_CURRENT_USER\Software\WINE | Access |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\VBA\Monitors | Access |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion | Access, Read |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall | Access |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AddressBook | Access, Read |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player Plugin | Access, Read |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Connection Manager | Access, Read |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DirectDrawEx | Access, Read |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Fontcore | Access, Read |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome | Access, Read |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE40 | Access, Read |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE4Data | Access, Read |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE5BAKEX | Access, Read |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IEData | Access, Read |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MobileOptionPack | Access, Read |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Mozilla Firefox 25.0 (x86 en-US) | Access, Read |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MozillaMaintenanceService | Access, Read |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SchedulingAgent | Access, Read |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VMRayVMTools | Access, Read |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WIC | Access, Read |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E} | Access, Read |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}.KB2151757 | Access, Read |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}.KB2467173 | Access, Read |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}.KB2524860 | Access, Read |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}.KB2544655 | Access, Read |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}.KB2549743 | Access, Read |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}.KB2565063 | Access, Read |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}.KB982573 | Access, Read |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F03217071FF} | Access, Read |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f} | Access, Read |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3c3aafc8-d898-43ec-998f-965ffdae065a} | Access, Read |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10} | Access, Read |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{582EA838-9199-3518-A05C-DB09462F68EC} | Access, Read |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{68306422-7C57-373F-8860-D26CE4BA2A15} | Access, Read |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2} | Access, Read |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{9BE518E6-ECC6-35A9-88E4-87755C07200F} | Access, Read |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AC76BA86-7AD7-FFFF-7B44-AA0000000001} | Access, Read |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B175520C-86A2-35A7-8619-86DC379688B9} | Access, Read |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB} | Access, Read |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5} | Access, Read |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}.KB2151757 | Access, Read |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}.KB2467173 | Access, Read |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}.KB2524860 | Access, Read |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}.KB2544655 | Access, Read |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}.KB2549743 | Access, Read |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}.KB2565063 | Access, Read |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}.KB982573 | Access, Read |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185} | Access, Read |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6} | Access, Read |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{e52a6842-b0ac-476e-b48f-378a97a67346} | Access, Read |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{e6e75766-da0f-4ba2-9788-6ea593ce702d} | Access, Read |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{f325f05b-f963-4640-a43b-c8a494cdda0f} | Access, Read |
| HKEY_LOCAL_MACHINE\Software\FileZilla | Access |
| HKEY_LOCAL_MACHINE\Software\FileZilla Client | Access |
| HKEY_LOCAL_MACHINE\Software\Ghisler\Total Commander | Access |
| HKEY_LOCAL_MACHINE\Software\Ghisler\Windows Commander | Access |
| HKEY_LOCAL_MACHINE\Software\Martin Prikryl | Access |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor | Access, Read |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Account Manager | Access, Read |
| HKEY_LOCAL_MACHINE\Software\Mozilla | Access |
| HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox | Access, Read |
| HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\TaskBarIDs | Access, Read |
| HKEY_LOCAL_MACHINE\Software\Mozilla\Mozilla Firefox | Access, Read |
| HKEY_LOCAL_MACHINE\Software\Mozilla\Mozilla Firefox 25.0 | Access, Read |
| HKEY_LOCAL_MACHINE\Software\Mozilla\Mozilla Firefox 25.0\bin | Access, Read |
| HKEY_LOCAL_MACHINE\Software\Mozilla\Mozilla Firefox 25.0\extensions | Access, Read |
| HKEY_LOCAL_MACHINE\Software\Mozilla\Mozilla Firefox\25.0 (en-US) | Access, Read |
| HKEY_LOCAL_MACHINE\Software\Mozilla\Mozilla Firefox\25.0 (en-US)\Main | Access, Read |
| HKEY_LOCAL_MACHINE\Software\Mozilla\Mozilla Firefox\25.0 (en-US)\Uninstall | Access, Read |
| HKEY_LOCAL_MACHINE\Software\WINE | Access |
| win64 | Access |
| Mutex Name | Operations |
|---|---|
| 1F4C22565107A34AD73CB0F585F8F77C | Access |
| 20BC29E135FB9B01285187E3B5593CC8 | Access |
| 35D65C8FBCA06952705002450D6712FC | Access |
| 4786CF0F1E6E9E20640CE4A22DFFC997 | Access |
| 61AB4C4AE08220DC5911D67B8EFCF107 | Access, Delete |
| 629BC138D148FEC80DAF76D454EF252E | Access |
| 9B4D68961731FE3C22DA08B640799EB6 | Access, Delete |
| A354992B05F4DA0EB1B4AB788E3CE988 | Access |
| A63A6CDA308CF3B4F10C6B82D6B9EA5B | Access |
| ABC6B5B774FF9FD7F54EC277098C64EE | Access, Delete |
| B3F6E53F120A5BE5825B9C06159BB3F4 | Access, Delete |
| C2E6ECE9938A43206F172A85684E36DB | Access |
| CEE48AFA231AB21CA6E2437DB844BAD7 | Access |
| D3F6CAB61E96B029AD170EEF2C2F89C2 | Access, Delete |
| E58EFF540968A436E982FCFA1C0445A2 | Access |
| F063546A5853AF5508DB5A15751DB34A | Access, Delete |
| Frz_State | Access |
| Sandboxie_SingleInstanceMutex_Control | Access |
| URL | Operations |
|---|---|
| https://www.dropbox.com/s/7b9332r6vmiuhxl/1qesyozananrivoxityof.exe?dl=1 | GET |
| aaopsjdf.top/rJpywFLn/qEw5K/MR6O/POc/7o/nJ0wa/sGw | POST |
| aaopsjdf.top/Ar1DanzSs/m3/R4FdJSDs6/d5Y/uB/4CGO/Dw | POST |
| aaopsjdf.top/IQwhNdoN6/k1c-Of1YG/9PY7a/j/Hz/A6EGg | POST |
| aaopsjdf.top/YUEnTzeD/g1/MMP-/d/GEdm38bze8D/qFMQ/ | POST |
| aaopsjdf.top/3RWlxZsXKo/6VQe/PctmB8Wly8ri8y/yYLw | POST |
| aaopsjdf.top/va0u0MjZ9u/rGd5J/INxHsf/X/0/Y/_RlD/X/Q/OA/ | POST |
| aaopsjdf.top/Uvg4D/j/3AuZ/fdpAv/ra4Kz/Gw3S/kI/A | POST |
| aaopsjdf.top/yMGvio/o0sO/J9/p/TDdCp0pD/f/3Q2nAw/ | POST |
| aaopsjdf.top/1c2/62V7Y/NAORf7clZ/q/Cl/SPSRA | POST |
| aaopsjdf.top/KJ2L/k/Ux7/H/f/h2RtGl/7s/v8/7wrSO/Q | POST |
| aaopsjdf.top/up9k/r3ZwOs/ZMTfab1M/Db/0/TDZH/g | POST |
| aaopsjdf.top/4Fqm5f1XYW/7kA/4P/IZa/R/cW38/83/21/S3V/Ew | POST |
| aaopsjdf.top/WRBw5Vr/jVQLJoZqB/sq/85o6F8/jK3/Jw | POST |
| aaopsjdf.top/wJzm/rUw/zPMR2D/vC/Z/7/oPd/0wqaGA | POST |
| aaopsjdf.top/MYXYt50L/l18RCMcJRNGj_aHp0/HXQOQ | POST |
| aaopsjdf.top/di/vm/8tO/N/d/VEPSK/z/Z3Z/w/Cm/EHA | POST |
| aaopsjdf.top/dnoLVKjaeD/vmgm/HeV3HvyL/4/J3ey/w/y/2Pg | POST |
| aaopsjdf.top/v6mlq8VpQl/rDA/k/P/cI/EIu/2_yI-/G/y/SyRTQ | POST |
| aaopsjdf.top/9TzYkm/41IzC/N/hR/TcmU_ZLdnRSaLA | POST |
| aaopsjdf.top/dtSYRF8h/vnIaCOF/6TPWK0Krp9g/b/YH/Q/ | POST |
| aaopsjdf.top/sjtXcaxKxG/qW/w9/CdBdDN/a/W/44ra0Bi/DFA/ | POST |
| aaopsjdf.top/bjJ0Il/u/GwDYfpQFveklLDcx/iq/qRQ | POST |
| aaopsjdf.top/Yjc2A8Gst/g/2/wqY_IEM-6a_ZPTl/gH/YMg | POST |
| aaopsjdf.top/IPPKGT6kjF/k1/YZGv/RoQvaE4rDg9/AunIQ | POST |
| aaopsjdf.top/X8CyRU/gj4KKOFp/LKWt3avl_/H/ijD/A | POST |
| www.google.com/ | GET |
| IP | Protocols |
|---|---|
| 162.125.66.1 | HTTPS, TCP |
| 95.163.251.164 | HTTPS, TCP |
| 216.58.205.196 | HTTPS, TCP |
This feature requires an online-connection to the VMRay backend.
An offline version with limited functionality is also provided.
The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy".
